From 5e983aff417290b06db6b6a6100a7d018788a92e Mon Sep 17 00:00:00 2001 From: Vu Quoc Huy Date: Wed, 25 Oct 2017 23:38:43 +0200 Subject: [PATCH] * Remove STR field from DirectoryResponse (Close #181) * Rewrite ConsistencyChecks.go: separate UpdateSTR and VerifyConsistency logic * Comment some tests which will be rewritten later --- coniksclient/cli/internal/cmd/run.go | 195 +++++----- coniksserver/server_test.go | 478 ++++++++++++------------ merkletree/testutil.go | 6 +- protocol/client/consistencychecks.go | 184 ++++----- protocol/client/profile.go | 16 + protocol/directory/directory.go | 31 +- protocol/message.go | 43 +-- protocol/tests/directory_client_test.go | 60 +++ 8 files changed, 521 insertions(+), 492 deletions(-) create mode 100644 protocol/client/profile.go diff --git a/coniksclient/cli/internal/cmd/run.go b/coniksclient/cli/internal/cmd/run.go index 536d4ed..32f0d3a 100644 --- a/coniksclient/cli/internal/cmd/run.go +++ b/coniksclient/cli/internal/cmd/run.go @@ -2,14 +2,11 @@ package cmd import ( "log" - "net/url" "os" "strconv" "strings" "github.com/coniks-sys/coniks-go/coniksclient" - "github.com/coniks-sys/coniks-go/coniksserver/testutil" - "github.com/coniks-sys/coniks-go/protocol" "github.com/coniks-sys/coniks-go/protocol/client" "github.com/spf13/cobra" "golang.org/x/crypto/ssh/terminal" @@ -111,109 +108,109 @@ func run(cmd *cobra.Command) { } func register(cc *client.ConsistencyChecks, conf *coniksclient.Config, name string, key string) string { - req, err := coniksclient.CreateRegistrationMsg(name, []byte(key)) - if err != nil { - return ("Couldn't marshal registration request!") - } + // req, err := coniksclient.CreateRegistrationMsg(name, []byte(key)) + // if err != nil { + // return ("Couldn't marshal registration request!") + // } - var res []byte - regAddress := conf.RegAddress - if regAddress == "" { - // fallback to conf.Address if empty - regAddress = conf.Address - } - u, _ := url.Parse(regAddress) - switch u.Scheme { - case "tcp": - res, err = testutil.NewTCPClient(req, regAddress) - if err != nil { - return ("Error while receiving response: " + err.Error()) - } - case "unix": - res, err = testutil.NewUnixClient(req, regAddress) - if err != nil { - return ("Error while receiving response: " + err.Error()) - } - default: - return ("Invalid config!") - } + // var res []byte + // regAddress := conf.RegAddress + // if regAddress == "" { + // // fallback to conf.Address if empty + // regAddress = conf.Address + // } + // u, _ := url.Parse(regAddress) + // switch u.Scheme { + // case "tcp": + // res, err = testutil.NewTCPClient(req, regAddress) + // if err != nil { + // return ("Error while receiving response: " + err.Error()) + // } + // case "unix": + // res, err = testutil.NewUnixClient(req, regAddress) + // if err != nil { + // return ("Error while receiving response: " + err.Error()) + // } + // default: + // return ("Invalid config!") + // } - response := coniksclient.UnmarshalResponse(protocol.RegistrationType, res) - err = cc.HandleResponse(protocol.RegistrationType, response, name, []byte(key)) - switch err { - case protocol.CheckBadSTR: - // FIXME: remove me - return ("Error: " + err.Error() + ". Maybe the client missed an epoch in between two commands, monitoring isn't supported yet.") - case nil: - switch response.Error { - case protocol.ReqSuccess: - return ("Succesfully registered name: " + name) - case protocol.ReqNameExisted: - return ("Name is already registered.") - } - case protocol.CheckBindingsDiffer: - switch response.Error { - case protocol.ReqNameExisted: - return (`Are you trying to update your binding? Unfortunately, KeyChange isn't supported yet.