Changes to WSPR to support go-style blessing
MultiPart: 2/2
Change-Id: If705ec2c626a7f3d5ad80e5e872d31afe21d2b9d
diff --git a/services/wsprd/account/account.vdl b/services/wsprd/account/account.vdl
index c6d6fee..25d7f0d 100644
--- a/services/wsprd/account/account.vdl
+++ b/services/wsprd/account/account.vdl
@@ -5,7 +5,8 @@
package account
// Caveat describes a restriction on the validity of a blessing/discharge.
+// TODO Remove this
type Caveat struct {
Type string
Args string
-}
\ No newline at end of file
+}
diff --git a/services/wsprd/account/account.vdl.go b/services/wsprd/account/account.vdl.go
index 857066c..9b14fc6 100644
--- a/services/wsprd/account/account.vdl.go
+++ b/services/wsprd/account/account.vdl.go
@@ -13,6 +13,7 @@
)
// Caveat describes a restriction on the validity of a blessing/discharge.
+// TODO Remove this
type Caveat struct {
Type string
Args string
diff --git a/services/wsprd/app/app.go b/services/wsprd/app/app.go
index 2a6fa25..b71db40 100644
--- a/services/wsprd/app/app.go
+++ b/services/wsprd/app/app.go
@@ -27,7 +27,6 @@
"v.io/v23/vom"
"v.io/v23/vtrace"
"v.io/x/lib/vlog"
- vsecurity "v.io/x/ref/security"
"v.io/x/ref/services/wsprd/lib"
"v.io/x/ref/services/wsprd/namespace"
"v.io/x/ref/services/wsprd/principal"
@@ -92,8 +91,8 @@
// the default implementation.
writerCreator func(id int32) lib.ClientWriter
- // Store for all the Blessings that javascript has a handle to.
- blessingsStore *principal.JSBlessingsHandles
+ // Cache for all the Blessings that javascript has a handle to.
+ blessingsCache *principal.JSBlessingsHandles
// reservedServices contains a map of reserved service names. These
// are objects that serve requests in wspr without actually making
@@ -126,7 +125,7 @@
cancel: cancel,
writerCreator: writerCreator,
listenSpec: listenSpec,
- blessingsStore: principal.NewJSBlessingsHandles(),
+ blessingsCache: principal.NewJSBlessingsHandles(),
}
controllerInvoker, err := rpc.ReflectInvoker(ControllerServer(controller))
@@ -273,8 +272,8 @@
// the handle to it. This function exists because JS only has
// a handle to the blessings to avoid shipping the certificate forest
// to JS and back.
-func (c *Controller) AddBlessings(blessings security.Blessings) int32 {
- return c.blessingsStore.Add(blessings)
+func (c *Controller) AddBlessings(blessings security.Blessings) principal.BlessingsHandle {
+ return c.blessingsCache.Add(blessings)
}
// Cleanup cleans up any outstanding rpcs.
@@ -687,65 +686,54 @@
}
// UnlinkBlessings removes the given blessings from the blessings store.
-func (c *Controller) UnlinkBlessings(_ rpc.ServerCall, handle int32) error {
- c.blessingsStore.Remove(handle)
+func (c *Controller) UnlinkBlessings(_ rpc.ServerCall, handle principal.BlessingsHandle) error {
+ c.blessingsCache.Remove(handle)
return nil
}
-// BlessPublicKey creates a new blessing.
-func (c *Controller) BlessPublicKey(_ rpc.ServerCall,
- handle int32,
- caveats []security.Caveat,
- duration time.Duration,
- extension string) (int32, string, error) {
- var blessee security.Blessings
- if blessee = c.blessingsStore.Get(handle); blessee.IsZero() {
- return 0, "", verror.New(invalidBlessingsHandle, nil)
+// Bless binds extensions of blessings held by this principal to
+// another principal (represented by its public key).
+func (c *Controller) Bless(_ rpc.ServerCall,
+ publicKey string,
+ blessingHandle principal.BlessingsHandle,
+ extension string,
+ caveats []security.Caveat) (string, principal.BlessingsHandle, error) {
+ var inputBlessing security.Blessings
+ if inputBlessing = c.blessingsCache.Get(blessingHandle); inputBlessing.IsZero() {
+ return "", principal.ZeroHandle, verror.New(invalidBlessingsHandle, nil)
}
- expiryCav, err := security.ExpiryCaveat(time.Now().Add(duration))
+ key, err := principal.DecodePublicKey(publicKey)
if err != nil {
- return 0, "", err
+ return "", principal.ZeroHandle, err
}
- caveats = append(caveats, expiryCav)
- // TODO(ataly, ashankar, bjornick): Currently the Bless operation is carried
- // out using the Default blessing in this principal's blessings store. We
- // should change this so that the JS blessing request can also specify the
- // blessing to be used for the Bless operation.
+ if len(caveats) == 0 {
+ caveats = append(caveats, security.UnconstrainedUse())
+ }
+
p := v23.GetPrincipal(c.ctx)
- key := blessee.PublicKey()
- blessing := p.BlessingStore().Default()
- blessings, err := p.Bless(key, blessing, extension, caveats[0], caveats[1:]...)
+ blessings, err := p.Bless(key, inputBlessing, extension, caveats[0], caveats[1:]...)
if err != nil {
- return 0, "", err
+ return "", principal.ZeroHandle, err
}
- handle = c.blessingsStore.Add(blessings)
- encodedKey, err := principal.EncodePublicKey(blessings.PublicKey())
- if err != nil {
- return 0, "", err
- }
- return handle, encodedKey, nil
+ handle := c.blessingsCache.Add(blessings)
+ return publicKey, handle, nil
}
-// CreateBlessings creates a new principal self-blessed with the given extension.
-func (c *Controller) CreateBlessings(_ rpc.ServerCall,
- extension string) (int32, string, error) {
- p, err := vsecurity.NewPrincipal()
- if err != nil {
- return 0, "", verror.Convert(verror.ErrInternal, nil, err)
- }
+// BlessSelf creates a blessing with the provided name for this principal.
+func (c *Controller) BlessSelf(call rpc.ServerCall,
+ extension string, caveats []security.Caveat) (string, principal.BlessingsHandle, error) {
+ p := v23.GetPrincipal(c.ctx)
blessings, err := p.BlessSelf(extension)
if err != nil {
- return 0, "", verror.Convert(verror.ErrInternal, nil, err)
+ return "", principal.ZeroHandle, verror.Convert(verror.ErrInternal, nil, err)
}
- handle := c.blessingsStore.Add(blessings)
- encodedKey, err := principal.EncodePublicKey(blessings.PublicKey())
- if err != nil {
- return 0, "", err
- }
- return handle, encodedKey, nil
+ handle := c.blessingsCache.Add(blessings)
+
+ encKey, err := principal.EncodePublicKey(p.PublicKey())
+ return encKey, handle, err
}
func (c *Controller) RemoteBlessings(call rpc.ServerCall, name, method string) ([]string, error) {
diff --git a/services/wsprd/app/controller.vdl b/services/wsprd/app/controller.vdl
index cff5208..5298f7b 100644
--- a/services/wsprd/app/controller.vdl
+++ b/services/wsprd/app/controller.vdl
@@ -6,9 +6,9 @@
import (
"signature"
- "time"
"v.io/v23/security"
+ "v.io/x/ref/services/wsprd/principal"
)
type Controller interface {
@@ -24,11 +24,12 @@
RemoveName(serverId uint32, name string) error
// UnlinkBlessings removes the given blessings from the blessings store.
- UnlinkBlessings(handle int32) error
- // BlessPublicKey creates a new blessing.
- BlessPublicKey(fromHandle int32, caveats []security.Caveat, durationMs time.Duration, extension string) (handle int32, publicKey string | error)
- // CreateBlessings creates a new principal self-blessed with the given extension.
- CreateBlessings(extension string) (handle int32, publicKey string | error)
+ UnlinkBlessings(handle principal.BlessingsHandle) error
+ // Bless binds extensions of blessings held by this principal to
+ // another principal (represented by its public key).
+ Bless(publicKey string, blessingHandle principal.BlessingsHandle, extension string, caveat []security.Caveat) (string, principal.BlessingsHandle | error)
+ // BlessSelf creates a blessing with the provided name for this principal.
+ BlessSelf(name string, caveats []security.Caveat) (string, principal.BlessingsHandle | error)
// RemoteBlessings fetches the remote blessings for a given name and method.
RemoteBlessings(name, method string) ([]string | error)
diff --git a/services/wsprd/app/controller.vdl.go b/services/wsprd/app/controller.vdl.go
index ffd7bf7..6a985c7 100644
--- a/services/wsprd/app/controller.vdl.go
+++ b/services/wsprd/app/controller.vdl.go
@@ -14,10 +14,9 @@
"v.io/v23/rpc"
// VDL user imports
- "time"
"v.io/v23/security"
"v.io/v23/vdlroot/signature"
- _ "v.io/v23/vdlroot/time"
+ "v.io/x/ref/services/wsprd/principal"
)
// ControllerClientMethods is the client interface
@@ -34,11 +33,12 @@
// RemoveName removes a published name from an existing server.
RemoveName(ctx *context.T, serverId uint32, name string, opts ...rpc.CallOpt) error
// UnlinkBlessings removes the given blessings from the blessings store.
- UnlinkBlessings(ctx *context.T, handle int32, opts ...rpc.CallOpt) error
- // BlessPublicKey creates a new blessing.
- BlessPublicKey(ctx *context.T, fromHandle int32, caveats []security.Caveat, durationMs time.Duration, extension string, opts ...rpc.CallOpt) (handle int32, publicKey string, err error)
- // CreateBlessings creates a new principal self-blessed with the given extension.
- CreateBlessings(ctx *context.T, extension string, opts ...rpc.CallOpt) (handle int32, publicKey string, err error)
+ UnlinkBlessings(ctx *context.T, handle principal.BlessingsHandle, opts ...rpc.CallOpt) error
+ // Bless binds extensions of blessings held by this principal to
+ // another principal (represented by its public key).
+ Bless(ctx *context.T, publicKey string, blessingHandle principal.BlessingsHandle, extension string, caveat []security.Caveat, opts ...rpc.CallOpt) (string, principal.BlessingsHandle, error)
+ // BlessSelf creates a blessing with the provided name for this principal.
+ BlessSelf(ctx *context.T, name string, caveats []security.Caveat, opts ...rpc.CallOpt) (string, principal.BlessingsHandle, error)
// RemoteBlessings fetches the remote blessings for a given name and method.
RemoteBlessings(ctx *context.T, name string, method string, opts ...rpc.CallOpt) ([]string, error)
// Signature fetches the signature for a given name.
@@ -110,7 +110,7 @@
return
}
-func (c implControllerClientStub) UnlinkBlessings(ctx *context.T, i0 int32, opts ...rpc.CallOpt) (err error) {
+func (c implControllerClientStub) UnlinkBlessings(ctx *context.T, i0 principal.BlessingsHandle, opts ...rpc.CallOpt) (err error) {
var call rpc.ClientCall
if call, err = c.c(ctx).StartCall(ctx, c.name, "UnlinkBlessings", []interface{}{i0}, opts...); err != nil {
return
@@ -119,18 +119,18 @@
return
}
-func (c implControllerClientStub) BlessPublicKey(ctx *context.T, i0 int32, i1 []security.Caveat, i2 time.Duration, i3 string, opts ...rpc.CallOpt) (o0 int32, o1 string, err error) {
+func (c implControllerClientStub) Bless(ctx *context.T, i0 string, i1 principal.BlessingsHandle, i2 string, i3 []security.Caveat, opts ...rpc.CallOpt) (o0 string, o1 principal.BlessingsHandle, err error) {
var call rpc.ClientCall
- if call, err = c.c(ctx).StartCall(ctx, c.name, "BlessPublicKey", []interface{}{i0, i1, i2, i3}, opts...); err != nil {
+ if call, err = c.c(ctx).StartCall(ctx, c.name, "Bless", []interface{}{i0, i1, i2, i3}, opts...); err != nil {
return
}
err = call.Finish(&o0, &o1)
return
}
-func (c implControllerClientStub) CreateBlessings(ctx *context.T, i0 string, opts ...rpc.CallOpt) (o0 int32, o1 string, err error) {
+func (c implControllerClientStub) BlessSelf(ctx *context.T, i0 string, i1 []security.Caveat, opts ...rpc.CallOpt) (o0 string, o1 principal.BlessingsHandle, err error) {
var call rpc.ClientCall
- if call, err = c.c(ctx).StartCall(ctx, c.name, "CreateBlessings", []interface{}{i0}, opts...); err != nil {
+ if call, err = c.c(ctx).StartCall(ctx, c.name, "BlessSelf", []interface{}{i0, i1}, opts...); err != nil {
return
}
err = call.Finish(&o0, &o1)
@@ -169,11 +169,12 @@
// RemoveName removes a published name from an existing server.
RemoveName(call rpc.ServerCall, serverId uint32, name string) error
// UnlinkBlessings removes the given blessings from the blessings store.
- UnlinkBlessings(call rpc.ServerCall, handle int32) error
- // BlessPublicKey creates a new blessing.
- BlessPublicKey(call rpc.ServerCall, fromHandle int32, caveats []security.Caveat, durationMs time.Duration, extension string) (handle int32, publicKey string, err error)
- // CreateBlessings creates a new principal self-blessed with the given extension.
- CreateBlessings(call rpc.ServerCall, extension string) (handle int32, publicKey string, err error)
+ UnlinkBlessings(call rpc.ServerCall, handle principal.BlessingsHandle) error
+ // Bless binds extensions of blessings held by this principal to
+ // another principal (represented by its public key).
+ Bless(call rpc.ServerCall, publicKey string, blessingHandle principal.BlessingsHandle, extension string, caveat []security.Caveat) (string, principal.BlessingsHandle, error)
+ // BlessSelf creates a blessing with the provided name for this principal.
+ BlessSelf(call rpc.ServerCall, name string, caveats []security.Caveat) (string, principal.BlessingsHandle, error)
// RemoteBlessings fetches the remote blessings for a given name and method.
RemoteBlessings(call rpc.ServerCall, name string, method string) ([]string, error)
// Signature fetches the signature for a given name.
@@ -231,16 +232,16 @@
return s.impl.RemoveName(call, i0, i1)
}
-func (s implControllerServerStub) UnlinkBlessings(call rpc.ServerCall, i0 int32) error {
+func (s implControllerServerStub) UnlinkBlessings(call rpc.ServerCall, i0 principal.BlessingsHandle) error {
return s.impl.UnlinkBlessings(call, i0)
}
-func (s implControllerServerStub) BlessPublicKey(call rpc.ServerCall, i0 int32, i1 []security.Caveat, i2 time.Duration, i3 string) (int32, string, error) {
- return s.impl.BlessPublicKey(call, i0, i1, i2, i3)
+func (s implControllerServerStub) Bless(call rpc.ServerCall, i0 string, i1 principal.BlessingsHandle, i2 string, i3 []security.Caveat) (string, principal.BlessingsHandle, error) {
+ return s.impl.Bless(call, i0, i1, i2, i3)
}
-func (s implControllerServerStub) CreateBlessings(call rpc.ServerCall, i0 string) (int32, string, error) {
- return s.impl.CreateBlessings(call, i0)
+func (s implControllerServerStub) BlessSelf(call rpc.ServerCall, i0 string, i1 []security.Caveat) (string, principal.BlessingsHandle, error) {
+ return s.impl.BlessSelf(call, i0, i1)
}
func (s implControllerServerStub) RemoteBlessings(call rpc.ServerCall, i0 string, i1 string) ([]string, error) {
@@ -302,32 +303,33 @@
Name: "UnlinkBlessings",
Doc: "// UnlinkBlessings removes the given blessings from the blessings store.",
InArgs: []rpc.ArgDesc{
- {"handle", ``}, // int32
+ {"handle", ``}, // principal.BlessingsHandle
},
},
{
- Name: "BlessPublicKey",
- Doc: "// BlessPublicKey creates a new blessing.",
+ Name: "Bless",
+ Doc: "// Bless binds extensions of blessings held by this principal to\n// another principal (represented by its public key).",
InArgs: []rpc.ArgDesc{
- {"fromHandle", ``}, // int32
- {"caveats", ``}, // []security.Caveat
- {"durationMs", ``}, // time.Duration
- {"extension", ``}, // string
+ {"publicKey", ``}, // string
+ {"blessingHandle", ``}, // principal.BlessingsHandle
+ {"extension", ``}, // string
+ {"caveat", ``}, // []security.Caveat
},
OutArgs: []rpc.ArgDesc{
- {"handle", ``}, // int32
- {"publicKey", ``}, // string
+ {"", ``}, // string
+ {"", ``}, // principal.BlessingsHandle
},
},
{
- Name: "CreateBlessings",
- Doc: "// CreateBlessings creates a new principal self-blessed with the given extension.",
+ Name: "BlessSelf",
+ Doc: "// BlessSelf creates a blessing with the provided name for this principal.",
InArgs: []rpc.ArgDesc{
- {"extension", ``}, // string
+ {"name", ``}, // string
+ {"caveats", ``}, // []security.Caveat
},
OutArgs: []rpc.ArgDesc{
- {"handle", ``}, // int32
- {"publicKey", ``}, // string
+ {"", ``}, // string
+ {"", ``}, // principal.BlessingsHandle
},
},
{
diff --git a/services/wsprd/app/messaging.go b/services/wsprd/app/messaging.go
index 22a092e..d42e6fa 100644
--- a/services/wsprd/app/messaging.go
+++ b/services/wsprd/app/messaging.go
@@ -51,16 +51,10 @@
// A request to stop a server.
StopServerMessage = 6
- // A request to bless a public key.
- BlessPublicKeyMessage = 7
-
// A request to unlink blessings. This request means that
// we can remove the given handle from the handle store.
UnlinkBlessingsMessage = 8
- // A request to create a new random blessings.
- CreateBlessingsMessage = 9
-
// A request to run the lookup function on a dispatcher.
LookupResponseMessage = 11
diff --git a/services/wsprd/app/mock_jsServer_test.go b/services/wsprd/app/mock_jsServer_test.go
index 376fc02..c8ca3f7 100644
--- a/services/wsprd/app/mock_jsServer_test.go
+++ b/services/wsprd/app/mock_jsServer_test.go
@@ -128,7 +128,7 @@
}
// Returns false if the blessing is malformed
-func validateBlessing(blessings principal.BlessingsHandle) bool {
+func validateBlessing(blessings principal.JsBlessings) bool {
return blessings.Handle != 0 && blessings.PublicKey != ""
}
diff --git a/services/wsprd/principal/blessings.go b/services/wsprd/principal/blessings.go
index d869125..37e6317 100644
--- a/services/wsprd/principal/blessings.go
+++ b/services/wsprd/principal/blessings.go
@@ -6,15 +6,16 @@
import (
"encoding/base64"
+
"v.io/v23/security"
)
-func ConvertBlessingsToHandle(blessings security.Blessings, handle int32) *BlessingsHandle {
+func ConvertBlessingsToHandle(blessings security.Blessings, handle BlessingsHandle) *JsBlessings {
encoded, err := EncodePublicKey(blessings.PublicKey())
if err != nil {
panic(err)
}
- return &BlessingsHandle{
+ return &JsBlessings{
Handle: handle,
PublicKey: encoded,
}
@@ -27,3 +28,11 @@
}
return base64.StdEncoding.EncodeToString(bytes), nil
}
+
+func DecodePublicKey(key string) (security.PublicKey, error) {
+ b, err := base64.StdEncoding.DecodeString(key)
+ if err != nil {
+ return nil, err
+ }
+ return security.UnmarshalPublicKey(b)
+}
diff --git a/services/wsprd/principal/blessings.vdl b/services/wsprd/principal/blessings.vdl
index b75cc38..7793317 100644
--- a/services/wsprd/principal/blessings.vdl
+++ b/services/wsprd/principal/blessings.vdl
@@ -4,7 +4,11 @@
package principal
-type BlessingsHandle struct {
- Handle int32
+type BlessingsHandle int32
+
+const ZeroHandle = BlessingsHandle(0)
+
+type JsBlessings struct {
+ Handle BlessingsHandle
PublicKey string
-}
\ No newline at end of file
+}
diff --git a/services/wsprd/principal/blessings.vdl.go b/services/wsprd/principal/blessings.vdl.go
index aa42e4e..0c09ae3 100644
--- a/services/wsprd/principal/blessings.vdl.go
+++ b/services/wsprd/principal/blessings.vdl.go
@@ -12,16 +12,26 @@
"v.io/v23/vdl"
)
-type BlessingsHandle struct {
- Handle int32
- PublicKey string
-}
+type BlessingsHandle int32
func (BlessingsHandle) __VDLReflect(struct {
Name string "v.io/x/ref/services/wsprd/principal.BlessingsHandle"
}) {
}
+type JsBlessings struct {
+ Handle BlessingsHandle
+ PublicKey string
+}
+
+func (JsBlessings) __VDLReflect(struct {
+ Name string "v.io/x/ref/services/wsprd/principal.JsBlessings"
+}) {
+}
+
func init() {
vdl.Register((*BlessingsHandle)(nil))
+ vdl.Register((*JsBlessings)(nil))
}
+
+const ZeroHandle = BlessingsHandle(0)
diff --git a/services/wsprd/principal/js_blessings_store.go b/services/wsprd/principal/js_blessings_store.go
index fccac9d..f660c50 100644
--- a/services/wsprd/principal/js_blessings_store.go
+++ b/services/wsprd/principal/js_blessings_store.go
@@ -18,19 +18,19 @@
// all operations involving cryptographic operations call into go.
