Redesign peer's Identity class.
#1436
Comments
|
Some thoughts about this : Current Design:Currently we have 1 class called public class Identity {
InetSocketAddress peerAddress;
String pskIdentity;
PublicKey rawPublicKey;
String x509CommonName;
OscoreIdentity oscoreIdentity;
...
}This idea of that class was to identified a Foreign Peer (Client or Server) Current Drawbacks :But there is maybe several issues with this design :
Some Concepts :Here some similar concept in Java :
I'm not sure we should reuse those classes but we should maybe create a new class hierarchy to separate foreign peer and identity concepts ? About naming I don't know ?
Proposed Design :I guess classes could looks like public interface Peer {
Identity getIdentity()
}
public class IpPeer implements Peer { // This class is to anticipate Non-IP protocol
InetSocketAddress getSocketAddress()
Identity getIdentity()
}
public interface Identity {
String getKeyIdentifier() // TODO I don't know if we really need this.
String toString();
boolean equals(Object obj)
int hashCode();
}
public class SocketIdentity implements Identity {
InetSocketAddress getSocketAddress();
}
public class PskIdentity implements Identity {
String getIdentity();
}
public class RpkIdentity implements Identity {
PublicKey getPublicKey();
}
public class X509Identity implements Identity {
String getX509CommonName(); // when we will go futher we will probably see that current design is too limited.
}
public class OscoreIdentity implements Identity {
byte[] getRecipientId();
}OSCORE + TLS case :Now there is one problem with this design ... OSCORE can be used togeter with (D)TLS protocol.
public class OscoreOverTlsIdentity implements Identity {
OscoreIdentity getOscoreIdentity();
Identity getTlsIdentity(); // we can create a TlsIdentity interface.
}@JaroslawLegierski, @jvermillard, @rikard-sics if you have any opinions / ideas about this, do not hesitate to share. |
|
Just see, we maybe also need to think about Identity of Gateway (#1237) |
|
Maybe the name LwM2mIdentity would be better to differentiate new identity design from the current solution ? for non IP devices we can extend IpPeer class by adding in the future: e.g. for LoRaWAN for OSCORE with (D)TLS proposal of usage OscoreOverTlsIdentity class is in my opinion very good idea. |
|
@JaroslawLegierski thx for feedback.
You think this will help for migration ? |
Yes mainly for migration For better understanding your concept I started preparing PoC From what I understood Identity will be replaced by IpPeer from API user point of view e.g: here ? I'm not sure what the getKeyIdentifier() method should return something like this "EP#IDENTITY#" (for Redis)? |
👍
Yep.
Nope. I was thinking that maybe this getter could help store implementation as this string could be used by store as index to search by Identity. E.G. a PskIdentity will maybe returns something like But I'm not sure this is a good idea to do that in that class. |
|
I created first working version IpPeer implementation:
|
|
👍 I will start to look at this on 3rd May. |
|
I created PR #1445 with your work (2 commit squashed in one) rebased on About,
I think this not just about replacing Identity by IpPeer, some |
Co-authored-by: Simon Bernard <sbernard@sierrawireless.com>
|
Since #1436 is integrated in |
At #1421, we discover that we have maybe an issue with current
Identityclass/concept in Leshan.(from : #1421 (comment))
This issue aims to talk about a new design.
This will probably lead to some Redis Serialization break again 😬 (See #1417)
The text was updated successfully, but these errors were encountered: