You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create a derived class of ChannelCredentials called HydrogenPublicCredentials which accepts a public key that we expect to get from INetworkAutoDiscovery.
Add a parameter to CreateNetworkServer that allows passing in some kind of transport security value (maybe just ChannelCredentials which can be HydrogenPrivateCredentials?)
Actually pass the gRPC options into the TcpGrpcClientCall and TcpGrpcServerCall instances, which then need to pass the credential into TcpGrpcTransportConnection.
Likely have TcpGrpcTransportConnection handle the libhydrogen negotiation and encryption directly (rather than wrapping it), since it's dependent on NetworkStream underneath and accepts an endpoint for connection. Probably just make a private method that wraps the _networkStream.WriteAsync and _networkStream.ReadExactlyAsync calls to encrypt/decrypt when needed.
This solves the encryption layer.
We also want to then support basic password authentication for clients to authenticate to servers. We'd want to be able to specify this by using CallCredentials.Compose(new HydrogenPublicCredentials(...), new PasswordCredentials(...)). To get the composed credentials out, we need to have a class that implements CallCredentialsConfiguratorBase and call InternalPopulateConfiguration to get the composite credentials out when we're setting up the server and client.
While the encryption negotiation won't go through Protobuf serialization, we probably do want to add AuthPasswordProvide = 7;, AuthAccept = 8; and AuthReject = 9; as message types and have the password negotiation done after encryption is established. It should be an exception to only provide PasswordCredentials as the call credentials without Hydrogen...Credentials also being provided.
The text was updated successfully, but these errors were encountered:
We need to:
ChannelCredentials
calledHydrogenPublicCredentials
which accepts a public key that we expect to get fromINetworkAutoDiscovery
.CreateNetworkServer
that allows passing in some kind of transport security value (maybe justChannelCredentials
which can beHydrogenPrivateCredentials
?)TcpGrpcClientCall
andTcpGrpcServerCall
instances, which then need to pass the credential intoTcpGrpcTransportConnection
.TcpGrpcTransportConnection
handle the libhydrogen negotiation and encryption directly (rather than wrapping it), since it's dependent onNetworkStream
underneath and accepts an endpoint for connection. Probably just make a private method that wraps the_networkStream.WriteAsync
and_networkStream.ReadExactlyAsync
calls to encrypt/decrypt when needed.This solves the encryption layer.
We also want to then support basic password authentication for clients to authenticate to servers. We'd want to be able to specify this by using
CallCredentials.Compose(new HydrogenPublicCredentials(...), new PasswordCredentials(...))
. To get the composed credentials out, we need to have a class that implementsCallCredentialsConfiguratorBase
and callInternalPopulateConfiguration
to get the composite credentials out when we're setting up the server and client.While the encryption negotiation won't go through Protobuf serialization, we probably do want to add
AuthPasswordProvide = 7;
,AuthAccept = 8;
andAuthReject = 9;
as message types and have the password negotiation done after encryption is established. It should be an exception to only providePasswordCredentials
as the call credentials withoutHydrogen...Credentials
also being provided.The text was updated successfully, but these errors were encountered: