-
Notifications
You must be signed in to change notification settings - Fork 408
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redesign peer's Identity
class.
#1436
Comments
Some thoughts about this : Current Design:Currently we have 1 class called public class Identity {
InetSocketAddress peerAddress;
String pskIdentity;
PublicKey rawPublicKey;
String x509CommonName;
OscoreIdentity oscoreIdentity;
...
} This idea of that class was to identified a Foreign Peer (Client or Server) Current Drawbacks :But there is maybe several issues with this design :
Some Concepts :Here some similar concept in Java :
I'm not sure we should reuse those classes but we should maybe create a new class hierarchy to separate foreign peer and identity concepts ? About naming I don't know ?
Proposed Design :I guess classes could looks like public interface Peer {
Identity getIdentity()
}
public class IpPeer implements Peer { // This class is to anticipate Non-IP protocol
InetSocketAddress getSocketAddress()
Identity getIdentity()
}
public interface Identity {
String getKeyIdentifier() // TODO I don't know if we really need this.
String toString();
boolean equals(Object obj)
int hashCode();
}
public class SocketIdentity implements Identity {
InetSocketAddress getSocketAddress();
}
public class PskIdentity implements Identity {
String getIdentity();
}
public class RpkIdentity implements Identity {
PublicKey getPublicKey();
}
public class X509Identity implements Identity {
String getX509CommonName(); // when we will go futher we will probably see that current design is too limited.
}
public class OscoreIdentity implements Identity {
byte[] getRecipientId();
} OSCORE + TLS case :Now there is one problem with this design ... OSCORE can be used togeter with (D)TLS protocol.
public class OscoreOverTlsIdentity implements Identity {
OscoreIdentity getOscoreIdentity();
Identity getTlsIdentity(); // we can create a TlsIdentity interface.
} @JaroslawLegierski, @jvermillard, @rikard-sics if you have any opinions / ideas about this, do not hesitate to share. |
Just see, we maybe also need to think about Identity of Gateway (#1237) |
Maybe the name LwM2mIdentity would be better to differentiate new identity design from the current solution ? for non IP devices we can extend IpPeer class by adding in the future: e.g. for LoRaWAN for OSCORE with (D)TLS proposal of usage OscoreOverTlsIdentity class is in my opinion very good idea. |
@JaroslawLegierski thx for feedback.
You think this will help for migration ? |
Yes mainly for migration For better understanding your concept I started preparing PoC From what I understood Identity will be replaced by IpPeer from API user point of view e.g: here ? I'm not sure what the getKeyIdentifier() method should return something like this "EP#IDENTITY#" (for Redis)? |
👍
Yep.
Nope. I was thinking that maybe this getter could help store implementation as this string could be used by store as index to search by Identity. E.G. a PskIdentity will maybe returns something like But I'm not sure this is a good idea to do that in that class. |
I created first working version IpPeer implementation:
|
👍 I will start to look at this on 3rd May. |
I created PR #1445 with your work (2 commit squashed in one) rebased on About,
I think this not just about replacing Identity by IpPeer, some |
Co-authored-by: Simon Bernard <[email protected]>
Since #1436 is integrated in |
At #1421, we discover that we have maybe an issue with current
Identity
class/concept in Leshan.(from : #1421 (comment))
This issue aims to talk about a new design.
This will probably lead to some Redis Serialization break again 😬 (See #1417)
The text was updated successfully, but these errors were encountered: