Updates for COSE context and SAND draft

Updating to new doc AAD Scope and additional unprotected definitions.

container/Dockerfile

@@ -1,22 +1,44 @@
-FROM ubuntu:20.04
-ENV DEBIAN_FRONTEND=noninteractive
+FROM ubuntu:22.04 AS systemd-base
+ENV DEBIAN_FRONTEND="noninteractive"
 
-# Use systemd as container executive
-RUN --mount=type=cache,target=/var/cache/apt apt-get update && \
-    apt-get install -yq systemd systemd-sysv && \
-    systemctl mask getty-static.service getty@tty1.service systemd-logind.service && \
-    systemctl disable ssh
+ENV PIP_CERT=/etc/ssl/certs/ca-certificates.crt
+ENV PIP_DEFAULT_TIMEOUT=300
+ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
+
+# Distro upgrade for security patches
+RUN apt-get update && apt-get upgrade -y
+
+# Use systemd as top-level process
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    apt-get update && apt-get install -y systemd systemd-sysv
+RUN systemctl mask systemd-logind && \
+    systemctl mask console-getty && \
+    systemctl disable getty@tty1 && \
+    systemctl disable apt-daily.timer apt-daily-upgrade.timer && \
+    systemctl disable systemd-timesyncd && \
+    systemctl disable systemd-networkd && \
+    echo "MulticastDNS=no" >>/etc/systemd/resolved.conf
 CMD [ "/sbin/init" ]
 
-RUN --mount=type=cache,target=/var/cache/apt apt-get update && \
-    apt-get install -yq git python3-pip \
-    python3-setuptools python3-cairo python3-gi python3-dbus dbus
-# Manual pycose separate from pip
-#RUN --mount=type=cache,target=/root/.cache pip3 install git+https://github.com/TimothyClaeys/pycose.git@master
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    apt-get update && \
+    apt-get install -yq git python3-pip python3-venv pkg-config \
+    python3-setuptools \
+    python3-cairo \
+    python3-gi \
+    python3-dbus dbus \
+    rustc cargo
+RUN --mount=type=cache,target=/root/.cache/pip \
+    pip3 install --upgrade pip && \
+    pip3 install pip-tools maturin
 
+COPY pyproject.toml /root/agent/
+#RUN --mount=type=cache,target=/root/.cache/pip \
+#    cd /root/agent && \
+#    pip-compile pyproject.toml && \
+#    pip3 install -r requirements.txt
 COPY src/ /root/agent/src/
-COPY setup.py /root/agent/
-RUN --mount=type=cache,target=/root/.cache pip3 install /root/agent
+RUN --mount=type=cache,target=/root/.cache/pip pip3 install /root/agent
 
 COPY container/dbus.conf /etc/dbus-1/system.d/org.ietf.dtn.conf
 COPY container/*.service container/*.slice /usr/local/lib/systemd/system/

container/example.yaml

@@ -10,7 +10,7 @@ nodes:
     nets: [dtnA]
     keys:
        sign:
-          keytype: RSA
+          keytype: SECP256R1
     config:
        apps:
           nmp:

container/run.py

@@ -79,6 +79,8 @@ def action(self, act):
 
             nowtime = datetime.datetime.now(datetime.timezone.utc)
 
+            os.makedirs(os.path.join('container', 'workdir'), exist_ok=True)
+
             # Private CA
             ca_key = generate_key({})
             with open(os.path.join('container', 'workdir', 'ca.key'), 'wb') as outfile:
@@ -230,7 +232,7 @@ def action(self, act):
                             'address': '0.0.0.0',
                             'multicast_member': [
                                 {
-                                    'addr': '224.0.0.1',
+                                    'addr': '224.0.1.186',
                                 },
                             ],
                         })
@@ -239,7 +241,7 @@ def action(self, act):
                             'address': '::',
                             'multicast_member': [
                                 {
-                                    'addr': 'FF02:0:0:0:0:0:0:1',
+                                    'addr': 'FF05::1:5',
                                     'iface': 'eth0',
                                 },
                             ],
@@ -349,7 +351,7 @@ def action(self, act):
         elif act == 'stop':
             self.run_docker(
                 ['container', 'stop']
-                + [node_name for node_name in self._config['nodes'].keys()]
+                +[node_name for node_name in self._config['nodes'].keys()]
             )
 
         elif act == 'delete':

