Google Git
Sign in
vanadium / release.go.x.ref / b07ec69baa9eadf18f40299b2398612365463bbb^! / . / runtimes / google / ipc / stream / vc / auth.go
commitb07ec69baa9eadf18f40299b2398612365463bbb[log] [tgz]
authorAsim Shankar <ashankar@google.com>Fri Feb 27 23:40:44 2015 -0800
committerAsim Shankar <ashankar@google.com>Fri Feb 27 23:40:46 2015 -0800
tree8847cf46419bfd232277381599df5f2f8de3ddd7
parent5c7ed21b7dfaa30636f13377c4ed602be71a78f3 [diff] [blame]
security: Use VDL's mechanism for wire <-> native conversions for
Blessings.

This commit is the counterpart to the API change in:
https://vanadium-review.googlesource.com/6290

Mostly simplifies, but there are some rough edges still left
which will be addressed in separate commits:
(1) At a few places, the caller wants to access the underlying
    certificate chains of a security.Blessings object.
    Have to work out this API, but for now they either use
    security.MarshalBlessings or do a VOM-roundtrip (when
    performance is a non-concern)
(2) The BlessingStore implementation can be simplified considerably
    now, and should have a clear wire spec (.vdl file).
(3) The persistent store used by the mgmt code
    (veyron/services/mgmt/lib/fs) is using GOB to write out
    serialized forms. There is a plan to convert this to VOM
    but in the mean time I had to do something ugly - translate
    from application.Envelope (which is no longer GOBable) to
    a different type. This will go away once the store is converted
    to VOM.

MultiPart: 2/2

Change-Id: Iafb791afedf0a3ea4c9c1c766300213dace7d692

diff --git a/runtimes/google/ipc/stream/vc/auth.go b/runtimes/google/ipc/stream/vc/auth.go
index b333b3a..43442b3 100644
--- a/runtimes/google/ipc/stream/vc/auth.go
+++ b/runtimes/google/ipc/stream/vc/auth.go

@@ -94,7 +94,7 @@
 	if err := enc.Encode(signature); err != nil {
 		return err
 	}
-	if err := enc.Encode(security.MarshalBlessings(b)); err != nil {
+	if err := enc.Encode(b); err != nil {
 		return err
 	}
 	if v >= version.IPCVersion7 {
@@ -143,13 +143,13 @@
 	}
 
 	var (
-		wireb security.WireBlessings
-		sig   security.Signature
+		blessings security.Blessings
+		sig       security.Signature
 	)
 	if err = dec.Decode(&sig); err != nil {
 		return noBlessings, nil, err
 	}
-	if err = dec.Decode(&wireb); err != nil {
+	if err = dec.Decode(&blessings); err != nil {
 		return noBlessings, nil, err
 	}
 	var discharges map[string]security.Discharge
@@ -177,10 +177,6 @@
 			}
 		}
 	}
-	blessings, err := security.NewBlessings(wireb)
-	if err != nil {
-		return noBlessings, nil, err
-	}
 	if !sig.Verify(blessings.PublicKey(), append(tag, crypter.ChannelBinding()...)) {
 		return noBlessings, nil, errInvalidSignatureInMessage
 	}