Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP - Get trust from caPubs in IP #66

Draft
wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

WIP - Get trust from caPubs in IP #66

wants to merge 3 commits into from

Conversation

RufusJWB
Copy link
Collaborator

Motivation

Target is to use the caPubs field for trust building

Proposed Changes

n/a

Test Plan

n/a

@RufusJWB RufusJWB marked this pull request as draft October 15, 2024 08:16
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud

@DDvO
Copy link
Member

DDvO commented Jan 27, 2025

@RufusJWB can you please remind me what the status of this PR is?
I just had a look at it: looks already pretty good.

Yet I cannot successfully try it out - also for the master branch,

make -f Makefile_v1 demo_CloudCA

fails when the server processes the first IR:

##### running cmpClient demo using CloudCA #####

no_proxy=localhost,127.0.0.1 LD_LIBRARY_PATH="." ./cmpClient imprint -section CloudCA -path "/.well-known/cmp" -reqexts empty 
cmpClient:main():src/cmpClient.c:2573: INFO: Using section(s) 'CloudCA,imprint' of CMP configuration file 'config/demo.cnf'
cmpClient:prepare_CMP_client():src/cmpClient.c:1157: WARNING: -own_trusted option is ignored since -cert not given
cmpClient:setup_TLS():src/cmpClient.c:581: WARNING: -tls_used given without -tls_key; cannot authenticate to the TLS server
cmpClient:CMPclient_setup_HTTP():src/genericCMPClient.c:496: INFO: will contact https://broker.sdo-qa.siemens.cloud:443/.well-known/cmp
cmpClient:send_receive_check():../crypto/cmp/cmp_client.c:162: INFO: sending IR
cmpClient:send_receive_check():../crypto/cmp/cmp_client.c:182: INFO: received ERROR
cmpClient:unprotected_exception():../crypto/cmp/cmp_client.c:83: WARNING: ignoring missing protection of error response
cmpClient:CMPclient():src/cmpClient.c:2417: ERROR: received from broker.sdo-qa.siemens.cloud:443 PKIStatus: rejection; PKIFailureInfo: systemFailure; StatusString: "DynamicConfigurationException: exception while calling Configuration.getDownstreamTimeout(null, ERROR(23)) for "downstream""
cmpClient:CMPclient():src/cmpClient.c:2433: ERROR: Failed to perform CMP transaction
cmpClient:send_receive_check():../crypto/cmp/cmp_client.c:199: ERROR: received error:PKIStatus: rejection; PKIFailureInfo: systemFailure; StatusString: "DynamicConfigurationException: exception while calling Configuration.getDownstreamTimeout(null, ERROR(23)) for "downstream""; errorDetails: DynamicConfigurationException: exception while calling Configuration.getDownstreamTimeout(null, ERROR(23)) for "downstream"
cmpClient:CMPclient():src/cmpClient.c:2476: ERROR: CMPclient error 180: received error
make[1]: *** [Makefile_v1:515: run_demo] Error 1
make[1]: Leaving directory '/export/home/dvo/gencmpclient'
make: *** [Makefile_v1:504: demo_CloudCA] Error 2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@RufusJWB @DDvO