From 2591ba1653408930e32e3f90efb561b26c06f05c Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Wed, 1 Nov 2017 17:53:26 -0700 Subject: [PATCH 1/9] Start auditor CLI --- coniksauditor/README.md | 77 +++++++++++++++++++++++++++++++++++++++++ coniksauditor/doc.go | 5 +++ 2 files changed, 82 insertions(+) create mode 100644 coniksauditor/README.md create mode 100644 coniksauditor/doc.go diff --git a/coniksauditor/README.md b/coniksauditor/README.md new file mode 100644 index 0000000..1346f87 --- /dev/null +++ b/coniksauditor/README.md @@ -0,0 +1,77 @@ +# CONIKS Auditor implementation in Golang +__Do not use your real public key or private key with this test auditor.__ + +## Usage + +*Note:* This auditor CLI currently only implements the CONIKS key +directory-to-auditor protocol (i.e. the auditor only retrieves and verifies +STRs from the server, it does _not_ accept auditing requests from clients). +To test the implementation, the auditor can be run with an interactive REPL. + +##### Install the test auditor +``` +⇒ go install github.com/coniks-sys/coniks-go/coniksauditor/cli +⇒ coniksauditor -h +________ _______ __ _ ___ ___ _ _______ +| || || | | || || | | || | +| || _ || |_| || || |_| || _____| +| || | | || || || _|| |_____ +| _|| |_| || _ || || |_ |_____ | +| |_ | || | | || || _ | _____| | +|_______||_______||_| |__||___||___| |_||_______| + +Usage: + coniksauditor [command] + +Available Commands: + init Creates a config file for the auditor. + test Run the interactive test auditor. + +Use "coniksauditor [command] --help" for more information about a command. +``` + +### Configure the auditor + +- Generate the configuration file: +``` +⇒ mkdir coniks-auditor; cd coniks-auditor +⇒ coniksauditor init +``` +- Ensure the auditor has the directory's *test* public signing key. +- Edit the configuration file as needed: + - Replace the `sign_pubkey_path` with the location of the directory's public signing key. + - Replace the `init_str_path` with the location of the directory's intiial signed tree root. + - Replace the `address` with the directory's public CONIKS address (for lookups, monitoring etc). +_Note: The auditor is capable of verifying multiple key directories, but +we currently only configure the test auditor with a single directory for simplcity._ + +### Run the test auditor + +``` +⇒ coniksauditor test # this will open a REPL +``` + +##### Retrieve and verify the latest STR history from the given directory +``` +> getlatest [dir] +# The auditor should display something like this if the request is successful +[+] Valid! The auditor is up-to-date on the STR history of [dir] +``` + +##### Retrieve and verify a specific STR history range +``` +> getrange [dir] [start] [end] +# The auditor should display something like this if the request is successful +[+] Success! The requested STR history range for [dir] is valid +``` + +##### Other commands + +Use `help` for more information. + +Use `exit` to close the REPL and exit the client. + +## Disclaimer +Please keep in mind that this CONIKS auditor is under active development. +The repository may contain experimental features that aren't fully tested. +We recommend using a [tagged release](https://github.com/coniks-sys/coniks-go/releases). diff --git a/coniksauditor/doc.go b/coniksauditor/doc.go new file mode 100644 index 0000000..d2692d5 --- /dev/null +++ b/coniksauditor/doc.go @@ -0,0 +1,5 @@ +/* +Package coniksauditor provides an executable of +an auditor for the CONIKS key management system. +*/ +package coniksauditor From bb3bd12310e988c1d32c0810fdfce2f6fd3850e4 Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Sat, 4 Nov 2017 19:43:14 -0700 Subject: [PATCH 2/9] Add auditor config and encoding --- application/server/server_test.go | 16 ++++ cli/coniksclient/internal/cmd/run.go | 1 + coniksauditor/README.md | 14 ++- coniksauditor/config.go | 74 +++++++++++++++ coniksauditor/doc.go | 4 + coniksauditor/encoding.go | 20 ++++ utils/binutils/encoding.go | 68 ++++++++++++++ utils/binutils/encoding_test.go | 88 ++++++++++++++++++ utils/binutils/logger.go | 134 +++++++++++++++++++++++++++ 9 files changed, 417 insertions(+), 2 deletions(-) create mode 100644 coniksauditor/config.go create mode 100644 coniksauditor/encoding.go create mode 100644 utils/binutils/encoding.go create mode 100644 utils/binutils/encoding_test.go create mode 100644 utils/binutils/logger.go diff --git a/application/server/server_test.go b/application/server/server_test.go index 236ba9b..bf15445 100644 --- a/application/server/server_test.go +++ b/application/server/server_test.go @@ -13,6 +13,10 @@ import ( "github.com/coniks-sys/coniks-go/crypto/sign" "github.com/coniks-sys/coniks-go/crypto/vrf" "github.com/coniks-sys/coniks-go/protocol" +<<<<<<< HEAD:application/server/server_test.go +======= + "github.com/coniks-sys/coniks-go/utils/binutils" +>>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go ) var registrationMsg = ` @@ -83,8 +87,20 @@ func newTestServer(t *testing.T, epDeadline protocol.Timestamp, useBot bool, }, LoadedHistoryLength: 100, Addresses: addrs, +<<<<<<< HEAD:application/server/server_test.go Policies: NewPolicies(epDeadline, "", "", vrfKey, signKey), +======= + Policies: &ServerPolicies{ + EpochDeadline: epDeadline, + vrfKey: vrfKey, + signKey: signKey, + }, + Logger: &binutils.LoggerConfig{ + Environment: "development", + Path: path.Join(dir, "coniksserver.log"), + }, +>>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go } return NewConiksServer(conf), conf diff --git a/cli/coniksclient/internal/cmd/run.go b/cli/coniksclient/internal/cmd/run.go index a62dd24..750706f 100644 --- a/cli/coniksclient/internal/cmd/run.go +++ b/cli/coniksclient/internal/cmd/run.go @@ -13,6 +13,7 @@ import ( "github.com/coniks-sys/coniks-go/cli" "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/client" + "github.com/coniks-sys/coniks-go/utils" "github.com/spf13/cobra" "golang.org/x/crypto/ssh/terminal" ) diff --git a/coniksauditor/README.md b/coniksauditor/README.md index 1346f87..1943910 100644 --- a/coniksauditor/README.md +++ b/coniksauditor/README.md @@ -3,7 +3,7 @@ __Do not use your real public key or private key with this test auditor.__ ## Usage -*Note:* This auditor CLI currently only implements the CONIKS key +**Note:** This auditor CLI currently only implements the CONIKS key directory-to-auditor protocol (i.e. the auditor only retrieves and verifies STRs from the server, it does _not_ accept auditing requests from clients). To test the implementation, the auditor can be run with an interactive REPL. @@ -32,6 +32,10 @@ Use "coniksauditor [command] --help" for more information about a command. ### Configure the auditor +- Make sure you have at least one running CONIKS directory for your +auditor to track. For information on setting up a CONIKS directory, +see our [CONIKS server setup guide](https://github.com/coniks-sys/coniks-go/tree/master/coniksserver/README.md). + - Generate the configuration file: ``` ⇒ mkdir coniks-auditor; cd coniks-auditor @@ -40,7 +44,7 @@ Use "coniksauditor [command] --help" for more information about a command. - Ensure the auditor has the directory's *test* public signing key. - Edit the configuration file as needed: - Replace the `sign_pubkey_path` with the location of the directory's public signing key. - - Replace the `init_str_path` with the location of the directory's intiial signed tree root. + - Replace the `init_str_path` with the location of the directory's initial signed tree root. - Replace the `address` with the directory's public CONIKS address (for lookups, monitoring etc). _Note: The auditor is capable of verifying multiple key directories, but we currently only configure the test auditor with a single directory for simplcity._ @@ -58,6 +62,9 @@ we currently only configure the test auditor with a single directory for simplc [+] Valid! The auditor is up-to-date on the STR history of [dir] ``` +This command updates the auditor's STR log for the directory upon a +successful audit. + ##### Retrieve and verify a specific STR history range ``` > getrange [dir] [start] [end] @@ -65,6 +72,9 @@ we currently only configure the test auditor with a single directory for simplc [+] Success! The requested STR history range for [dir] is valid ``` +This command only performs an audit on the requested STR history range. +It does not update the auditor's STR log for the directory. + ##### Other commands Use `help` for more information. diff --git a/coniksauditor/config.go b/coniksauditor/config.go new file mode 100644 index 0000000..b66bb82 --- /dev/null +++ b/coniksauditor/config.go @@ -0,0 +1,74 @@ +package coniksauditor + +import ( + "fmt" + "io/ioutil" + "encoding/json" + + "github.com/BurntSushi/toml" + "github.com/coniks-sys/coniks-go/crypto/sign" + "github.com/coniks-sys/coniks-go/utils" + "github.com/coniks-sys/coniks-go/protocol" +) + +// DirectoryConfig contains the auditor's configuration needed to send a +// request to a CONIKS server: the path to the server's signing public-key +// file and the actual public-key parsed from that file; the path to +// the server's initial STR file and the actual STR parsed from that file; +// the server's address for receiving STR history requests. +type DirectoryConfig struct { + SignPubkeyPath string `toml:"sign_pubkey_path"` + SigningPubKey sign.PublicKey + + InitSTRPath string `toml:"init_str_path"` + InitSTR *protocol.DirSTR + + Address string `toml:"address"` +} + +// Config maintains the auditor's configurations for all CONIKS +// directories it tracks. +type Config []*DirectoryConfig + +// LoadConfig returns a auditor's configuration read from the given filename. +// It reads the signing public-key file and parses the actual key, and +// the initial STR file and parses the actual STR. +// If there is any parsing or IO-error it returns an error (and the returned +// config will be nil). +func LoadConfig(file string) (*Config, error) { + + var conf Config + // FIXME: Currently assuming there is only one tracked directory + // Add a loop here to iterate over multiple directory + // configs in the file + var dirconf DirectoryConfig + if _, err := toml.DecodeFile(file, &dirconf); err != nil { + return nil, fmt.Errorf("Failed to load config: %v", err) + } + + // load signing key + signPath := utils.ResolvePath(dirconf.SignPubkeyPath, file) + signPubKey, err := ioutil.ReadFile(signPath) + if err != nil { + return nil, fmt.Errorf("Cannot read signing key: %v", err) + } + if len(signPubKey) != sign.PublicKeySize { + return nil, fmt.Errorf("Signing public-key must be 32 bytes (got %d)", len(signPubKey)) + } + + dirconf.SigningPubKey = signPubKey + + // load initial STR + initSTRPath := utils.ResolvePath(dirconf.InitSTRPath, file) + initSTRBytes, err := ioutil.ReadFile(initSTRPath) + initSTR := new(protocol.DirSTR) + if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil { + return nil, fmt.Errorf("Cannot parse initial STR: %v", err) + } + + dirconf.InitSTR = initSTR + + conf = append(conf, &dirconf) + + return &conf, nil +} diff --git a/coniksauditor/doc.go b/coniksauditor/doc.go index d2692d5..c7d1f63 100644 --- a/coniksauditor/doc.go +++ b/coniksauditor/doc.go @@ -1,5 +1,9 @@ /* Package coniksauditor provides an executable of an auditor for the CONIKS key management system. + +Note: The auditor can current only be used in +interactive test mode with a server, and does not +accept auditing requests from CONIKS clients. */ package coniksauditor diff --git a/coniksauditor/encoding.go b/coniksauditor/encoding.go new file mode 100644 index 0000000..dafd980 --- /dev/null +++ b/coniksauditor/encoding.go @@ -0,0 +1,20 @@ +package coniksauditor + +import ( + "encoding/json" + + "github.com/coniks-sys/coniks-go/protocol" +) + +// CreateSTRRequestMsg returns a JSON encoding of +// a protocol.STRHistoryRequest for the given (start, end) epoch +// range. +func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { + return json.Marshal(&protocol.Request{ + Type: protocol.STRType, + Request: &protocol.STRHistoryRequest{ + StartEpoch: start, + EndEpoch: end, + }, + }) +} diff --git a/utils/binutils/encoding.go b/utils/binutils/encoding.go new file mode 100644 index 0000000..ffd8ba5 --- /dev/null +++ b/utils/binutils/encoding.go @@ -0,0 +1,68 @@ +package binutils + +import ( + "encoding/json" + + "github.com/coniks-sys/coniks-go/protocol" +) + +// MarshalResponse returns a JSON encoding of the server's response. +func MarshalResponse(response *protocol.Response) ([]byte, error) { + return json.Marshal(response) +} + +// UnmarshalResponse decodes the given message into a protocol.Response +// according to the given request type t. The request types are integer +// constants defined in the protocol package. +func UnmarshalResponse(t int, msg []byte) *protocol.Response { + type Response struct { + Error protocol.ErrorCode + DirectoryResponse json.RawMessage + } + var res Response + if err := json.Unmarshal(msg, &res); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + + // DirectoryResponse is omitempty for the places + // where Error is in Errors + if res.DirectoryResponse == nil { + if !protocol.Errors[res.Error] { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + } + } + + switch t { + case protocol.RegistrationType, protocol.KeyLookupType, protocol.KeyLookupInEpochType, protocol.MonitoringType: + response := new(protocol.DirectoryProof) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } + case protocol.AuditType, protocol.STRType: + response := new(protocol.STRHistoryRange) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } + default: + panic("Unknown request type") + } +} diff --git a/utils/binutils/encoding_test.go b/utils/binutils/encoding_test.go new file mode 100644 index 0000000..0a98b61 --- /dev/null +++ b/utils/binutils/encoding_test.go @@ -0,0 +1,88 @@ +package binutils + +import ( + "bytes" + "encoding/json" + "testing" + + "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/protocol/directory" +) + +func TestUnmarshalErrorResponse(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ErrMalformedMessage) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.RegistrationType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } +} + +func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.AuditType, msg) + if res.Error != protocol.ErrAuditLog { + t.Error("Expect error", protocol.ErrAuditLog, + "got", res.Error) + } +} + +func TestUnmarshalMalformedDirectoryProof(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.RegistrationType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } +} + +func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.STRType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } +} + +func TestUnmarshalSampleClientMessage(t *testing.T) { + d, _ := directory.NewTestDirectory(t, true) + res := d.Register(&protocol.RegistrationRequest{ + Username: "alice", + Key: []byte("key")}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.RegistrationType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } +} + +func TestUnmarshalSampleAuditorMessage(t *testing.T) { + d, _ := directory.NewTestDirectory(t, true) + res := d.GetSTRHistory(&protocol.STRHistoryRequest{ + StartEpoch: uint64(0), + EndEpoch: uint64(1)}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.STRType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } +} diff --git a/utils/binutils/logger.go b/utils/binutils/logger.go new file mode 100644 index 0000000..060c520 --- /dev/null +++ b/utils/binutils/logger.go @@ -0,0 +1,134 @@ +package binutils + +import ( + "strings" + + "go.uber.org/zap" + "go.uber.org/zap/zapcore" +) + +// Logger is a wrapper for zap.SugaredLogger. +type Logger struct { + zLogger *zap.SugaredLogger +} + +// A LoggerConfig contains the running environment +// which is either "development" or "production", +// the path of file to write the logging output to, +// and an option to explicitly enable stracktrace output. +type LoggerConfig struct { + EnableStacktrace bool `toml:"enable_stacktrace,omitempty"` + Environment string `toml:"env"` + Path string `toml:"path,omitempty"` +} + +// NewLogger builds an instance of Logger with +// default configurations. This logger writes +// DebugLevel and above logs in development environment, +// InfoLevel and above logs in production environment +// to stderr and the file specified in conf, +// in a human-friendly format. +func NewLogger(conf *LoggerConfig) *Logger { + zLevel := zap.NewAtomicLevel() + switch { + case strings.EqualFold("development", conf.Environment): + zLevel.SetLevel(zap.DebugLevel) + case strings.EqualFold("production", conf.Environment): + zLevel.SetLevel(zap.InfoLevel) + default: + panic("Environment must be either development or production") + } + + zOutputPaths := []string{"stderr"} + if conf.Path != "" { + zOutputPaths = append(zOutputPaths, conf.Path) + } + + zConfig := &zap.Config{ + Level: zLevel, + Development: false, + Encoding: "console", + DisableStacktrace: !conf.EnableStacktrace, // the developer needs to explicitly enable this + EncoderConfig: zapcore.EncoderConfig{ + TimeKey: "timestamp", + LevelKey: "level", + NameKey: "logger", + CallerKey: "path", + MessageKey: "msg", + StacktraceKey: "stack", + EncodeLevel: zapcore.CapitalLevelEncoder, + EncodeTime: zapcore.ISO8601TimeEncoder, + EncodeDuration: zapcore.StringDurationEncoder, + }, + OutputPaths: zOutputPaths, + } + + logger, err := zConfig.Build() + if err != nil { + panic(err) + } + return &Logger{logger.Sugar()} +} + +// Debug logs a message that is most useful to debug, +// with some additional context addressed by key-value pairs. +func (l *Logger) Debug(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Debug(msg) + } else { + l.zLogger.Debugw(msg, keysAndValues...) + } +} + +// Info logs a message that highlights