Skip to content

Commit

Permalink
Rebase auditor-cli code onto refactored cli package
Browse files Browse the repository at this point in the history
  • Loading branch information
masomel committed Dec 20, 2017
1 parent 273e1c5 commit df1762c
Show file tree
Hide file tree
Showing 18 changed files with 258 additions and 219 deletions.
87 changes: 87 additions & 0 deletions application/auditor/config.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
package auditor

import (
"github.com/coniks-sys/coniks-go/application"
"github.com/coniks-sys/coniks-go/crypto/sign"
"github.com/coniks-sys/coniks-go/protocol"
)

// directoryConfig contains the auditor's configuration needed to send a
// request to a CONIKS server: the path to the server's signing public-key
// file and the actual public-key parsed from that file; the path to
// the server's initial STR file and the actual STR parsed from that file;
// the server's address for receiving STR history requests.
type directoryConfig struct {
SignPubkeyPath string `toml:"sign_pubkey_path"`
SigningPubKey sign.PublicKey

InitSTRPath string `toml:"init_str_path"`
InitSTR *protocol.DirSTR

Address string `toml:"address"`
}

// Config maintains the auditor's configurations for all CONIKS
// directories it tracks.
type Config struct {
TrackedDirs []*directoryConfig
// TODO: Add server-side auditor config
}

var _ application.AppConfig = (*Config)(nil)

func newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) *directoryConfig {
var dconf = directoryConfig{
SignPubkeyPath: signPubkeyPath,
InitSTRPath: initSTRPath,
Address: serverAddr,
}

return &dconf
}

// NewConfig initializes a new auditor configuration with the given
// server signing public key path, registration address, and
// server address.
func NewConfig() *Config {
var conf = Config{
TrackedDirs: make([]*directoryConfig, 0),
}
return &conf
}

// AddDirectoryConfig adds the given CONIKS server settings to the
// auditor's configuration.
func (conf *Config) AddDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) {
dconf := newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr)
conf.TrackedDirs = append(conf.TrackedDirs, dconf)
}

// Load initializes an auditor's configuration from the given file.
// For each directory in the configuration, it reads the signing public-key file
// and initial STR file, and parses the actual key and initial STR.
func (conf *Config) Load(file string) error {
tmp, err := application.LoadConfig(file)
if err != nil {
return err
}
conf = tmp.(*Config)

for _, dconf := range conf.TrackedDirs {
// load signing key
signPubKey, err := application.LoadSigningPubKey(dconf.SignPubkeyPath, file)
if err != nil {
return err
}
dconf.SigningPubKey = signPubKey

// load initial STR
initSTR, err := application.LoadInitSTR(dconf.InitSTRPath, file)
if err != nil {
return err
}
dconf.InitSTR = initSTR
}

return nil
}
6 changes: 3 additions & 3 deletions coniksauditor/doc.go → application/auditor/doc.go
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
/*
Package coniksauditor provides an executable of
an auditor for the CONIKS key management system.
Package auditor implements the CONIKS auditor service
protocol.
Note: The auditor can current only be used in
interactive test mode with a server, and does not
accept auditing requests from CONIKS clients.
*/
package coniksauditor
package auditor
1 change: 0 additions & 1 deletion application/bots/twitterbot.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ import (

"github.com/coniks-sys/coniks-go/application"
"github.com/coniks-sys/coniks-go/protocol"
"github.com/coniks-sys/coniks-go/utils/binutils"
"github.com/dghubble/go-twitter/twitter"
"github.com/dghubble/oauth1"
)
Expand Down
22 changes: 22 additions & 0 deletions application/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,13 @@ package application

import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"

"github.com/BurntSushi/toml"
"github.com/coniks-sys/coniks-go/crypto/sign"
"github.com/coniks-sys/coniks-go/protocol"
"github.com/coniks-sys/coniks-go/utils"
)

Expand All @@ -33,6 +35,26 @@ func LoadSigningPubKey(path, file string) (sign.PublicKey, error) {
return signPubKey, nil
}

// LoadIinitSTR loads an initial STR at the given path
// specified in the given config file.
// If there is any parsing error or the STR is malformed,
// LoadInitSTR() returns an error with a nil STR.
func LoadInitSTR(path, file string) (*protocol.DirSTR, error) {
initSTRPath := utils.ResolvePath(path, file)
initSTRBytes, err := ioutil.ReadFile(initSTRPath)
if err != nil {
return nil, fmt.Errorf("Cannot read init STR: %v", err)
}
initSTR := new(protocol.DirSTR)
if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil {
return nil, fmt.Errorf("Cannot parse initial STR: %v", err)
}
if initSTR.Epoch != 0 {
return nil, fmt.Errorf("Initial STR epoch must be 0 (got %d)", initSTR.Epoch)
}
return initSTR, nil
}

// LoadConfig loads an application configuration from the given toml-encoded
// file. If there is any decoding error, an LoadConfig() returns an error
// with a nil config.
Expand Down
41 changes: 41 additions & 0 deletions application/encoding.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"encoding/json"

"github.com/coniks-sys/coniks-go/protocol"
"github.com/coniks-sys/coniks-go/utils"
)

// MarshalRequest returns a JSON encoding of the client's request.
Expand Down Expand Up @@ -39,6 +40,8 @@ func UnmarshalRequest(msg []byte) (*protocol.Request, error) {
request = new(protocol.KeyLookupInEpochRequest)
case protocol.MonitoringType:
request = new(protocol.MonitoringRequest)
case protocol.STRType:
request = new(protocol.STRHistoryRequest)
}
if err := json.Unmarshal(content, &request); err != nil {
return nil, err
Expand Down Expand Up @@ -92,6 +95,17 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response {
Error: res.Error,
DirectoryResponse: response,
}
case protocol.AuditType, protocol.STRType:
response := new(protocol.STRHistoryRange)
if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil {
return &protocol.Response{
Error: protocol.ErrMalformedMessage,
}
}
return &protocol.Response{
Error: res.Error,
DirectoryResponse: response,
}
default:
panic("Unknown request type")
}
Expand All @@ -104,3 +118,30 @@ func malformedClientMsg(err error) *protocol.Response {
}
return protocol.NewErrorResponse(protocol.ErrMalformedMessage)
}

// CreateSTRRequestMsg returns a JSON encoding of
// a protocol.STRHistoryRequest for the given (start, end) epoch
// range.
func CreateSTRRequestMsg(start, end uint64) ([]byte, error) {
return json.Marshal(&protocol.Request{
Type: protocol.STRType,
Request: &protocol.STRHistoryRequest{
StartEpoch: start,
EndEpoch: end,
},
})
}

// MarshalSTRToFile serializes the given STR to the given path.
func MarshalSTRToFile(str *protocol.DirSTR, path string) error {
strBytes, err := json.Marshal(str)
if err != nil {
return err
}

if err := utils.WriteFile(path, strBytes, 0600); err != nil {
return err
}

return nil
}
43 changes: 41 additions & 2 deletions application/encoding_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,20 @@ func TestUnmarshalErrorResponse(t *testing.T) {
}
}

func TestUnmarshalMalformedErrorResponse(t *testing.T) {
func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) {
errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog)
msg, err := json.Marshal(errResponse)
if err != nil {
t.Fatal(err)
}
res := UnmarshalResponse(protocol.AuditType, msg)
if res.Error != protocol.ErrAuditLog {
t.Error("Expect error", protocol.ErrAuditLog,
"got", res.Error)
}
}

func TestUnmarshalMalformedDirectoryProof(t *testing.T) {
errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound)
msg, err := json.Marshal(errResponse)
if err != nil {
Expand All @@ -35,7 +48,20 @@ func TestUnmarshalMalformedErrorResponse(t *testing.T) {
}
}

func TestUnmarshalSampleMessage(t *testing.T) {
func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) {
errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound)
msg, err := json.Marshal(errResponse)
if err != nil {
t.Fatal(err)
}
res := UnmarshalResponse(protocol.STRType, msg)
if res.Error != protocol.ErrMalformedMessage {
t.Error("Expect error", protocol.ErrMalformedMessage,
"got", res.Error)
}
}

func TestUnmarshalSampleClientMessage(t *testing.T) {
d, _ := directory.NewTestDirectory(t, true)
res := d.Register(&protocol.RegistrationRequest{
Username: "alice",
Expand All @@ -47,3 +73,16 @@ func TestUnmarshalSampleMessage(t *testing.T) {
t.Error("Cannot unmarshal Associate Data properly")
}
}

