Merge pull request #192 from pixxelhq/master

v5.10.9-Pixxel-8.0.0

distribution/pom.xml

@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>distribution</artifactId>

examples/cascading/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>cascading</artifactId>

examples/ccsds-frames/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>ccsds-frames</artifactId>

examples/cfdp-udp/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>cfdp-udp</artifactId>

examples/cfdp/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>cfdp</artifactId>

examples/perftest1/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>perftest1</artifactId>

examples/perftest2/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>perftest2</artifactId>

examples/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <groupId>org.yamcs.examples</groupId>

examples/pus/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>pus</artifactId>

examples/replication1/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>replication1</artifactId>

examples/replication2/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>replication2</artifactId>

examples/replication3/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>replication3</artifactId>

examples/simulation/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>simulation</artifactId>

examples/snippets/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>snippets</artifactId>

examples/templates/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs.examples</groupId>
     <artifactId>examples</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>templates</artifactId>

packet-viewer/pom.xml

@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>packet-viewer</artifactId>

pom.xml

@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.yamcs</groupId>
 	<artifactId>yamcs</artifactId>
-	<version>5.10.9-Pixxel-7.2.0</version>
+	<version>5.10.9-Pixxel-8.0.0</version>
 
 	<packaging>pom</packaging>
 
@@ -84,6 +84,11 @@
 
 	<dependencyManagement>
 		<dependencies>
+			<dependency>
+				<groupId>org.json</groupId>
+				<artifactId>json</artifactId>
+				<version>20210307</version>
+			</dependency>
 			<dependency>
 				<groupId>com.beust</groupId>
 				<artifactId>jcommander</artifactId>

simulator/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>simulator</artifactId>

tests/pom.xml

@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.yamcs</groupId>
 		<artifactId>yamcs</artifactId>
-		<version>5.10.9-Pixxel-7.2.0</version>
+		<version>5.10.9-Pixxel-8.0.0</version>
 	</parent>
 
 	<artifactId>tests</artifactId>

yamcs-api/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>yamcs-api</artifactId>

yamcs-api/src/main/proto/yamcs/protobuf/keymanagement/keymanagement.proto

@@ -0,0 +1,55 @@
+syntax="proto2";
+
+package yamcs.protobuf.instances;
+
+option java_package = "org.yamcs.protobuf";
+option java_outer_classname = "KeyManagmentServiceProto";
+option java_multiple_files = true;
+
+import "google/protobuf/empty.proto";
+
+import "yamcs/api/annotations.proto";
+
+service KeyManagmentApi {
+
+    // Update any type of key of the instance
+    rpc UpdateKey(UpdateKeyRequest) returns (KeyResponse) {
+        option (yamcs.api.route) = {
+            post: "/api/keymanagement/{instance}:updateKey"
+        };
+    }
+
+    // Get the key of a family of the instance
+    rpc GetActiveKey(ActiveKeyRequest) returns (KeyResponse) {
+        option (yamcs.api.route) = {
+            get: "/api/keymanagement/{instance}"
+        };
+    }
+}
+
+message UpdateKeyRequest{
+    // Yamcs instance name.
+    optional string instance = 1;
+
+    // Type of the key
+    required string family = 2;
+
+    // Key ID to be updated to
+    required string keyId = 3;
+}
+
+message ActiveKeyRequest {
+    // Yamcs instance name.
+    optional string instance = 1;
+
+    // Type of the key
+    optional string family = 2;
+}
+
+message KeyResponse {
+    optional string instance = 1;
+    optional string keyId = 2;
+
+    // Type of the key
+    optional string family = 3;
+}

yamcs-client/pom.xml

@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>yamcs-client</artifactId>

yamcs-core/pom.xml

@@ -3,7 +3,7 @@
   <parent>
     <groupId>org.yamcs</groupId>
     <artifactId>yamcs</artifactId>
-    <version>5.10.9-Pixxel-7.2.0</version>
+    <version>5.10.9-Pixxel-8.0.0</version>
   </parent>
 
   <artifactId>yamcs-core</artifactId>

yamcs-core/src/main/java/org/yamcs/http/HttpServer.java

@@ -39,6 +39,7 @@
 import org.yamcs.http.api.IamApi;
 import org.yamcs.http.api.IndexesApi;
 import org.yamcs.http.api.InstancesApi;
+import org.yamcs.http.api.KeyManagementApi;
 import org.yamcs.http.api.LinksApi;
 import org.yamcs.http.api.MdbApi;
 import org.yamcs.http.api.MdbOverrideApi;
@@ -290,6 +291,7 @@ public void init(String yamcsInstance, String serviceName, YConfiguration config
         addApi(new IamApi(auditLog, tokenStore));
         addApi(new IndexesApi());
         addApi(new InstancesApi());
+        addApi(new KeyManagementApi());
         addApi(new LinksApi(auditLog));
         addApi(new MdbApi());
         addApi(new MdbOverrideApi());

yamcs-core/src/main/java/org/yamcs/http/api/InstancesApi.java

@@ -31,20 +31,7 @@
 import org.yamcs.management.ManagementService;
 import org.yamcs.mdb.Mdb;
 import org.yamcs.plists.ParameterListService;
-import org.yamcs.protobuf.AbstractInstancesApi;
-import org.yamcs.protobuf.CreateInstanceRequest;
-import org.yamcs.protobuf.GetInstanceRequest;
-import org.yamcs.protobuf.GetInstanceTemplateRequest;
-import org.yamcs.protobuf.InstanceTemplate;
-import org.yamcs.protobuf.ListInstanceTemplatesResponse;
-import org.yamcs.protobuf.ListInstancesRequest;
-import org.yamcs.protobuf.ListInstancesResponse;
-import org.yamcs.protobuf.ReconfigureInstanceRequest;
-import org.yamcs.protobuf.RestartInstanceRequest;
-import org.yamcs.protobuf.StartInstanceRequest;
-import org.yamcs.protobuf.StopInstanceRequest;
-import org.yamcs.protobuf.TemplateVariable;
-import org.yamcs.protobuf.YamcsInstance;
+import org.yamcs.protobuf.*;
 import org.yamcs.protobuf.YamcsInstance.InstanceState;
 import org.yamcs.security.SystemPrivilege;
 import org.yamcs.templating.Template;

yamcs-core/src/main/java/org/yamcs/http/api/KeyManagementApi.java

@@ -0,0 +1,80 @@
+package org.yamcs.http.api;
+
+import java.util.regex.Pattern;
+
+import org.yamcs.YamcsServer;
+import org.yamcs.api.Observer;
+import org.yamcs.http.Context;
+import org.yamcs.http.ForbiddenException;
+import org.yamcs.protobuf.*;
+import org.yamcs.security.SystemPrivilege;
+import org.yamcs.security.encryption.aes.KeyManagementService;
+import org.yamcs.time.TimeService;
+import org.yamcs.yarch.Stream;
+import org.yamcs.yarch.Tuple;
+
+
+public class KeyManagementApi extends AbstractKeyManagmentApi<Context>{
+    public static final Pattern ALLOWED_INSTANCE_NAMES = Pattern.compile("\\w[\\w\\.-]*");
+
+    @Override
+    public void updateKey(Context ctx, UpdateKeyRequest request, Observer<KeyResponse> observer) {
+        ctx.checkSystemPrivilege(SystemPrivilege.ControlServices);
+
+        KeyManagementService keyMgmService = YamcsServer.getServer().getInstance(request.getInstance()).getService(KeyManagementService.class, "keyManagementService");
+        TimeService timeService = YamcsServer.getTimeService(request.getInstance());
+
+        if (keyMgmService == null) {
+            throw new ForbiddenException("KeyManagementService is not configured");
+        }
+
+        if (keyMgmService.getClient() == null) {
+            throw new ForbiddenException("KeyManagementService is configured, but vault access not provided");
+        }
+
+        Stream publishStream = keyMgmService.getStream();
+        publishStream.emitTuple(new Tuple(KeyManagementService.ACTIVE_KEY_TUPLE_DEFINITION, new Object[]{
+                timeService.getMissionTime(),
+                request.getKeyId(),
+                request.getFamily(),
+            })
+        );
+
+        KeyResponse.Builder response = KeyResponse.newBuilder();
+        response
+            .setFamily(request.getFamily())
+            .setKeyId(request.getKeyId());
+
+        observer.complete(response.build());
+    }
+
+    @Override
+    public void getActiveKey(Context ctx, ActiveKeyRequest request, Observer<KeyResponse> observer) {
+        ctx.checkSystemPrivilege(SystemPrivilege.ControlServices);
+        KeyManagementService keyMgmService = YamcsServer.getServer().getInstance(request.getInstance()).getService(KeyManagementService.class, "keyManagementService");
+
+        if (keyMgmService == null) {
+            throw new ForbiddenException("KeyManagementService is not configured");
+        }
+
+        if (keyMgmService.getClient() == null) {
+            throw new ForbiddenException("KeyManagementService is configured, but vault access not provided");
+        }
+
+        String keyId;
+        switch (request.getFamily()) {
+            case "tm" -> keyId = keyMgmService.getTmKeyId();
+            case "tc" -> keyId = keyMgmService.getTcKeyId();
+            default -> throw new RuntimeException("Key Family not found");
+        }
+
+        KeyResponse.Builder activeKeyResponse = KeyResponse.newBuilder();
+        activeKeyResponse
+            .setFamily(request.getFamily())
+            .setInstance(request.getInstance())
+            .setKeyId(keyId);
+
+        observer.complete(activeKeyResponse.build());
+    }
+
+}