the progress of the application +// and generally can be ignored under normal circumstances, +// with some additional context addressed by key-value pairs. +func (l *Logger) Info(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Info(msg) + } else { + l.zLogger.Infow(msg, keysAndValues...) + } +} + +// Warn logs a message that indicates potentially harmful situations, +// with some additional context addressed by key-value pairs. +func (l *Logger) Warn(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Warn(msg) + } else { + l.zLogger.Warnw(msg, keysAndValues...) + } +} + +// Error logs a message that is fatal to the operation, +// but not the service or application, and forces admin intervention, +// with some additional context addressed by key-value pairs. +// This still allow the application to continue running. +func (l *Logger) Error(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Error(msg) + } else { + l.zLogger.Errorw(msg, keysAndValues...) + } +} + +// Panic logs a message that is a severe error event, +// leads the application to abort, with some additional +// context addressed by key-value pairs. It then panics. +func (l *Logger) Panic(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Panic(msg) + } else { + l.zLogger.Panicw(msg, keysAndValues...) + } +} + +// Fatal is the same as Panic but it then calls os.Exit instead. +func (l *Logger) Fatal(msg string, keysAndValues ...interface{}) { + if keysAndValues == nil { + l.zLogger.Fatal(msg) + } else { + l.zLogger.Fatalw(msg, keysAndValues...) + } +} From 5e39cbbb0f1d95e7cf5c65ce8a8dc58a14b8ac6c Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Sat, 4 Nov 2017 19:52:48 -0700 Subject: [PATCH 3/9] Add base auditor cli files --- coniksauditor/cli/coniksauditor.go | 11 ++++++++ coniksauditor/cli/internal/cmd/root.go | 34 +++++++++++++++++++++++ coniksauditor/cli/internal/cmd/version.go | 22 +++++++++++++++ 3 files changed, 67 insertions(+) create mode 100644 coniksauditor/cli/coniksauditor.go create mode 100644 coniksauditor/cli/internal/cmd/root.go create mode 100644 coniksauditor/cli/internal/cmd/version.go diff --git a/coniksauditor/cli/coniksauditor.go b/coniksauditor/cli/coniksauditor.go new file mode 100644 index 0000000..39b2792 --- /dev/null +++ b/coniksauditor/cli/coniksauditor.go @@ -0,0 +1,11 @@ +// Executable CONIKS auditor. See README for +// usage instructions. +package main + +import ( + "github.com/coniks-sys/coniks-go/coniksauditor/cli/internal/cmd" +) + +func main() { + cmd.Execute() +} diff --git a/coniksauditor/cli/internal/cmd/root.go b/coniksauditor/cli/internal/cmd/root.go new file mode 100644 index 0000000..647f618 --- /dev/null +++ b/coniksauditor/cli/internal/cmd/root.go @@ -0,0 +1,34 @@ +package cmd + +import ( + "fmt" + "os" + + "github.com/spf13/cobra" +) + +// RootCmd represents the base "auditor" command when called without any +// subcommands (register, lookup, ...). +var RootCmd = &cobra.Command{ + Use: "coniksauditor", + Short: "CONIKS auditor reference implementation in Go", + Long: ` +________ _______ __ _ ___ ___ _ _______ +| || || | | || || | | || | +| || _ || |_| || || |_| || _____| +| || | | || || || _|| |_____ +| _|| |_| || _ || || |_ |_____ | +| |_ | || | | || || _ | _____| | +|_______||_______||_| |__||___||___| |_||_______| +`, +} + +// Execute adds all child commands to the root command sets flags +// appropriately. +// This is called by main.main(). It only needs to happen once to the rootCmd. +func Execute() { + if err := RootCmd.Execute(); err != nil { + fmt.Println(err) + os.Exit(-1) + } +} diff --git a/coniksauditor/cli/internal/cmd/version.go b/coniksauditor/cli/internal/cmd/version.go new file mode 100644 index 0000000..8b6207a --- /dev/null +++ b/coniksauditor/cli/internal/cmd/version.go @@ -0,0 +1,22 @@ +package cmd + +import ( + "fmt" + + "github.com/coniks-sys/coniks-go/internal" + "github.com/spf13/cobra" +) + +var versionCmd = &cobra.Command{ + Use: "version", + Short: "Print the version number of coniksauditor.", + Long: `Print the version number of coniksauditor.`, + Run: func(cmd *cobra.Command, args []string) { + fmt.Println("All software has versions. This is coniksauditor's:") + fmt.Println("coniksauditor v" + internal.Version) + }, +} + +func init() { + RootCmd.AddCommand(versionCmd) +} From dd36f26adbb4c6007fbffbeaeae3eae0be521b32 Mon Sep 17 00:00:00 2001 From: Marcela M Date: Thu, 9 Nov 2017 11:53:55 -0500 Subject: [PATCH 4/9] Fix broken imports --- application/bots/twitterbot.go | 1 + cli/coniksclient/internal/cmd/run.go | 2 +- cli/coniksserver/internal/cmd/init.go | 2 +- coniksauditor/config.go | 8 +- coniksauditor/encoding.go | 18 ++-- utils/binutils/encoding.go | 102 ++++++++++---------- utils/binutils/encoding_test.go | 130 +++++++++++++------------- 7 files changed, 132 insertions(+), 131 deletions(-) diff --git a/application/bots/twitterbot.go b/application/bots/twitterbot.go index 7d433c4..95fdd72 100644 --- a/application/bots/twitterbot.go +++ b/application/bots/twitterbot.go @@ -12,6 +12,7 @@ import ( "github.com/coniks-sys/coniks-go/application" "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/dghubble/go-twitter/twitter" "github.com/dghubble/oauth1" ) diff --git a/cli/coniksclient/internal/cmd/run.go b/cli/coniksclient/internal/cmd/run.go index 750706f..ee85315 100644 --- a/cli/coniksclient/internal/cmd/run.go +++ b/cli/coniksclient/internal/cmd/run.go @@ -13,7 +13,7 @@ import ( "github.com/coniks-sys/coniks-go/cli" "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/client" - "github.com/coniks-sys/coniks-go/utils" + "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/spf13/cobra" "golang.org/x/crypto/ssh/terminal" ) diff --git a/cli/coniksserver/internal/cmd/init.go b/cli/coniksserver/internal/cmd/init.go index e9b3903..585c42d 100644 --- a/cli/coniksserver/internal/cmd/init.go +++ b/cli/coniksserver/internal/cmd/init.go @@ -12,6 +12,7 @@ import ( "github.com/coniks-sys/coniks-go/crypto/sign" "github.com/coniks-sys/coniks-go/crypto/vrf" "github.com/coniks-sys/coniks-go/utils" + "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/spf13/cobra" ) @@ -53,7 +54,6 @@ func mkConfig(dir string) { }, }, } - logger := &application.LoggerConfig{ EnableStacktrace: true, Environment: "development", diff --git a/coniksauditor/config.go b/coniksauditor/config.go index b66bb82..d6c9804 100644 --- a/coniksauditor/config.go +++ b/coniksauditor/config.go @@ -1,14 +1,14 @@ package coniksauditor import ( + "encoding/json" "fmt" "io/ioutil" - "encoding/json" "github.com/BurntSushi/toml" "github.com/coniks-sys/coniks-go/crypto/sign" - "github.com/coniks-sys/coniks-go/utils" "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/utils" ) // DirectoryConfig contains the auditor's configuration needed to send a @@ -18,10 +18,10 @@ import ( // the server's address for receiving STR history requests. type DirectoryConfig struct { SignPubkeyPath string `toml:"sign_pubkey_path"` - SigningPubKey sign.PublicKey + SigningPubKey sign.PublicKey InitSTRPath string `toml:"init_str_path"` - InitSTR *protocol.DirSTR + InitSTR *protocol.DirSTR Address string `toml:"address"` } diff --git a/coniksauditor/encoding.go b/coniksauditor/encoding.go index dafd980..9f0de79 100644 --- a/coniksauditor/encoding.go +++ b/coniksauditor/encoding.go @@ -1,20 +1,20 @@ package coniksauditor import ( - "encoding/json" + "encoding/json" - "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/protocol" ) // CreateSTRRequestMsg returns a JSON encoding of // a protocol.STRHistoryRequest for the given (start, end) epoch // range. func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { - return json.Marshal(&protocol.Request{ - Type: protocol.STRType, - Request: &protocol.STRHistoryRequest{ - StartEpoch: start, - EndEpoch: end, - }, - }) + return json.Marshal(&protocol.Request{ + Type: protocol.STRType, + Request: &protocol.STRHistoryRequest{ + StartEpoch: start, + EndEpoch: end, + }, + }) } diff --git a/utils/binutils/encoding.go b/utils/binutils/encoding.go index ffd8ba5..d85aa32 100644 --- a/utils/binutils/encoding.go +++ b/utils/binutils/encoding.go @@ -1,68 +1,68 @@ package binutils import ( - "encoding/json" + "encoding/json" - "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/protocol" ) // MarshalResponse returns a JSON encoding of the server's response. func MarshalResponse(response *protocol.Response) ([]byte, error) { - return json.Marshal(response) + return json.Marshal(response) } // UnmarshalResponse decodes the given message into a protocol.Response // according to the given request type t. The request types are integer // constants defined in the protocol package. func UnmarshalResponse(t int, msg []byte) *protocol.Response { - type Response struct { - Error protocol.ErrorCode - DirectoryResponse json.RawMessage - } - var res Response - if err := json.Unmarshal(msg, &res); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } + type Response struct { + Error protocol.ErrorCode + DirectoryResponse json.RawMessage + } + var res Response + if err := json.Unmarshal(msg, &res); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } - // DirectoryResponse is omitempty for the places - // where Error is in Errors - if res.DirectoryResponse == nil { - if !protocol.Errors[res.Error] { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - } - } + // DirectoryResponse is omitempty for the places + // where Error is in Errors + if res.DirectoryResponse == nil { + if !protocol.Errors[res.Error] { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + } + } - switch t { - case protocol.RegistrationType, protocol.KeyLookupType, protocol.KeyLookupInEpochType, protocol.MonitoringType: - response := new(protocol.DirectoryProof) - if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - DirectoryResponse: response, - } - case protocol.AuditType, protocol.STRType: - response := new(protocol.STRHistoryRange) - if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - DirectoryResponse: response, - } - default: - panic("Unknown request type") - } + switch t { + case protocol.RegistrationType, protocol.KeyLookupType, protocol.KeyLookupInEpochType, protocol.MonitoringType: + response := new(protocol.DirectoryProof) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } + case protocol.AuditType, protocol.STRType: + response := new(protocol.STRHistoryRange) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } + default: + panic("Unknown request type") + } } diff --git a/utils/binutils/encoding_test.go b/utils/binutils/encoding_test.go index 0a98b61..fb3c562 100644 --- a/utils/binutils/encoding_test.go +++ b/utils/binutils/encoding_test.go @@ -1,88 +1,88 @@ package binutils import ( - "bytes" - "encoding/json" - "testing" + "bytes" + "encoding/json" + "testing" - "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/protocol/directory" + "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/protocol/directory" ) func TestUnmarshalErrorResponse(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ErrMalformedMessage) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.RegistrationType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } + errResponse := protocol.NewErrorResponse(protocol.ErrMalformedMessage) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.RegistrationType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } } func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.AuditType, msg) - if res.Error != protocol.ErrAuditLog { - t.Error("Expect error", protocol.ErrAuditLog, - "got", res.Error) - } + errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.AuditType, msg) + if res.Error != protocol.ErrAuditLog { + t.Error("Expect error", protocol.ErrAuditLog, + "got", res.Error) + } } func TestUnmarshalMalformedDirectoryProof(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.RegistrationType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.RegistrationType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } } func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.STRType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.STRType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } } func TestUnmarshalSampleClientMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) - res := d.Register(&protocol.RegistrationRequest{ - Username: "alice", - Key: []byte("key")}) - msg, _ := MarshalResponse(res) - response := UnmarshalResponse(protocol.RegistrationType, []byte(msg)) - str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] - if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { - t.Error("Cannot unmarshal Associate Data properly") - } + d, _ := directory.NewTestDirectory(t, true) + res := d.Register(&protocol.RegistrationRequest{ + Username: "alice", + Key: []byte("key")}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.RegistrationType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } } func TestUnmarshalSampleAuditorMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) - res := d.GetSTRHistory(&protocol.STRHistoryRequest{ - StartEpoch: uint64(0), - EndEpoch: uint64(1)}) - msg, _ := MarshalResponse(res) - response := UnmarshalResponse(protocol.STRType, []byte(msg)) - str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] - if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { - t.Error("Cannot unmarshal Associate Data properly") - } + d, _ := directory.NewTestDirectory(t, true) + res := d.GetSTRHistory(&protocol.STRHistoryRequest{ + StartEpoch: uint64(0), + EndEpoch: uint64(1)}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.STRType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } } From 273e1c5834220d9ba6256764039226d2b5b3841a Mon Sep 17 00:00:00 2001 From: Marcela M Date: Thu, 9 Nov 2017 17:51:39 -0500 Subject: [PATCH 5/9] Add init command to auditor --- coniksauditor/README.md | 6 +-- coniksauditor/cli/internal/cmd/init.go | 61 ++++++++++++++++++++++++++ coniksauditor/config.go | 1 - utils/binutils/encoding.go | 16 +++++++ 4 files changed, 80 insertions(+), 4 deletions(-) create mode 100644 coniksauditor/cli/internal/cmd/init.go diff --git a/coniksauditor/README.md b/coniksauditor/README.md index 1943910..8aaa281 100644 --- a/coniksauditor/README.md +++ b/coniksauditor/README.md @@ -34,7 +34,7 @@ Use "coniksauditor [command] --help" for more information about a command. - Make sure you have at least one running CONIKS directory for your auditor to track. For information on setting up a CONIKS directory, -see our [CONIKS server setup guide](https://github.com/coniks-sys/coniks-go/tree/master/coniksserver/README.md). +see our [CONIKS server setup guide](https://github.com/coniks-sys/coniks-go/blob/master/coniksserver/README.md). - Generate the configuration file: ``` @@ -55,9 +55,9 @@ we currently only configure the test auditor with a single directory for simplc ⇒ coniksauditor test # this will open a REPL ``` -##### Retrieve and verify the latest STR history from the given directory +##### Update the auditor with the latest STR history from the given directory ``` -> getlatest [dir] +> update [dir] # The auditor should display something like this if the request is successful [+] Valid! The auditor is up-to-date on the STR history of [dir] ``` diff --git a/coniksauditor/cli/internal/cmd/init.go b/coniksauditor/cli/internal/cmd/init.go new file mode 100644 index 0000000..cac39bf --- /dev/null +++ b/coniksauditor/cli/internal/cmd/init.go @@ -0,0 +1,61 @@ +package cmd + +import ( + "fmt" + "path" + + "bytes" + "os" + + "github.com/BurntSushi/toml" + "github.com/coniks-sys/coniks-go/coniksauditor" + "github.com/coniks-sys/coniks-go/utils" + "github.com/spf13/cobra" +) + +var initCmd = &cobra.Command{ + Use: "init", + Short: "Creates a config file for the auditor.", + Long: `Creates a file config.toml in the current working directory with +the following content: + +sign_pubkey_path = "../../keyserver/coniksserver/sign.pub" +init_str_path = "../../keyserver/coniksserver/init_str" +address = "tcp://127.0.0.1:3000" + +If the keyserver's public keys are somewhere else, you will have to modify the +config file accordingly. +`, + Run: func(cmd *cobra.Command, args []string) { + dir := cmd.Flag("dir").Value.String() + mkConfigOrExit(dir) + }, +} + +func init() { + RootCmd.AddCommand(initCmd) + initCmd.Flags().StringP("dir", "d", ".", + "Location of directory for storing generated files") +} + +func mkConfigOrExit(dir string) { + file := path.Join(dir, "config.toml") + var conf = coniksauditor.DirectoryConfig{ + SignPubkeyPath: "../../keyserver/coniksserver/sign.pub", + InitSTRPath: "../../keyserver/coniksserver/init_str", + Address: "tcp://127.0.0.1:3000", + } + + var confBuf bytes.Buffer + enc := toml.NewEncoder(&confBuf) + if err := enc.Encode(conf); err != nil { + fmt.Println("Coulnd't encode config. Error message: [" + + err.Error() + "]") + os.Exit(-1) + } + if err := utils.WriteFile(file, confBuf.Bytes(), 0644); err != nil { + fmt.Println("Coulnd't write config. Error message: [" + + err.Error() + "]") + os.Exit(-1) + } +} diff --git a/coniksauditor/config.go b/coniksauditor/config.go index d6c9804..a06a992 100644 --- a/coniksauditor/config.go +++ b/coniksauditor/config.go @@ -36,7 +36,6 @@ type Config []*DirectoryConfig // If there is any parsing or IO-error it returns an error (and the returned // config will be nil). func LoadConfig(file string) (*Config, error) { - var conf Config // FIXME: Currently assuming there is only one tracked directory // Add a loop here to iterate over multiple directory diff --git a/utils/binutils/encoding.go b/utils/binutils/encoding.go index d85aa32..eaa8e8a 100644 --- a/utils/binutils/encoding.go +++ b/utils/binutils/encoding.go @@ -2,8 +2,10 @@ package binutils import ( "encoding/json" + "log" "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/utils" ) // MarshalResponse