Implement encryption for 0MQ communication channel

[dmgav]

Implement security features that would protect RE Manager controlling real hardware from requests from unauthorized clients. It is assumed that both ZMQ Server (RE Manager) and the client (HTTP Server or GUI client) are located on a secure network within the lab (where it is relatively easy to get physical access to the computers running the server and the client). The intention is to protect RE Manager from accidental interference due to errors in configuration (network may contain multiple server/client pairs, including systems used for development and testing and may be running without encryption), not from malicious hacking attacks.

The proposed security feature may be fully implemented by activating and configuring built-in ZMQ Curve-based encryption and providing convenient configuration options for each component of the system. The encryption scheme is using two public/private key pairs, one for the server and one for the client. The key pairs are generated using zmq.curve_keypair() function (there is also zmq.curve_public() function that generates public key from the private key). In the first version, the clients will be assigned permanent key pair (it can be changed to a configurable or randomly generated key pair later if needed). The server and the client should be configured with private and public keys from the server key pair before the client can communicate with the server. If the keys don't match or the client has encryption disabled, the ZMQ requests will time out.

The proposed approach was tested in the existing Queue Server code by hard-coding the key pairs and running the server in multiple modes. In RE Manager code ZMQ socket was set as a Curve server and a private key (long term secret key) was set:

        logger.info("Starting ZeroMQ server ...")
        self._zmq_socket = self._ctx.socket(zmq.REP)
        self._zmq_socket.set(zmq.CURVE_SERVER, 1)
        self._zmq_socket.set(zmq.CURVE_SECRETKEY, ">YXLq7tT:)VGXS>&2f0r*x[S24fFjl*V6b(lISyI".encode("utf-8"))
        self._zmq_socket.bind(self._ip_zmq_server)
        logger.info("ZeroMQ server is waiting on %s", str(self._ip_zmq_server))

The client ZMQ socket is operating in the default Curve client mode. The SERVERKEY is the server public key, which will be made configurable. The PUBLICKEY/SECRETKEY is the key pair of the client, which is used for encrypting message set from server to client. This key pair may remain hard coded for now, since it does not play essential role in the security scheme.

        self._zmq_socket = self._ctx.socket(zmq.REQ)
        # Set server public key
        self._zmq_socket.set(zmq.CURVE_SERVERKEY, "AmNRencT%-oprGXs?BLp!Q2*xxWQ{sHRShO.JU#/".encode("utf-8"))
        # Set public and private keys for the client
        self._zmq_socket.set(zmq.CURVE_PUBLICKEY, "wt8[6a8eoXFRVL<l2JBbOzs(hcI%kRBIr0Do/eLC".encode("utf-8"))
        self._zmq_socket.set(zmq.CURVE_SECRETKEY, "=@e7WwVuz{*eGcnv{AL@x2hmX!z^)wP3vKsQ{S7s".encode("utf-8"))

Encryption will be disabled by default, since it is not needed for most of the demo/development. The options to configure RE Manager (as a server), HTTP Server (as a client) and qserver CLI tool (as a client) will be implemented. RE Manager will accept private (secret) key as a value of a CLI parameter or an environment variable. HTTP Server will accept public key as a value of an environment variable. qserver CLI tool will accept public key as a value of CLI parameter or environment variable.

[dmgav]

Addressed in PR #147