type JSBlessingsHandles struct {
mu sync.Mutex
- lastHandle int32
- store map[int32]security.Blessings
+ lastHandle BlessingsHandle
+ store map[BlessingsHandle]security.Blessings
}
// NewJSBlessingsHandles returns a newly initialized JSBlessingsHandles
func NewJSBlessingsHandles() *JSBlessingsHandles {
return &JSBlessingsHandles{
- store: map[int32]security.Blessings{},
+ store: map[BlessingsHandle]security.Blessings{},
}
}
// Add adds a Blessings to the store and returns the handle to it.
-func (s *JSBlessingsHandles) Add(blessings security.Blessings) int32 {
+func (s *JSBlessingsHandles) Add(blessings security.Blessings) BlessingsHandle {
s.mu.Lock()
defer s.mu.Unlock()
s.lastHandle++
@@ -40,7 +40,7 @@
}
// Remove removes the Blessings associated with the handle.
-func (s *JSBlessingsHandles) Remove(handle int32) {
+func (s *JSBlessingsHandles) Remove(handle BlessingsHandle) {
s.mu.Lock()
defer s.mu.Unlock()
delete(s.store, handle)
@@ -48,7 +48,7 @@
// Get returns the Blessings represented by the handle. Returns nil
// if no Blessings exists for the handle.
-func (s *JSBlessingsHandles) Get(handle int32) security.Blessings {
+func (s *JSBlessingsHandles) Get(handle BlessingsHandle) security.Blessings {
s.mu.Lock()
defer s.mu.Unlock()
return s.store[handle]
diff --git a/services/wsprd/rpc/server/server.go b/services/wsprd/rpc/server/server.go
index 6af03db..c7b8c80 100644
--- a/services/wsprd/rpc/server/server.go
+++ b/services/wsprd/rpc/server/server.go
@@ -56,7 +56,7 @@
type HandleStore interface {
// Adds blessings to the store and returns handle to the blessings
- AddBlessings(blessings security.Blessings) int32
+ AddBlessings(blessings security.Blessings) principal.BlessingsHandle
}
type ServerHelper interface {
@@ -321,7 +321,7 @@
}
}
-func (s *Server) convertBlessingsToHandle(blessings security.Blessings) principal.BlessingsHandle {
+func (s *Server) convertBlessingsToHandle(blessings security.Blessings) principal.JsBlessings {
return *principal.ConvertBlessingsToHandle(blessings, s.helper.AddBlessings(blessings))
}
@@ -445,7 +445,7 @@
if call.RemoteEndpoint() != nil {
remoteEndpoint = call.RemoteEndpoint().String()
}
- var localBlessings principal.BlessingsHandle
+ var localBlessings principal.JsBlessings
if !call.LocalBlessings().IsZero() {
localBlessings = s.convertBlessingsToHandle(call.LocalBlessings())
}
diff --git a/services/wsprd/rpc/server/server.vdl b/services/wsprd/rpc/server/server.vdl
index 418c43a..6dd891e 100644
--- a/services/wsprd/rpc/server/server.vdl
+++ b/services/wsprd/rpc/server/server.vdl
@@ -13,9 +13,9 @@
Method string
Suffix string
MethodTags []any
- LocalBlessings principal.BlessingsHandle
+ LocalBlessings principal.JsBlessings
LocalBlessingStrings []string
- RemoteBlessings principal.BlessingsHandle
+ RemoteBlessings principal.JsBlessings
RemoteBlessingStrings []string
LocalEndpoint string
RemoteEndpoint string
diff --git a/services/wsprd/rpc/server/server.vdl.go b/services/wsprd/rpc/server/server.vdl.go
index 6e5e9c5..a58943a 100644
--- a/services/wsprd/rpc/server/server.vdl.go
+++ b/services/wsprd/rpc/server/server.vdl.go
@@ -23,9 +23,9 @@
Method string
Suffix string
MethodTags []*vdl.Value
- LocalBlessings principal.BlessingsHandle
+ LocalBlessings principal.JsBlessings
LocalBlessingStrings []string
- RemoteBlessings principal.BlessingsHandle
+ RemoteBlessings principal.JsBlessings
RemoteBlessingStrings []string
LocalEndpoint string
RemoteEndpoint string