returns a JSON encoding of the server's response. @@ -66,3 +68,17 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response { panic("Unknown request type") } } + +// MarshalSTRToFile serializes the given STR to the given path. +func MarshalSTRToFile(str *protocol.DirSTR, path string) { + strBytes, err := json.Marshal(str) + if err != nil { + log.Print(err) + return + } + + if err := utils.WriteFile(path, strBytes, 0600); err != nil { + log.Println(err) + return + } +} From 7466552d8a2fab9bfc9ff775982dc8b7414f58ba Mon Sep 17 00:00:00 2001 From: "Marcela S. Melara" Date: Wed, 20 Dec 2017 18:33:41 -0500 Subject: [PATCH 6/9] Rebase auditor-cli code onto refactored cli package --- application/auditor/config.go | 87 +++++++++++++++++++ {coniksauditor => application/auditor}/doc.go | 6 +- application/bots/twitterbot.go | 1 - application/config.go | 22 +++++ application/encoding.go | 41 +++++++++ application/encoding_test.go | 43 ++++++++- application/server/config.go | 2 + application/server/server.go | 6 ++ application/server/server_test.go | 16 ---- .../coniksauditor}/README.md | 0 cli/coniksauditor/coniksauditor.go | 12 +++ cli/coniksauditor/internal/cmd/init.go | 36 ++++++++ .../coniksauditor}/internal/cmd/root.go | 25 ++---- cli/coniksauditor/internal/cmd/version.go | 11 +++ cli/coniksclient/internal/cmd/run.go | 1 - cli/coniksserver/internal/cmd/init.go | 1 - coniksauditor/cli/coniksauditor.go | 11 --- coniksauditor/cli/internal/cmd/init.go | 61 ------------- coniksauditor/cli/internal/cmd/version.go | 22 ----- coniksauditor/config.go | 73 ---------------- coniksauditor/encoding.go | 20 ----- 21 files changed, 266 insertions(+), 231 deletions(-) create mode 100644 application/auditor/config.go rename {coniksauditor => application/auditor}/doc.go (55%) rename {coniksauditor => cli/coniksauditor}/README.md (100%) create mode 100644 cli/coniksauditor/coniksauditor.go create mode 100644 cli/coniksauditor/internal/cmd/init.go rename {coniksauditor/cli => cli/coniksauditor}/internal/cmd/root.go (53%) create mode 100644 cli/coniksauditor/internal/cmd/version.go delete mode 100644 coniksauditor/cli/coniksauditor.go delete mode 100644 coniksauditor/cli/internal/cmd/init.go delete mode 100644 coniksauditor/cli/internal/cmd/version.go delete mode 100644 coniksauditor/config.go delete mode 100644 coniksauditor/encoding.go diff --git a/application/auditor/config.go b/application/auditor/config.go new file mode 100644 index 0000000..e1d66cb --- /dev/null +++ b/application/auditor/config.go @@ -0,0 +1,87 @@ +package auditor + +import ( + "github.com/coniks-sys/coniks-go/application" + "github.com/coniks-sys/coniks-go/crypto/sign" + "github.com/coniks-sys/coniks-go/protocol" +) + +// directoryConfig contains the auditor's configuration needed to send a +// request to a CONIKS server: the path to the server's signing public-key +// file and the actual public-key parsed from that file; the path to +// the server's initial STR file and the actual STR parsed from that file; +// the server's address for receiving STR history requests. +type directoryConfig struct { + SignPubkeyPath string `toml:"sign_pubkey_path"` + SigningPubKey sign.PublicKey + + InitSTRPath string `toml:"init_str_path"` + InitSTR *protocol.DirSTR + + Address string `toml:"address"` +} + +// Config maintains the auditor's configurations for all CONIKS +// directories it tracks. +type Config struct { + TrackedDirs []*directoryConfig + // TODO: Add server-side auditor config +} + +var _ application.AppConfig = (*Config)(nil) + +func newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) *directoryConfig { + var dconf = directoryConfig{ + SignPubkeyPath: signPubkeyPath, + InitSTRPath: initSTRPath, + Address: serverAddr, + } + + return &dconf +} + +// NewConfig initializes a new auditor configuration with the given +// server signing public key path, registration address, and +// server address. +func NewConfig() *Config { + var conf = Config{ + TrackedDirs: make([]*directoryConfig, 0), + } + return &conf +} + +// AddDirectoryConfig adds the given CONIKS server settings to the +// auditor's configuration. +func (conf *Config) AddDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) { + dconf := newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr) + conf.TrackedDirs = append(conf.TrackedDirs, dconf) +} + +// Load initializes an auditor's configuration from the given file. +// For each directory in the configuration, it reads the signing public-key file +// and initial STR file, and parses the actual key and initial STR. +func (conf *Config) Load(file string) error { + tmp, err := application.LoadConfig(file) + if err != nil { + return err + } + conf = tmp.(*Config) + + for _, dconf := range conf.TrackedDirs { + // load signing key + signPubKey, err := application.LoadSigningPubKey(dconf.SignPubkeyPath, file) + if err != nil { + return err + } + dconf.SigningPubKey = signPubKey + + // load initial STR + initSTR, err := application.LoadInitSTR(dconf.InitSTRPath, file) + if err != nil { + return err + } + dconf.InitSTR = initSTR + } + + return nil +} diff --git a/coniksauditor/doc.go b/application/auditor/doc.go similarity index 55% rename from coniksauditor/doc.go rename to application/auditor/doc.go index c7d1f63..23487bc 100644 --- a/coniksauditor/doc.go +++ b/application/auditor/doc.go @@ -1,9 +1,9 @@ /* -Package coniksauditor provides an executable of -an auditor for the CONIKS key management system. +Package auditor implements the CONIKS auditor service +protocol. Note: The auditor can current only be used in interactive test mode with a server, and does not accept auditing requests from CONIKS clients. */ -package coniksauditor +package auditor diff --git a/application/bots/twitterbot.go b/application/bots/twitterbot.go index 95fdd72..7d433c4 100644 --- a/application/bots/twitterbot.go +++ b/application/bots/twitterbot.go @@ -12,7 +12,6 @@ import ( "github.com/coniks-sys/coniks-go/application" "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/dghubble/go-twitter/twitter" "github.com/dghubble/oauth1" ) diff --git a/application/config.go b/application/config.go index d5f9345..dc78068 100644 --- a/application/config.go +++ b/application/config.go @@ -2,11 +2,13 @@ package application import ( "bytes" + "encoding/json" "fmt" "io/ioutil" "github.com/BurntSushi/toml" "github.com/coniks-sys/coniks-go/crypto/sign" + "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/utils" ) @@ -33,6 +35,26 @@ func LoadSigningPubKey(path, file string) (sign.PublicKey, error) { return signPubKey, nil } +// LoadIinitSTR loads an initial STR at the given path +// specified in the given config file. +// If there is any parsing error or the STR is malformed, +// LoadInitSTR() returns an error with a nil STR. +func LoadInitSTR(path, file string) (*protocol.DirSTR, error) { + initSTRPath := utils.ResolvePath(path, file) + initSTRBytes, err := ioutil.ReadFile(initSTRPath) + if err != nil { + return nil, fmt.Errorf("Cannot read init STR: %v", err) + } + initSTR := new(protocol.DirSTR) + if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil { + return nil, fmt.Errorf("Cannot parse initial STR: %v", err) + } + if initSTR.Epoch != 0 { + return nil, fmt.Errorf("Initial STR epoch must be 0 (got %d)", initSTR.Epoch) + } + return initSTR, nil +} + // LoadConfig loads an application configuration from the given toml-encoded // file. If there is any decoding error, an LoadConfig() returns an error // with a nil config. diff --git a/application/encoding.go b/application/encoding.go index 467b17c..937f93d 100644 --- a/application/encoding.go +++ b/application/encoding.go @@ -8,6 +8,7 @@ import ( "encoding/json" "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/utils" ) // MarshalRequest returns a JSON encoding of the client's request. @@ -39,6 +40,8 @@ func UnmarshalRequest(msg []byte) (*protocol.Request, error) { request = new(protocol.KeyLookupInEpochRequest) case protocol.MonitoringType: request = new(protocol.MonitoringRequest) + case protocol.STRType: + request = new(protocol.STRHistoryRequest) } if err := json.Unmarshal(content, &request); err != nil { return nil, err @@ -92,6 +95,17 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response { Error: res.Error, DirectoryResponse: response, } + case protocol.AuditType, protocol.STRType: + response := new(protocol.STRHistoryRange) + if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } + } + return &protocol.Response{ + Error: res.Error, + DirectoryResponse: response, + } default: panic("Unknown request type") } @@ -104,3 +118,30 @@ func malformedClientMsg(err error) *protocol.Response { } return protocol.NewErrorResponse(protocol.ErrMalformedMessage) } + +// CreateSTRRequestMsg returns a JSON encoding of +// a protocol.STRHistoryRequest for the given (start, end) epoch +// range. +func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { + return json.Marshal(&protocol.Request{ + Type: protocol.STRType, + Request: &protocol.STRHistoryRequest{ + StartEpoch: start, + EndEpoch: end, + }, + }) +} + +// MarshalSTRToFile serializes the given STR to the given path. +func MarshalSTRToFile(str *protocol.DirSTR, path string) error { + strBytes, err := json.Marshal(str) + if err != nil { + return err + } + + if err := utils.WriteFile(path, strBytes, 0600); err != nil { + return err + } + + return nil +} diff --git a/application/encoding_test.go b/application/encoding_test.go index 87433db..9d936a6 100644 --- a/application/encoding_test.go +++ b/application/encoding_test.go @@ -22,7 +22,20 @@ func TestUnmarshalErrorResponse(t *testing.T) { } } -func TestUnmarshalMalformedErrorResponse(t *testing.T) { +func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.AuditType, msg) + if res.Error != protocol.ErrAuditLog { + t.Error("Expect error", protocol.ErrAuditLog, + "got", res.Error) + } +} + +func TestUnmarshalMalformedDirectoryProof(t *testing.T) { errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) msg, err := json.Marshal(errResponse) if err != nil { @@ -35,7 +48,20 @@ func TestUnmarshalMalformedErrorResponse(t *testing.T) { } } -func TestUnmarshalSampleMessage(t *testing.T) { +func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { + errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) + msg, err := json.Marshal(errResponse) + if err != nil { + t.Fatal(err) + } + res := UnmarshalResponse(protocol.STRType, msg) + if res.Error != protocol.ErrMalformedMessage { + t.Error("Expect error", protocol.ErrMalformedMessage, + "got", res.Error) + } +} + +func TestUnmarshalSampleClientMessage(t *testing.T) { d, _ := directory.NewTestDirectory(t, true) res := d.Register(&protocol.RegistrationRequest{ Username: "alice", @@ -47,3 +73,16 @@ func TestUnmarshalSampleMessage(t *testing.T) { t.Error("Cannot unmarshal Associate Data properly") } } + +func TestUnmarshalSampleAuditorMessage(t *testing.T) { + d, _ := directory.NewTestDirectory(t, true) + res := d.GetSTRHistory(&protocol.STRHistoryRequest{ + StartEpoch: uint64(0), + EndEpoch: uint64(1)}) + msg, _ := MarshalResponse(res) + response := UnmarshalResponse(protocol.STRType, []byte(msg)) + str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] + if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { + t.Error("Cannot unmarshal Associate Data properly") + } +} diff --git a/application/server/config.go b/application/server/config.go index 297e32d..e183e3c 100644 --- a/application/server/config.go +++ b/application/server/config.go @@ -20,6 +20,8 @@ type Config struct { LoadedHistoryLength uint64 `toml:"loaded_history_length"` // Policies contains the server's CONIKS policies configuration. Policies *Policies `toml:"policies"` + // Path to store the initial STR + InitSTRPath string `toml:"init_str_path"` // Addresses contains the server's connections configuration. Addresses []*Address `toml:"addresses"` } diff --git a/application/server/server.go b/application/server/server.go index 47a48ab..eb1f0b1 100644 --- a/application/server/server.go +++ b/application/server/server.go @@ -6,6 +6,7 @@ import ( "github.com/coniks-sys/coniks-go/application" "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/directory" + "github.com/coniks-sys/coniks-go/utils" ) // An Address describes a server's connection. @@ -68,6 +69,11 @@ func NewConiksServer(conf *Config) *ConiksServer { epochTimer: time.NewTimer(time.Duration(conf.Policies.EpochDeadline) * time.Second), } + // save the initial STR to be used for initializing auditors + initSTRPath := utils.ResolvePath(conf.InitSTRPath, + conf.ConfigFilePath) + application.MarshalSTRToFile(server.dir.LatestSTR(), initSTRPath) + return server } diff --git a/application/server/server_test.go b/application/server/server_test.go index bf15445..236ba9b 100644 --- a/application/server/server_test.go +++ b/application/server/server_test.go @@ -13,10 +13,6 @@ import ( "github.com/coniks-sys/coniks-go/crypto/sign" "github.com/coniks-sys/coniks-go/crypto/vrf" "github.com/coniks-sys/coniks-go/protocol" -<<<<<<< HEAD:application/server/server_test.go -======= - "github.com/coniks-sys/coniks-go/utils/binutils" ->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go ) var registrationMsg = ` @@ -87,20 +83,8 @@ func newTestServer(t *testing.T, epDeadline protocol.Timestamp, useBot bool, }, LoadedHistoryLength: 100, Addresses: addrs, -<<<<<<< HEAD:application/server/server_test.go Policies: NewPolicies(epDeadline, "", "", vrfKey, signKey), -======= - Policies: &ServerPolicies{ - EpochDeadline: epDeadline, - vrfKey: vrfKey, - signKey: signKey, - }, - Logger: &binutils.LoggerConfig{ - Environment: "development", - Path: path.Join(dir, "coniksserver.log"), - }, ->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go } return NewConiksServer(conf), conf diff --git a/coniksauditor/README.md b/cli/coniksauditor/README.md similarity index 100% rename from coniksauditor/README.md rename to cli/coniksauditor/README.md diff --git a/cli/coniksauditor/coniksauditor.go b/cli/coniksauditor/coniksauditor.go new file mode 100644 index 0000000..9f5d1f2 --- /dev/null +++ b/cli/coniksauditor/coniksauditor.go @@ -0,0 +1,12 @@ +// Executable CONIKS auditor. See README for +// usage instructions. +package main + +import ( + "github.com/coniks-sys/coniks-go/cli" + "github.com/coniks-sys/coniks-go/cli/coniksauditor/internal/cmd" +) + +func main() { + cli.Execute(cmd.RootCmd) +} diff --git a/cli/coniksauditor/internal/cmd/init.go b/cli/coniksauditor/internal/cmd/init.go new file mode 100644 index 0000000..a0d8d6c --- /dev/null +++ b/cli/coniksauditor/internal/cmd/init.go @@ -0,0 +1,36 @@ +package cmd + +import ( + "fmt" + "os" + "path" + + "github.com/coniks-sys/coniks-go/application" + "github.com/coniks-sys/coniks-go/application/auditor" + "github.com/coniks-sys/coniks-go/cli" + "github.com/spf13/cobra" +) + +var initCmd = cli.NewInitCommand("CONIKS auditor", mkConfigOrExit) + +func init() { + RootCmd.AddCommand(initCmd) + initCmd.Flags().StringP("dir", "d", ".", + "Location of directory for storing generated files") +} + +func mkConfigOrExit(cmd *cobra.Command, args []string) { + dir := cmd.Flag("dir").Value.String() + file := path.Join(dir, "config.toml") + + conf := auditor.NewConfig() + conf.AddDirectoryConfig("../../keyserver/coniksserver/sign.pub", + "../../keyserver/coniksserver/init_str", + "tcp://127.0.0.1:3000") + + if err := application.SaveConfig(file, conf); err != nil { + fmt.Println("Couldn't save config. Error message: [" + + err.Error() + "]") + os.Exit(-1) + } +} diff --git a/coniksauditor/cli/internal/cmd/root.go b/cli/coniksauditor/internal/cmd/root.go similarity index 53% rename from coniksauditor/cli/internal/cmd/root.go rename to cli/coniksauditor/internal/cmd/root.go index 647f618..08ccaa6 100644 --- a/coniksauditor/cli/internal/cmd/root.go +++ b/cli/coniksauditor/internal/cmd/root.go @@ -1,18 +1,14 @@ package cmd import ( - "fmt" - "os" - - "github.com/spf13/cobra" + "github.com/coniks-sys/coniks-go/cli" ) // RootCmd represents the base "auditor" command when called without any // subcommands (register, lookup, ...). -var RootCmd = &cobra.Command{ - Use: "coniksauditor", - Short: "CONIKS auditor reference implementation in Go", - Long: ` +var RootCmd = cli.NewRootCommand("coniksauditor", + "CONIKS auditor service implementation in Go", + ` ________ _______ __ _ ___ ___ _ _______ | || || | | || || | | || | | || _ || |_| || || |_| || _____| @@ -20,15 +16,4 @@ ________ _______ __ _ ___ ___ _ _______ | _|| |_| || _ || || |_ |_____ | | |_ | || | | || || _ | _____| | |_______||_______||_| |__||___||___| |_||_______| -`, -} - -// Execute adds all child commands to the root command sets flags -// appropriately. -// This is called by main.main(). It only needs to happen once to the rootCmd. -func Execute() { - if err := RootCmd.Execute(); err != nil { - fmt.Println(err) - os.Exit(-1) - } -} +`) diff --git a/cli/coniksauditor/internal/cmd/version.go b/cli/coniksauditor/internal/cmd/version.go new file mode 100644 index 0000000..e1c9416 --- /dev/null +++ b/cli/coniksauditor/internal/cmd/version.go @@ -0,0 +1,11 @@ +package cmd + +import ( + "github.com/coniks-sys/coniks-go/cli" +) + +var versionCmd = cli.NewVersionCommand("coniksauditor") + +func init() { + RootCmd.AddCommand(versionCmd) +} diff --git a/cli/coniksclient/internal/cmd/run.go b/cli/coniksclient/internal/cmd/run.go index ee85315..a62dd24 100644 --- a/cli/coniksclient/internal/cmd/run.go +++ b/cli/coniksclient/internal/cmd/run.go @@ -13,7 +13,6 @@ import ( "github.com/coniks-sys/coniks-go/cli" "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/client" - "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/spf13/cobra" "golang.org/x/crypto/ssh/terminal" ) diff --git a/cli/coniksserver/internal/cmd/init.go b/cli/coniksserver/internal/cmd/init.go index 