func TestUnmarshalSampleAuditorMessage(t *testing.T) {
d, _ := directory.NewTestDirectory(t, true)
res := d.GetSTRHistory(&protocol.STRHistoryRequest{
StartEpoch: uint64(0),
EndEpoch: uint64(1)})
msg, _ := MarshalResponse(res)
response := UnmarshalResponse(protocol.STRType, []byte(msg))
str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0]
if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) {
t.Error("Cannot unmarshal Associate Data properly")
}
}
2 changes: 2 additions & 0 deletions application/server/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ type Config struct {
LoadedHistoryLength uint64 `toml:"loaded_history_length"`
// Policies contains the server's CONIKS policies configuration.
Policies *Policies `toml:"policies"`
// Path to store the initial STR
InitSTRPath string `toml:"init_str_path"`
// Addresses contains the server's connections configuration.
Addresses []*Address `toml:"addresses"`
}
Expand Down
6 changes: 6 additions & 0 deletions application/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"github.com/coniks-sys/coniks-go/application"
"github.com/coniks-sys/coniks-go/protocol"
"github.com/coniks-sys/coniks-go/protocol/directory"
"github.com/coniks-sys/coniks-go/utils"
)

// An Address describes a server's connection.
Expand Down Expand Up @@ -68,6 +69,11 @@ func NewConiksServer(conf *Config) *ConiksServer {
epochTimer: time.NewTimer(time.Duration(conf.Policies.EpochDeadline) * time.Second),
}

// save the initial STR to be used for initializing auditors
initSTRPath := utils.ResolvePath(conf.InitSTRPath,
conf.ConfigFilePath)
application.MarshalSTRToFile(server.dir.LatestSTR(), initSTRPath)

return server
}

Expand Down
16 changes: 0 additions & 16 deletions application/server/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,6 @@ import (
"github.com/coniks-sys/coniks-go/crypto/sign"
"github.com/coniks-sys/coniks-go/crypto/vrf"
"github.com/coniks-sys/coniks-go/protocol"
<<<<<<< HEAD:application/server/server_test.go
=======
"github.com/coniks-sys/coniks-go/utils/binutils"
>>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go
)

var registrationMsg = `
Expand Down Expand Up @@ -87,20 +83,8 @@ func newTestServer(t *testing.T, epDeadline protocol.Timestamp, useBot bool,
},
LoadedHistoryLength: 100,
Addresses: addrs,
<<<<<<< HEAD:application/server/server_test.go
Policies: NewPolicies(epDeadline, "", "", vrfKey,
signKey),
=======
Policies: &ServerPolicies{
EpochDeadline: epDeadline,
vrfKey: vrfKey,
signKey: signKey,
},
Logger: &binutils.LoggerConfig{
Environment: "development",
Path: path.Join(dir, "coniksserver.log"),
},
>>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go
}

return NewConiksServer(conf), conf
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
package main

import (
"github.com/coniks-sys/coniks-go/coniksauditor/cli/internal/cmd"
"github.com/coniks-sys/coniks-go/cli"
"github.com/coniks-sys/coniks-go/cli/coniksauditor/internal/cmd"
)

func main() {
Expand Down
38 changes: 38 additions & 0 deletions cli/coniksauditor/internal/cmd/init.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
package cmd

import (
"fmt"
"path"

"bytes"
"os"

"github.com/coniks-sys/coniks-go/application"
"github.com/coniks-sys/coniks-go/application/auditor"
"github.com/coniks-sys/coniks-go/cli"
"github.com/spf13/cobra"
)

var initCmd = cli.NewInitCommand("CONIKS auditor", mkConfigOrExit)

func init() {
RootCmd.AddCommand(initCmd)
initCmd.Flags().StringP("dir", "d", ".",
"Location of directory for storing generated files")
}

func mkConfigOrExit(cmd *cobra.Command, args []string) {
dir := cmd.Flag("dir").Value.String()
file := path.Join(dir, "config.toml")

conf := auditor.NewConfig()
conf.AddDirectoryConfig("../../keyserver/coniksserver/sign.pub",
"../../keyserver/coniksserver/init_str",
"tcp://127.0.0.1:3000")

if err := application.SaveConfig(file, conf); err != nil {
fmt.Println("Couldn't save config. Error message: [" +
err.Error() + "]")
os.Exit(-1)
}
}
Loading

0 comments on commit df1762c

Please sign in to comment.