diff --git a/application/auditor/config.go b/application/auditor/config.go new file mode 100644 index 0000000..c860f1b --- /dev/null +++ b/application/auditor/config.go @@ -0,0 +1,87 @@ +package auditor + +import ( + "github.com/coniks-sys/coniks-go/application" + "github.com/coniks-sys/coniks-go/crypto/sign" + "github.com/coniks-sys/coniks-go/protocol" +) + +// directoryConfig contains the auditor's configuration needed to send a +// request to a CONIKS server: the path to the server's signing public-key +// file and the actual public-key parsed from that file; the path to +// the server's initial STR file and the actual STR parsed from that file; +// the server's address for receiving STR history requests. +type directoryConfig struct { + SignPubkeyPath string `toml:"sign_pubkey_path"` + SigningPubKey sign.PublicKey + + InitSTRPath string `toml:"init_str_path"` + InitSTR *protocol.DirSTR + + Address string `toml:"address"` +} + +// Config maintains the auditor's configurations for all CONIKS +// directories it tracks. +type Config struct { + TrackedDirs []*directoryConfig + // TODO: Add server-side auditor config +} + +var _ application.AppConfig = (*Config)(nil) + +func newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) *directoryConfig { + var dconf = directoryConfig{ + SignPubkeyPath: signPubkeyPath, + InitSTRPath: initSTRPath, + Address: serverAddr, + } + + return &dconf +} + +// NewConfig initializes a new auditor configuration with the given +// server signing public key path, registration address, and +// server address. +func NewConfig() *Config { + var conf = Config{ + TrackedDirs: make([]*directoryConfig, 0), + } + return &conf +} + +// AddDirectoryConfig adds the given CONIKS server settings to the +// auditor's configuration. +func (conf *Config) AddDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) { + dconf := newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr) + conf.TrackedDirs = append(conf.TrackedDirs, dconf) +} + +// Load initializes an auditor's configuration from the given file. +// For each directory in the configuration, it reads the signing public-key file +// and initial STR file, and parses the actual key and initial STR. +func (conf *Config) Load(file string) error { + tmp, err := application.LoadConfig(file) + if err != nil { + return err + } + conf = tmp.(*Config) + + for _, dconf := range conf.TrackedDirs { + // load signing key + signPubKey, err := application.LoadSigningPubKey(dconf.SignPubkeyPath, file) + if err != nil { + return err + } + dconf.SigningPubKey = signPubKey + + // load initial STR + initSTR, err := application.LoadInitSTR(dconf.InitSTRPath, file) + if err != nil { + return err + } + dconf.InitSTR = initSTR + } + + return nil +} diff --git a/application/bots/twitterbot.go b/application/bots/twitterbot.go index 95fdd72..7d433c4 100644 --- a/application/bots/twitterbot.go +++ b/application/bots/twitterbot.go @@ -12,7 +12,6 @@ import ( "github.com/coniks-sys/coniks-go/application" "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/dghubble/go-twitter/twitter" "github.com/dghubble/oauth1" ) diff --git a/application/config.go b/application/config.go index d5f9345..dc78068 100644 --- a/application/config.go +++ b/application/config.go @@ -2,11 +2,13 @@ package application import ( "bytes" + "encoding/json" "fmt" "io/ioutil" "github.com/BurntSushi/toml" "github.com/coniks-sys/coniks-go/crypto/sign" + "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/utils" ) @@ -33,6 +35,26 @@ func LoadSigningPubKey(path, file string) (sign.PublicKey, error) { return signPubKey, nil } +// LoadIinitSTR loads an initial STR at the given path +// specified in the given config file. +// If there is any parsing error or the STR is malformed, +// LoadInitSTR() returns an error with a nil STR. +func LoadInitSTR(path, file string) (*protocol.DirSTR, error) { + initSTRPath := utils.ResolvePath(path, file) + initSTRBytes, err := ioutil.ReadFile(initSTRPath) + if err != nil { + return nil, fmt.Errorf("Cannot read init STR: %v", err) + } + initSTR := new(protocol.DirSTR) + if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil { + return nil, fmt.Errorf("Cannot parse initial STR: %v", err) + } + if initSTR.Epoch != 0 { + return nil, fmt.Errorf("Initial STR epoch must be 0 (got %d)", initSTR.Epoch) + } + return initSTR, nil +} + // LoadConfig loads an application configuration from the given toml-encoded // file. If there is any decoding error, an LoadConfig() returns an error // with a nil config. diff --git a/application/encoding.go b/application/encoding.go index 467b17c..937f93d 100644 --- a/application/encoding.go +++ b/application/encoding.go @@ -8,6 +8,7 @@ import ( "encoding/json" "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/utils" ) // MarshalRequest returns a JSON encoding of the client's request. @@ -39,6 +40,8 @@ func UnmarshalRequest(msg []byte) (*protocol.Request, error) { request = new(protocol.KeyLookupInEpochRequest) case protocol.MonitoringType: request = new(protocol.MonitoringRequest) + case protocol.STRType: + request = new(protocol.STRHistoryRequest) } if err := json.Unmarshal(content, &request); err != nil { return nil, err @@ -92,6 +95,17 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response { Error: res.Error, DirectoryResponse: response, } + case protocol.AuditType, protocol.STRType: + response := new(protocol.STRHistoryRange) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } default: panic("Unknown request type") } @@ -104,3 +118,30 @@ func malformedClientMsg(err error) *protocol.Response { } return protocol.NewErrorResponse(protocol.ErrMalformedMessage) } + +// CreateSTRRequestMsg returns a JSON encoding of +// a protocol.STRHistoryRequest for the given (start, end) epoch +// range. +func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { + return json.Marshal(&protocol.Request{ + Type: protocol.STRType, + Request: &protocol.STRHistoryRequest{ + StartEpoch: start, + EndEpoch: end, + }, + }) +} + +// MarshalSTRToFile serializes the given STR to the given path. +func MarshalSTRToFile(str *protocol.DirSTR, path string) error { + strBytes, err := json.Marshal(str) + if err != nil { + return err + } + + if err := utils.WriteFile(path, strBytes, 0600); err != nil { + return err + } + + return nil +} diff --git a/application/encoding_test.go b/application/encoding_test.go index 87433db..9d936a6 100644 --- a/application/encoding_test.go +++ b/application/encoding_test.go @@ -22,7 +22,20 @@ func TestUnmarshalErrorResponse(t *testing.T) { } } -func TestUnmarshalMalformedErrorResponse(t *testing.T) { +func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.AuditType, msg) + if res.Error != protocol.ErrAuditLog { + t.Error("Expect error", protocol.ErrAuditLog, + "got", res.Error) + } +} + +func TestUnmarshalMalformedDirectoryProof(t *testing.T) { errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) msg, err := json.Marshal(errResponse) if err != nil { @@ -35,7 +48,20 @@ func TestUnmarshalMalformedErrorResponse(t *testing.T) { } } -func TestUnmarshalSampleMessage(t *testing.T) { +func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.STRType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } +} + +func TestUnmarshalSampleClientMessage(t *testing.T) { d, _ := directory.NewTestDirectory(t, true) res := d.Register(&protocol.RegistrationRequest{ Username: "alice", @@ -47,3 +73,16 @@ func TestUnmarshalSampleMessage(t *testing.T) { t.Error("Cannot unmarshal Associate Data properly") } } + +func TestUnmarshalSampleAuditorMessage(t *testing.T) { + d, _ := directory.NewTestDirectory(t, true) + res := d.GetSTRHistory(&protocol.STRHistoryRequest{ + StartEpoch: uint64(0), + EndEpoch: uint64(1)}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.STRType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } +} diff --git a/application/server/config.go b/application/server/config.go index 297e32d..e183e3c 100644 --- a/application/server/config.go +++ b/application/server/config.go @@ -20,6 +20,8 @@ type Config struct { LoadedHistoryLength uint64 `toml:"loaded_history_length"` // Policies contains the server's CONIKS policies configuration. Policies *Policies `toml:"policies"` + // Path to store the initial STR + InitSTRPath string `toml:"init_str_path"` // Addresses contains the server's connections configuration. Addresses []*Address `toml:"addresses"` } diff --git a/application/server/server.go b/application/server/server.go index 47a48ab..eb1f0b1 100644 --- a/application/server/server.go +++ b/application/server/server.go @@ -6,6 +6,7 @@ import ( "github.com/coniks-sys/coniks-go/application" "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/directory" + "github.com/coniks-sys/coniks-go/utils" ) // An Address describes a server's connection. @@ -68,6 +69,11 @@ func NewConiksServer(conf *Config) *ConiksServer { epochTimer: time.NewTimer(time.Duration(conf.Policies.EpochDeadline) * time.Second), } + // save the initial STR to be used for initializing auditors + initSTRPath := utils.ResolvePath(conf.InitSTRPath, + conf.ConfigFilePath) + application.MarshalSTRToFile(server.dir.LatestSTR(), initSTRPath) + return server } diff --git a/application/server/server_test.go b/application/server/server_test.go index bf15445..236ba9b 100644 --- a/application/server/server_test.go +++ b/application/server/server_test.go @@ -13,10 +13,6 @@ import ( "github.com/coniks-sys/coniks-go/crypto/sign" "github.com/coniks-sys/coniks-go/crypto/vrf" "github.com/coniks-sys/coniks-go/protocol" -<<<<<<< HEAD:application/server/server_test.go -======= - "github.com/coniks-sys/coniks-go/utils/binutils" ->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go ) var registrationMsg = ` @@ -87,20 +83,8 @@ func newTestServer(t *testing.T, epDeadline protocol.Timestamp, useBot bool, }, LoadedHistoryLength: 100, Addresses: addrs, -<<<<<<< HEAD:application/server/server_test.go Policies: NewPolicies(epDeadline, "", "", vrfKey, signKey), -======= - Policies: &ServerPolicies{ - EpochDeadline: epDeadline, - vrfKey: vrfKey, - signKey: signKey, - }, - Logger: &binutils.LoggerConfig{ - Environment: "development", - Path: path.Join(dir, "coniksserver.log"), - }, ->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go } return NewConiksServer(conf), conf diff --git a/coniksauditor/README.md b/cli/coniksauditor/README.md similarity index 100% rename from coniksauditor/README.md rename to cli/coniksauditor/README.md diff --git a/coniksauditor/cli/coniksauditor.go b/cli/coniksauditor/coniksauditor.go similarity index 55% rename from coniksauditor/cli/coniksauditor.go rename to cli/coniksauditor/coniksauditor.go index 39b2792..38d2122 100644 --- a/coniksauditor/cli/coniksauditor.go +++ b/cli/coniksauditor/coniksauditor.go @@ -3,7 +3,8 @@ package main import ( - "github.com/coniks-sys/coniks-go/coniksauditor/cli/internal/cmd" + "github.com/coniks-sys/coniks-go/cli" + "github.com/coniks-sys/coniks-go/cli/coniksauditor/internal/cmd" ) func main() { diff --git a/coniksauditor/doc.go b/cli/coniksauditor/doc.go similarity index 100% rename from coniksauditor/doc.go rename to cli/coniksauditor/doc.go diff --git a/cli/coniksauditor/internal/cmd/init.go b/cli/coniksauditor/internal/cmd/init.go new file mode 100644 index 0000000..a140f56 --- /dev/null +++ b/cli/coniksauditor/internal/cmd/init.go @@ -0,0 +1,38 @@ +package cmd + +import ( + "fmt" + "path" + + "bytes" + "os" + + "github.com/coniks-sys/coniks-go/application" + "github.com/coniks-sys/coniks-go/application/auditor" + "github.com/coniks-sys/coniks-go/cli" + "github.com/spf13/cobra" +) + +var initCmd = cli.NewInitCommand("CONIKS auditor", mkConfigOrExit) + +func init() { + RootCmd.AddCommand(initCmd) + initCmd.Flags().StringP("dir", "d", ".", + "Location of directory for storing generated files") +} + +func mkConfigOrExit(cmd *cobra.Command, args []string) { + dir := cmd.Flag("dir").Value.String() + file := path.Join(dir, "config.toml") + + conf := auditor.NewConfig() + conf.AddDirectoryConfig("../../keyserver/coniksserver/sign.pub", + "../../keyserver/coniksserver/init_str", + "tcp://127.0.0.1:3000") + + if err := application.SaveConfig(file, conf); err != nil { + fmt.Println("Couldn't save config. Error message: [" + + err.Error() + "]") + os.Exit(-1) + } +} diff --git a/coniksauditor/cli/internal/cmd/root.go b/cli/coniksauditor/internal/cmd/root.go similarity index 53% rename from coniksauditor/cli/internal/cmd/root.go rename to cli/coniksauditor/internal/cmd/root.go index 647f618..08ccaa6 100644 --- a/coniksauditor/cli/internal/cmd/root.go +++ b/cli/coniksauditor/internal/cmd/root.go @@ -1,18 +1,14 @@ package cmd import ( - "fmt" - "os" - - "github.com/spf13/cobra" + "github.com/coniks-sys/coniks-go/cli" ) // RootCmd represents the base "auditor" command when called without any // subcommands (register, lookup, ...). -var RootCmd = &cobra.Command{ - Use: "coniksauditor", - Short: "CONIKS auditor reference implementation in Go", - Long: ` +var RootCmd = cli.NewRootCommand("coniksauditor", + "CONIKS auditor service implementation in Go", + ` ________ _______ __ _ ___ ___ _ _______ | || || | | || || | | || | | || _ || |_| || || |_| || _____| @@ -20,15 +16,4 @@ ________ _______ __ _ ___ ___ _ _______ | _|| |_| || _ || || |_ |_____ | | |_ | || | | || || _ | _____| | |_______||_______||_| |__||___||___| |_||_______| -`, -} - -// Execute adds all child commands to the root command sets flags -// appropriately. -// This is called by main.main(). It only needs to happen once to the rootCmd. -func Execute() { - if err := RootCmd.Execute(); err != nil { - fmt.Println(err) - os.Exit(-1) - } -} +`) diff --git a/cli/coniksauditor/internal/cmd/version.go b/cli/coniksauditor/internal/cmd/version.go new file mode 100644 index 0000000..e1c9416 --- /dev/null +++ b/cli/coniksauditor/internal/cmd/version.go @@ -0,0 +1,11 @@ +package cmd + +import ( + "github.com/coniks-sys/coniks-go/cli" +) + +var versionCmd = cli.NewVersionCommand("coniksauditor") + +func init() { + RootCmd.AddCommand(versionCmd) +} diff --git a/coniksauditor/cli/internal/cmd/init.go b/coniksauditor/cli/internal/cmd/init.go deleted file mode 100644 index cac39bf..0000000 --- a/coniksauditor/cli/internal/cmd/init.go +++ /dev/null @@ -1,61 +0,0 @@ -package cmd - -import ( - "fmt" - "path" - - "bytes" - "os" - - "github.com/BurntSushi/toml" - "github.com/coniks-sys/coniks-go/coniksauditor" - "github.com/coniks-sys/coniks-go/utils" - "github.com/spf13/cobra" -) - -var initCmd = &cobra.Command{ - Use: "init", - Short: "Creates a config file for the auditor.", - Long: `Creates a file config.toml in the current working directory with -the following content: - -sign_pubkey_path = "../../keyserver/coniksserver/sign.pub" -init_str_path = "../../keyserver/coniksserver/init_str" -address = "tcp://127.0.0.1:3000" - -If the keyserver's public keys are somewhere else, you will have to modify the -config file accordingly. -`, - Run: func(cmd *cobra.Command, args []string) { - dir := cmd.Flag("dir").Value.String() - mkConfigOrExit(dir) - }, -} - -func init() { - RootCmd.AddCommand(initCmd) - initCmd.Flags().StringP("dir", "d", ".", - "Location of directory for storing generated files") -} - -func mkConfigOrExit(dir string) { - file := path.Join(dir, "config.toml") - var conf = coniksauditor.DirectoryConfig{ - SignPubkeyPath: "../../keyserver/coniksserver/sign.pub", - InitSTRPath: "../../keyserver/coniksserver/init_str", - Address: "tcp://127.0.0.1:3000", - } - - var confBuf bytes.Buffer - enc := toml.NewEncoder(&confBuf) - if err := enc.Encode(conf); err != nil { - fmt.Println("Coulnd't encode config. Error message: [" + - err.Error() + "]") - os.Exit(-1) - } - if err := utils.WriteFile(file, confBuf.Bytes(), 0644); err != nil { - fmt.Println("Coulnd't write config. Error message: [" + - err.Error() + "]") - os.Exit(-1) - } -} diff --git a/coniksauditor/cli/internal/cmd/version.go b/coniksauditor/cli/internal/cmd/version.go deleted file mode 100644 index 8b6207a..0000000 --- a/coniksauditor/cli/internal/cmd/version.go +++ /dev/null @@ -1,22 +0,0 @@ -package cmd - -import ( - "fmt" - - "github.com/coniks-sys/coniks-go/internal" - "github.com/spf13/cobra" -) - -var versionCmd = &cobra.Command{ - Use: "version", - Short: "Print the version number of coniksauditor.", - Long: `Print the version number of coniksauditor.`, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("All software has versions. This is coniksauditor's:") - fmt.Println("coniksauditor v" + internal.Version) - }, -} - -func init() { - RootCmd.AddCommand(versionCmd) -} diff --git a/coniksauditor/config.go b/coniksauditor/config.go deleted file mode 100644 index a06a992..0000000 --- a/coniksauditor/config.go +++ /dev/null @@ -1,73 +0,0 @@ -package coniksauditor - -import ( - "encoding/json" - "fmt" - "io/ioutil" - - "github.com/BurntSushi/toml" - "github.com/coniks-sys/coniks-go/crypto/sign" - "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/utils" -) - -// DirectoryConfig contains the auditor's configuration needed to send a -// request to a CONIKS server: the path to the server's signing public-key -// file and the actual public-key parsed from that file; the path to -// the server's initial STR file and the actual STR parsed from that file; -// the server's address for receiving STR history requests. -type DirectoryConfig struct { - SignPubkeyPath string `toml:"sign_pubkey_path"` - SigningPubKey sign.PublicKey - - InitSTRPath string `toml:"init_str_path"` - InitSTR *protocol.DirSTR - - Address string `toml:"address"` -} - -// Config maintains the auditor's configurations for all CONIKS -// directories it tracks. -type Config []*DirectoryConfig - -// LoadConfig returns a auditor's configuration read from the given filename. -// It reads the signing public-key file and parses the actual key, and -// the initial STR file and parses the actual STR. -// If there is any parsing or IO-error it returns an error (and the returned -// config will be nil). -func LoadConfig(file string) (*Config, error) { - var conf Config - // FIXME: Currently assuming there is only one tracked directory - // Add a loop here to iterate over multiple directory - // configs in the file - var dirconf DirectoryConfig - if _, err := toml.DecodeFile(file, &dirconf); err != nil { - return nil, fmt.Errorf("Failed to load config: %v", err) - } - - // load signing key - signPath := utils.ResolvePath(dirconf.SignPubkeyPath, file) - signPubKey, err := ioutil.ReadFile(signPath) - if err != nil { - return nil, fmt.Errorf("Cannot read signing key: %v", err) - } - if len(signPubKey) != sign.PublicKeySize { - return nil, fmt.Errorf("Signing public-key must be 32 bytes (got %d)", len(signPubKey)) - } - - dirconf.SigningPubKey = signPubKey - - // load initial STR - initSTRPath := utils.ResolvePath(dirconf.InitSTRPath, file) - initSTRBytes, err := ioutil.ReadFile(initSTRPath) - initSTR := new(protocol.DirSTR) - if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil { - return nil, fmt.Errorf("Cannot parse initial STR: %v", err) - } - - dirconf.InitSTR = initSTR - - conf = append(conf, &dirconf) - - return &conf, nil -} diff --git a/coniksauditor/encoding.go b/coniksauditor/encoding.go deleted file mode 100644 index 9f0de79..0000000 --- a/coniksauditor/encoding.go +++ /dev/null @@ -1,20 +0,0 @@ -package coniksauditor - -import ( - "encoding/json" - - "github.com/coniks-sys/coniks-go/protocol" -) - -// CreateSTRRequestMsg returns a JSON encoding of -// a protocol.STRHistoryRequest for the given (start, end) epoch -// range. -func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { - return json.Marshal(&protocol.Request{ - Type: protocol.STRType, - Request: &protocol.STRHistoryRequest{ - StartEpoch: start, - EndEpoch: end, - }, - }) -}