585c42d..e00c884 100644 --- a/cli/coniksserver/internal/cmd/init.go +++ b/cli/coniksserver/internal/cmd/init.go @@ -12,7 +12,6 @@ import ( "github.com/coniks-sys/coniks-go/crypto/sign" "github.com/coniks-sys/coniks-go/crypto/vrf" "github.com/coniks-sys/coniks-go/utils" - "github.com/coniks-sys/coniks-go/utils/binutils" "github.com/spf13/cobra" ) diff --git a/coniksauditor/cli/coniksauditor.go b/coniksauditor/cli/coniksauditor.go deleted file mode 100644 index 39b2792..0000000 --- a/coniksauditor/cli/coniksauditor.go +++ /dev/null @@ -1,11 +0,0 @@ -// Executable CONIKS auditor. See README for -// usage instructions. -package main - -import ( - "github.com/coniks-sys/coniks-go/coniksauditor/cli/internal/cmd" -) - -func main() { - cmd.Execute() -} diff --git a/coniksauditor/cli/internal/cmd/init.go b/coniksauditor/cli/internal/cmd/init.go deleted file mode 100644 index cac39bf..0000000 --- a/coniksauditor/cli/internal/cmd/init.go +++ /dev/null @@ -1,61 +0,0 @@ -package cmd - -import ( - "fmt" - "path" - - "bytes" - "os" - - "github.com/BurntSushi/toml" - "github.com/coniks-sys/coniks-go/coniksauditor" - "github.com/coniks-sys/coniks-go/utils" - "github.com/spf13/cobra" -) - -var initCmd = &cobra.Command{ - Use: "init", - Short: "Creates a config file for the auditor.", - Long: `Creates a file config.toml in the current working directory with -the following content: - -sign_pubkey_path = "../../keyserver/coniksserver/sign.pub" -init_str_path = "../../keyserver/coniksserver/init_str" -address = "tcp://127.0.0.1:3000" - -If the keyserver's public keys are somewhere else, you will have to modify the -config file accordingly. -`, - Run: func(cmd *cobra.Command, args []string) { - dir := cmd.Flag("dir").Value.String() - mkConfigOrExit(dir) - }, -} - -func init() { - RootCmd.AddCommand(initCmd) - initCmd.Flags().StringP("dir", "d", ".", - "Location of directory for storing generated files") -} - -func mkConfigOrExit(dir string) { - file := path.Join(dir, "config.toml") - var conf = coniksauditor.DirectoryConfig{ - SignPubkeyPath: "../../keyserver/coniksserver/sign.pub", - InitSTRPath: "../../keyserver/coniksserver/init_str", - Address: "tcp://127.0.0.1:3000", - } - - var confBuf bytes.Buffer - enc := toml.NewEncoder(&confBuf) - if err := enc.Encode(conf); err != nil { - fmt.Println("Coulnd't encode config. Error message: [" + - err.Error() + "]") - os.Exit(-1) - } - if err := utils.WriteFile(file, confBuf.Bytes(), 0644); err != nil { - fmt.Println("Coulnd't write config. Error message: [" + - err.Error() + "]") - os.Exit(-1) - } -} diff --git a/coniksauditor/cli/internal/cmd/version.go b/coniksauditor/cli/internal/cmd/version.go deleted file mode 100644 index 8b6207a..0000000 --- a/coniksauditor/cli/internal/cmd/version.go +++ /dev/null @@ -1,22 +0,0 @@ -package cmd - -import ( - "fmt" - - "github.com/coniks-sys/coniks-go/internal" - "github.com/spf13/cobra" -) - -var versionCmd = &cobra.Command{ - Use: "version", - Short: "Print the version number of coniksauditor.", - Long: `Print the version number of coniksauditor.`, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("All software has versions. This is coniksauditor's:") - fmt.Println("coniksauditor v" + internal.Version) - }, -} - -func init() { - RootCmd.AddCommand(versionCmd) -} diff --git a/coniksauditor/config.go b/coniksauditor/config.go deleted file mode 100644 index a06a992..0000000 --- a/coniksauditor/config.go +++ /dev/null @@ -1,73 +0,0 @@ -package coniksauditor - -import ( - "encoding/json" - "fmt" - "io/ioutil" - - "github.com/BurntSushi/toml" - "github.com/coniks-sys/coniks-go/crypto/sign" - "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/utils" -) - -// DirectoryConfig contains the auditor's configuration needed to send a -// request to a CONIKS server: the path to the server's signing public-key -// file and the actual public-key parsed from that file; the path to -// the server's initial STR file and the actual STR parsed from that file; -// the server's address for receiving STR history requests. -type DirectoryConfig struct { - SignPubkeyPath string `toml:"sign_pubkey_path"` - SigningPubKey sign.PublicKey - - InitSTRPath string `toml:"init_str_path"` - InitSTR *protocol.DirSTR - - Address string `toml:"address"` -} - -// Config maintains the auditor's configurations for all CONIKS -// directories it tracks. -type Config []*DirectoryConfig - -// LoadConfig returns a auditor's configuration read from the given filename. -// It reads the signing public-key file and parses the actual key, and -// the initial STR file and parses the actual STR. -// If there is any parsing or IO-error it returns an error (and the returned -// config will be nil). -func LoadConfig(file string) (*Config, error) { - var conf Config - // FIXME: Currently assuming there is only one tracked directory - // Add a loop here to iterate over multiple directory - // configs in the file - var dirconf DirectoryConfig - if _, err := toml.DecodeFile(file, &dirconf); err != nil { - return nil, fmt.Errorf("Failed to load config: %v", err) - } - - // load signing key - signPath := utils.ResolvePath(dirconf.SignPubkeyPath, file) - signPubKey, err := ioutil.ReadFile(signPath) - if err != nil { - return nil, fmt.Errorf("Cannot read signing key: %v", err) - } - if len(signPubKey) != sign.PublicKeySize { - return nil, fmt.Errorf("Signing public-key must be 32 bytes (got %d)", len(signPubKey)) - } - - dirconf.SigningPubKey = signPubKey - - // load initial STR - initSTRPath := utils.ResolvePath(dirconf.InitSTRPath, file) - initSTRBytes, err := ioutil.ReadFile(initSTRPath) - initSTR := new(protocol.DirSTR) - if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil { - return nil, fmt.Errorf("Cannot parse initial STR: %v", err) - } - - dirconf.InitSTR = initSTR - - conf = append(conf, &dirconf) - - return &conf, nil -} diff --git a/coniksauditor/encoding.go b/coniksauditor/encoding.go deleted file mode 100644 index 9f0de79..0000000 --- a/coniksauditor/encoding.go +++ /dev/null @@ -1,20 +0,0 @@ -package coniksauditor - -import ( - "encoding/json" - - "github.com/coniks-sys/coniks-go/protocol" -) - -// CreateSTRRequestMsg returns a JSON encoding of -// a protocol.STRHistoryRequest for the given (start, end) epoch -// range. -func CreateSTRRequestMsg(start, end uint64) ([]byte, error) { - return json.Marshal(&protocol.Request{ - Type: protocol.STRType, - Request: &protocol.STRHistoryRequest{ - StartEpoch: start, - EndEpoch: end, - }, - }) -} From 1d3c6d6d8d8fdda2a4281cbc5227f08010bd1e32 Mon Sep 17 00:00:00 2001 From: "Marcela S. Melara" Date: Wed, 20 Dec 2017 19:23:04 -0500 Subject: [PATCH 7/9] Remove old binutils package --- utils/binutils/encoding.go | 84 -------------------- utils/binutils/encoding_test.go | 88 --------------------- utils/binutils/logger.go | 134 -------------------------------- 3 files changed, 306 deletions(-) delete mode 100644 utils/binutils/encoding.go delete mode 100644 utils/binutils/encoding_test.go delete mode 100644 utils/binutils/logger.go diff --git a/utils/binutils/encoding.go b/utils/binutils/encoding.go deleted file mode 100644 index eaa8e8a..0000000 --- a/utils/binutils/encoding.go +++ /dev/null @@ -1,84 +0,0 @@ -package binutils - -import ( - "encoding/json" - "log" - - "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/utils" -) - -// MarshalResponse returns a JSON encoding of the server's response. -func MarshalResponse(response *protocol.Response) ([]byte, error) { - return json.Marshal(response) -} - -// UnmarshalResponse decodes the given message into a protocol.Response -// according to the given request type t. The request types are integer -// constants defined in the protocol package. -func UnmarshalResponse(t int, msg []byte) *protocol.Response { - type Response struct { - Error protocol.ErrorCode - DirectoryResponse json.RawMessage - } - var res Response - if err := json.Unmarshal(msg, &res); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - - // DirectoryResponse is omitempty for the places - // where Error is in Errors - if res.DirectoryResponse == nil { - if !protocol.Errors[res.Error] { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - } - } - - switch t { - case protocol.RegistrationType, protocol.KeyLookupType, protocol.KeyLookupInEpochType, protocol.MonitoringType: - response := new(protocol.DirectoryProof) - if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - DirectoryResponse: response, - } - case protocol.AuditType, protocol.STRType: - response := new(protocol.STRHistoryRange) - if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, - } - } - return &protocol.Response{ - Error: res.Error, - DirectoryResponse: response, - } - default: - panic("Unknown request type") - } -} - -// MarshalSTRToFile serializes the given STR to the given path. -func MarshalSTRToFile(str *protocol.DirSTR, path string) { - strBytes, err := json.Marshal(str) - if err != nil { - log.Print(err) - return - } - - if err := utils.WriteFile(path, strBytes, 0600); err != nil { - log.Println(err) - return - } -} diff --git a/utils/binutils/encoding_test.go b/utils/binutils/encoding_test.go deleted file mode 100644 index fb3c562..0000000 --- a/utils/binutils/encoding_test.go +++ /dev/null @@ -1,88 +0,0 @@ -package binutils - -import ( - "bytes" - "encoding/json" - "testing" - - "github.com/coniks-sys/coniks-go/protocol" - "github.com/coniks-sys/coniks-go/protocol/directory" -) - -func TestUnmarshalErrorResponse(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ErrMalformedMessage) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.RegistrationType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } -} - -func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.AuditType, msg) - if res.Error != protocol.ErrAuditLog { - t.Error("Expect error", protocol.ErrAuditLog, - "got", res.Error) - } -} - -func TestUnmarshalMalformedDirectoryProof(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.RegistrationType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } -} - -func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { - errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound) - msg, err := json.Marshal(errResponse) - if err != nil { - t.Fatal(err) - } - res := UnmarshalResponse(protocol.STRType, msg) - if res.Error != protocol.ErrMalformedMessage { - t.Error("Expect error", protocol.ErrMalformedMessage, - "got", res.Error) - } -} - -func TestUnmarshalSampleClientMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) - res := d.Register(&protocol.RegistrationRequest{ - Username: "alice", - Key: []byte("key")}) - msg, _ := MarshalResponse(res) - response := UnmarshalResponse(protocol.RegistrationType, []byte(msg)) - str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] - if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { - t.Error("Cannot unmarshal Associate Data properly") - } -} - -func TestUnmarshalSampleAuditorMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) - res := d.GetSTRHistory(&protocol.STRHistoryRequest{ - StartEpoch: uint64(0), - EndEpoch: uint64(1)}) - msg, _ := MarshalResponse(res) - response := UnmarshalResponse(protocol.STRType, []byte(msg)) - str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0] - if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { - t.Error("Cannot unmarshal Associate Data properly") - } -} diff --git a/utils/binutils/logger.go b/utils/binutils/logger.go deleted file mode 100644 index 060c520..0000000 --- a/utils/binutils/logger.go +++ /dev/null @@ -1,134 +0,0 @@ -package binutils - -import ( - "strings" - - "go.uber.org/zap" - "go.uber.org/zap/zapcore" -) - -// Logger is a wrapper for zap.SugaredLogger. -type Logger struct { - zLogger *zap.SugaredLogger -} - -// A LoggerConfig contains the running environment -// which is either "development" or "production", -// the path of file to write the logging output to, -// and an option to explicitly enable stracktrace output. -type LoggerConfig struct { - EnableStacktrace bool `toml:"enable_stacktrace,omitempty"` - Environment string `toml:"env"` - Path string `toml:"path,omitempty"` -} - -// NewLogger builds an instance of Logger with -// default configurations. This logger writes -// DebugLevel and above logs in development environment, -// InfoLevel and above logs in production environment -// to stderr and the file specified in conf, -// in a human-friendly format. -func NewLogger(conf *LoggerConfig) *Logger { - zLevel := zap.NewAtomicLevel() - switch { - case strings.EqualFold("development", conf.Environment): - zLevel.SetLevel(zap.DebugLevel) - case strings.EqualFold("production", conf.Environment): - zLevel.SetLevel(zap.InfoLevel) - default: - panic("Environment must be either development or production") - } - - zOutputPaths := []string{"stderr"} - if conf.Path != "" { - zOutputPaths = append(zOutputPaths, conf.Path) - } - - zConfig := &zap.Config{ - Level: zLevel, - Development: false, - Encoding: "console", - DisableStacktrace: !conf.EnableStacktrace, // the developer needs to explicitly enable this - EncoderConfig: zapcore.EncoderConfig{ - TimeKey: "timestamp", - LevelKey: "level", - NameKey: "logger", - CallerKey: "path", - MessageKey: "msg", - StacktraceKey: "stack", - EncodeLevel: zapcore.CapitalLevelEncoder, - EncodeTime: zapcore.ISO8601TimeEncoder, - EncodeDuration: zapcore.StringDurationEncoder, - }, - OutputPaths: zOutputPaths, - } - - logger, err := zConfig.Build() - if err != nil { - panic(err) - } - return &Logger{logger.Sugar()} -} - -// Debug logs a message that is most useful to debug, -// with some additional context addressed by key-value pairs. -func (l *Logger) Debug(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Debug(msg) - } else { - l.zLogger.Debugw(msg, keysAndValues...) - } -} - -// Info logs a message that highlights the progress of the application -// and generally can be ignored under normal circumstances, -// with some additional context addressed by key-value pairs. -func (l *Logger) Info(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Info(msg) - } else { - l.zLogger.Infow(msg, keysAndValues...) - } -} - -// Warn logs a message that indicates potentially harmful situations, -// with some additional context addressed by key-value pairs. -func (l *Logger) Warn(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Warn(msg) - } else { - l.zLogger.Warnw(msg, keysAndValues...) - } -} - -// Error logs a message that is fatal to the operation, -// but not the service or application, and forces admin intervention, -// with some additional context addressed by key-value pairs. -// This still allow the application to continue running. -func (l *Logger) Error(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Error(msg) - } else { - l.zLogger.Errorw(msg, keysAndValues...) - } -} - -// Panic logs a message that is a severe error event, -// leads the application to abort, with some additional -// context addressed by key-value pairs. It then panics. -func (l *Logger) Panic(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Panic(msg) - } else { - l.zLogger.Panicw(msg, keysAndValues...) - } -} - -// Fatal is the same as Panic but it then calls os.Exit instead. -func (l *Logger) Fatal(msg string, keysAndValues ...interface{}) { - if keysAndValues == nil { - l.zLogger.Fatal(msg) - } else { - l.zLogger.Fatalw(msg, keysAndValues...) - } -} From 9079b27c52757c95e14491abb175ca10f2721e78 Mon Sep 17 00:00:00 2001 From: "Marcela S. Melara" Date: Wed, 20 Dec 2017 19:28:50 -0500 Subject: [PATCH 8/9] Go fmt fix --- application/encoding_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/encoding_test.go b/application/encoding_test.go index 1d71774..bf8ca88 100644 --- a/application/encoding_test.go +++ b/application/encoding_test.go @@ -68,7 +68,7 @@ func TestUnmarshalSampleClientMessage(t *testing.T) { Key: []byte("key")}) msg, _ := MarshalResponse(res) response := UnmarshalResponse(protocol.RegistrationType, []byte(msg)) - str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] + str := response.DirectoryResponse.(*protocol.DirectoryProof).STR[0] if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) { t.Error("Cannot unmarshal Associated Data properly") } From 4a2596026ffd1a481796400ea77863e8e615be93 Mon Sep 17 00:00:00 2001 From: Marcela Melara Date: Sun, 14 Jan 2018 16:36:26 -0500 Subject: [PATCH 9/9] Fix encoding test bugs --- application/encoding.go | 8 ++++++-- application/encoding_test.go | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/application/encoding.go b/application/encoding.go index 6069a4f..fd18701 100644 --- a/application/encoding.go +++ b/application/encoding.go @@ -77,8 +77,12 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response { Error: res.Error, } if err := response.Validate(); err != nil { - return &protocol.Response{ - Error: protocol.ErrMalformedMessage, + // we don't want to return an ErrMalformedMessage + // if Error is in errors + if err == protocol.ErrMalformedMessage { + return &protocol.Response{ + Error: protocol.ErrMalformedMessage, + } } } return response diff --git a/application/encoding_test.go b/application/encoding_test.go index bf8ca88..656d054 100644 --- a/application/encoding_test.go +++ b/application/encoding_test.go @@ -62,7 +62,7 @@ func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) { } func TestUnmarshalSampleClientMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) + d := directory.NewTestDirectory(t) res := d.Register(&protocol.RegistrationRequest{ Username: "alice", Key: []byte("key")}) @@ -75,7 +75,7 @@ func TestUnmarshalSampleClientMessage(t *testing.T) { } func TestUnmarshalSampleAuditorMessage(t *testing.T) { - d, _ := directory.NewTestDirectory(t, true) + d := directory.NewTestDirectory(t) res := d.GetSTRHistory(&protocol.STRHistoryRequest{ StartEpoch: uint64(0), EndEpoch: uint64(1)})