pyproject.toml

@@ -0,0 +1,83 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "ietf-dtn-demo-agent"
+version = "0.0.0"
+authors = [
+  { name="Brian Sipos", email="brian.sipos+ietf@gmail.com" },
+]
+description = "A demonstration agent for the DTN BPv7/TCPCLv4/UDPCL"
+readme = "README.md"
+license = { text="LGPL-3" }
+requires-python = ">=3.7"
+classifiers = [
+  "Development Status :: 4 - Beta",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: GNU Lesser General Public License (LGPL)",
+  "Programming Language :: Python :: 3",
+  "Operating System :: OS Independent",
+  "Topic :: Software Development :: Libraries",
+]
+
+dependencies = [
+  "asn1",
+  "cbor2 >=4.1",
+  "pycose >=1.0.1",
+  "crcmod >=1.7",
+  "cryptography >=0.9",
+  "certvalidator",
+  "dbus-python",
+  "lakers-python",
+  "portion >=2.1",
+  "psutil",
+  "PyGObject >=3.34", # glib integration
+  "PyYAML",
+  "python3-dtls",
+  "scapy >=2.4,<2.4.5",
+  "six",
+]
+
+[project.optional-dependencies]
+test = [
+  "pytest",
+  "pytest-cov",
+  "coverage",
+]
+pylint = [
+  "pylint",
+  "pylint_junit",
+]
+flake8 = [
+  "flake8",
+  "flake8_pyproject",
+  "flake8_formatter_junit_xml",
+]
+docs = [
+  "sphinx <6",
+  "sphinx_rtd_theme",
+  "sphinx-argparse",
+]
+
+[tool.pylint.MAIN]
+load-plugins="pylint_junit"
+suggestion-mode="no"
+[tool.pylint.FORMAT]
+max-line-length=100
+[tool.pylint.DESIGN]
+min-public-methods=1
+
+[tool.flake8]
+max-line-length=100
+
+[project.scripts]
+tcpcl-messagegen = "tcpcl.test.messagegen:main"
+tcpcl-bundlegen = "tcpcl.test.bundlegen:main"
+tcpcl-agent = "tcpcl.cmd:main"
+udpcl-agent = "udpcl.cmd:main"
+bp-agent = "bp.cmd:main"
+
+[project.urls]
+"Homepage" = "https://github.com/BrianSipos/dtn-demo-agent"
+"Bug Tracker" = "https://github.com/BrianSipos/dtn-demo-agent/issues"

src/bp/agent.py

@@ -2,6 +2,7 @@
 '''
 import datetime
 import logging
+import traceback
 import dbus.service
 from gi.repository import GLib as glib
 import cbor2
@@ -59,7 +60,7 @@ class Agent(dbus.service.Object):
     :type bus_kwargs: dict or None
     '''
 
-    #: Interface name
+    # : Interface name
     DBUS_IFACE = 'org.ietf.dtn.bp.Agent'
 
     def __init__(self, config, bus_kwargs=None):
@@ -73,7 +74,7 @@ def __init__(self, config, bus_kwargs=None):
         self._logger = logging.getLogger(__name__ + '.' + self.__class__.__name__)
         self._config = config
         self._on_stop = None
-        #: Set when shutdown() is called and waiting on sessions
+        # : Set when shutdown() is called and waiting on sessions
         self._in_shutdown = False
 
         self.timestamp = Timestamper()
@@ -301,6 +302,7 @@ def recv_bundle(self, ctr):
                     break
             except Exception as err:
                 self._logger.error('Step %5.1f failed with exception: %s', step.order, err)
+                self._logger.debug('%s', traceback.format_exc())
                 break
 
         if 'delete' in ctr.actions:
@@ -397,11 +399,15 @@ def send_bundle(self, ctr):
                     break
             except Exception as err:
                 self._logger.error('Step %5.1f failed with exception: %s', step.order, err)
+                self._logger.debug('%s', traceback.format_exc())
                 break
 
         if ctr.route and not ctr.sender:
             # Assume the route is a TxRouteItem
-            ctr.sender = self._cl_agent[ctr.route.cl_type].send_bundle_func(ctr.route.raw_config)
+            cl_obj = self._cl_agent.get(ctr.route.cl_type)
+            if cl_obj:
+                self._logger.info('send_bundle raw_config %s', ctr.route.raw_config)
+                ctr.sender = cl_obj.send_bundle_func(ctr.route.raw_config)
 
         if ctr.sender is None:
             raise RuntimeError('TX chain completed with no sender for %s', ctr.log_name())
@@ -410,10 +416,10 @@ def send_bundle(self, ctr):
         ctr.bundle.fill_fields()
         ctr.bundle.update_all_crc()
 
-        self._logger.debug('Sending bundle\n%s', ctr.bundle.show(dump=True))
+        # self._logger.debug('Sending bundle\n%s', ctr.bundle.show(dump=True))
         data = bytes(ctr.bundle)
         self._logger.info('send_bundle size %d', len(data))
-        self._logger.debug('send_bundle data %s', encode_diagnostic(cbor2.loads(data)))
+        # self._logger.debug('send_bundle data %s', encode_diagnostic(cbor2.loads(data)))
         ctr.sender(data)
 
     @dbus.service.method(DBUS_IFACE, in_signature='ss', out_signature='')