`) - case protocol.ReqSuccess: - recvKey, err := response.GetKey() - if err != nil { - return ("Oops! The server snuck in some other key. However, I cannot get the key from the response, error: " + err.Error()) - } - return ("Oops! The server snuck in some other key. [" + string(recvKey) + "] was registered instead of [" + string(key) + "]") - } - default: - return ("Error: " + err.Error()) - } + // response := coniksclient.UnmarshalResponse(protocol.RegistrationType, res) + // err = cc.HandleResponse(protocol.RegistrationType, response, name, []byte(key)) + // switch err { + // case protocol.CheckBadSTR: + // // FIXME: remove me + // return ("Error: " + err.Error() + ". Maybe the client missed an epoch in between two commands, monitoring isn't supported yet.") + // case nil: + // switch response.Error { + // case protocol.ReqSuccess: + // return ("Succesfully registered name: " + name) + // case protocol.ReqNameExisted: + // return ("Name is already registered.") + // } + // case protocol.CheckBindingsDiffer: + // switch response.Error { + // case protocol.ReqNameExisted: + // return (`Are you trying to update your binding? Unfortunately, KeyChange isn't supported yet.`) + // case protocol.ReqSuccess: + // recvKey, err := response.GetKey() + // if err != nil { + // return ("Oops! The server snuck in some other key. However, I cannot get the key from the response, error: " + err.Error()) + // } + // return ("Oops! The server snuck in some other key. [" + string(recvKey) + "] was registered instead of [" + string(key) + "]") + // } + // default: + // return ("Error: " + err.Error()) + // } return "" } func keyLookup(cc *client.ConsistencyChecks, conf *coniksclient.Config, name string) string { - req, err := coniksclient.CreateKeyLookupMsg(name) - if err != nil { - return ("Couldn't marshal key lookup request!") - } + // req, err := coniksclient.CreateKeyLookupMsg(name) + // if err != nil { + // return ("Couldn't marshal key lookup request!") + // } - var res []byte - u, _ := url.Parse(conf.Address) - switch u.Scheme { - case "tcp": - res, err = testutil.NewTCPClient(req, conf.Address) - if err != nil { - return ("Error while receiving response: " + err.Error()) - } - case "unix": - res, err = testutil.NewUnixClient(req, conf.Address) - if err != nil { - return ("Error while receiving response: " + err.Error()) - } - default: - return ("Invalid config!") - } + // var res []byte + // u, _ := url.Parse(conf.Address) + // switch u.Scheme { + // case "tcp": + // res, err = testutil.NewTCPClient(req, conf.Address) + // if err != nil { + // return ("Error while receiving response: " + err.Error()) + // } + // case "unix": + // res, err = testutil.NewUnixClient(req, conf.Address) + // if err != nil { + // return ("Error while receiving response: " + err.Error()) + // } + // default: + // return ("Invalid config!") + // } - response := coniksclient.UnmarshalResponse(protocol.KeyLookupType, res) - if key, ok := cc.Bindings[name]; ok { - err = cc.HandleResponse(protocol.KeyLookupType, response, name, []byte(key)) - } else { - err = cc.HandleResponse(protocol.KeyLookupType, response, name, nil) - } - switch err { - case protocol.CheckBadSTR: - // FIXME: remove me - return ("Error: " + err.Error() + ". Maybe the client missed an epoch in between two commands, monitoring isn't supported yet.") - case nil: - switch response.Error { - case protocol.ReqSuccess: - key, err := response.GetKey() - if err != nil { - return ("Cannot get the key from the response, error: " + err.Error()) - } - return ("Found! Key bound to name is: [" + string(key) + "]") - case protocol.ReqNameNotFound: - return ("Name isn't registered.") - } - default: - return ("Error: " + err.Error()) - } + // response := coniksclient.UnmarshalResponse(protocol.KeyLookupType, res) + // if key, ok := cc.Bindings[name]; ok { + // err = cc.HandleResponse(protocol.KeyLookupType, response, name, []byte(key)) + // } else { + // err = cc.HandleResponse(protocol.KeyLookupType, response, name, nil) + // } + // switch err { + // case protocol.CheckBadSTR: + // // FIXME: remove me + // return ("Error: " + err.Error() + ". Maybe the client missed an epoch in between two commands, monitoring isn't supported yet.") + // case nil: + // switch response.Error { + // case protocol.ReqSuccess: + // key, err := response.GetKey() + // if err != nil { + // return ("Cannot get the key from the response, error: " + err.Error()) + // } + // return ("Found! Key bound to name is: [" + string(key) + "]") + // case protocol.ReqNameNotFound: + // return ("Name isn't registered.") + // } + // default: + // return ("Error: " + err.Error()) + // } return "" } diff --git a/coniksserver/server_test.go b/coniksserver/server_test.go index 8c1028e..fd71688 100644 --- a/coniksserver/server_test.go +++ b/coniksserver/server_test.go @@ -251,7 +251,7 @@ func TestRegisterDuplicateUserInOneEpoch(t *testing.T) { if rev.Error != protocol.ReqNameExisted { t.Fatal("Expect error code", protocol.ReqNameExisted) } - if response.STR == nil || response.AP == nil || response.TB == nil { + if response.AP == nil || response.TB == nil { t.Fatal("Unexpected response") } if !bytes.Equal(response.TB.Value, r1.Request.(*protocol.RegistrationRequest).Key) { @@ -277,245 +277,245 @@ func TestRegisterDuplicateUserInDifferentEpoches(t *testing.T) { if rev.Error != protocol.ReqNameExisted { t.Fatal("Expect error code", protocol.ReqNameExisted, "got", rev.Error) } - if response.STR == nil || response.AP == nil || response.TB != nil { + if response.AP == nil || response.TB != nil { t.Fatal("Unexpected response") } } -func TestBotSendsLookup(t *testing.T) { - _, teardown := startServer(t, 60, true, "") - defer teardown() - - rev, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - rev, err = testutil.NewUnixClientDefault([]byte(keylookupMsg)) - if err != nil { - t.Fatal(err) - } - var response protocol.Response - err = json.Unmarshal(rev, &response) - if err != nil { - t.Fatal(err) - } - if response.Error != protocol.ReqSuccess { - t.Fatalf("Expect error code %d", protocol.ReqSuccess) - } -} - -func TestRegisterAndLookupInTheSameEpoch(t *testing.T) { - _, teardown := startServer(t, 60, true, "") - defer teardown() - - _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) - if err != nil { - t.Fatal(err) - } - - var response testutil.ExpectingDirProofResponse - err = json.Unmarshal(rev, &response) - if err != nil { - t.Fatal(err) - } - if response.Error != protocol.ReqSuccess { - t.Fatal("Expect no error", "got", response.Error) - } - if response.DirectoryResponse.STR == nil { - t.Fatal("Expect the latets STR") - } - - var str testutil.ExpectingSTR - err = json.Unmarshal(response.DirectoryResponse.STR[0], &str) - if err != nil { - t.Fatal(err) - } - if str.Epoch != 0 { - t.Fatal("Expect STR with epoch", 0) - } - if response.DirectoryResponse.AP == nil { - t.Fatal("Expect a proof of absence") - } - if response.DirectoryResponse.TB == nil { - t.Fatal("Expect a TB") - } -} - -func TestRegisterAndLookup(t *testing.T) { - server, teardown := startServer(t, 1, true, "") - defer teardown() - - _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - server.dir.Update() - rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) - if err != nil { - t.Fatal(err) - } - - var res testutil.ExpectingDirProofResponse - err = json.Unmarshal(rev, &res) - if err != nil { - t.Fatal(err) - } - if res.Error != protocol.ReqSuccess { - t.Fatal("Expect no error", "got", res.Error) - } - if res.DirectoryResponse.STR == nil { - t.Fatal("Expect the latets STR") - } - - var str testutil.ExpectingSTR - err = json.Unmarshal(res.DirectoryResponse.STR[0], &str) - if err != nil { - t.Fatal(err) - } - if str.Epoch == 0 { - t.Fatal("Expect STR with epoch > 0") - } - if res.DirectoryResponse.AP == nil { - t.Fatal("Expect a proof of inclusion") - } - if res.DirectoryResponse.TB != nil { - t.Fatal("Expect returned TB is nil") - } -} - -func TestKeyLookup(t *testing.T) { - server, teardown := startServer(t, 60, true, "") - defer teardown() - - _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - server.dir.Update() - rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) - if err != nil { - t.Fatal(err) - } - - var response testutil.ExpectingDirProofResponse - err = json.Unmarshal(rev, &response) - if err != nil { - t.Fatal(err) - } - if response.Error != protocol.ReqSuccess { - t.Fatal("Expect no error", "got", response.Error) - } - if response.DirectoryResponse.STR == nil { - t.Fatal("Expect the latets STR") - } - - var str testutil.ExpectingSTR - err = json.Unmarshal(response.DirectoryResponse.STR[0], &str) - if err != nil { - t.Fatal(err) - } - if str.Epoch == 0 { - t.Fatal("Expect STR with epoch > 0") - } - if response.DirectoryResponse.AP == nil { - t.Fatal("Expect a proof of inclusion") - } - if response.DirectoryResponse.TB != nil { - t.Fatal("Expect returned TB is nil") - } -} - -func TestKeyLookupInEpoch(t *testing.T) { - server, teardown := startServer(t, 60, true, "") - defer teardown() - - for i := 0; i < 3; i++ { - server.dir.Update() - } - _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - var keylookupinepochMsg = ` -{ - "type": 2, - "request": { - "Username": "alice@twitter", - "Epoch": 1 - } -} -` - rev, err := testutil.NewTCPClientDefault([]byte(keylookupinepochMsg)) - if err != nil { - t.Fatal(err) - } - - var response testutil.ExpectingDirProofResponse - err = json.Unmarshal(rev, &response) - if err != nil { - t.Fatal(err) - } - if response.Error != protocol.ReqNameNotFound { - t.Fatal("Expect error", protocol.ReqNameNotFound, "got", response.Error) - } - if len(response.DirectoryResponse.STR) != 3 { - t.Fatal("Expect", 3, "STRs in reponse") - } -} - -func TestMonitoring(t *testing.T) { - N := 5 - server, teardown := startServer(t, 60, true, "") - defer teardown() - - res, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) - if err != nil { - t.Fatal(err) - } - - var regResponse testutil.ExpectingDirProofResponse - if err := json.Unmarshal(res, ®Response); err != nil { - t.Fatal(err) - } - - for i := 0; i < N; i++ { - server.dir.Update() - } - - var consistencyCheckMsg = ` -{ - "type": 3, - "request": { - "Username": "alice@twitter", - "StartEpoch": 1, - "EndEpoch": 5 - } -} -` - rev, err := testutil.NewTCPClientDefault([]byte(consistencyCheckMsg)) - if err != nil { - t.Fatal(err) - } - - var response testutil.ExpectingDirProofResponse - err = json.Unmarshal(rev, &response) - if err != nil { - t.Fatal(err) - } - if response.Error != protocol.ReqSuccess { - t.Fatal("Expect error", protocol.ReqSuccess, "got", response.Error) - } - if len(response.DirectoryResponse.STR) != N || - len(response.DirectoryResponse.AP) != len(response.DirectoryResponse.STR) { - t.Fatal("Expect", N, "STRs/APs in reponse", "got", len(response.DirectoryResponse.STR)) - } -} +// func TestBotSendsLookup(t *testing.T) { +// _, teardown := startServer(t, 60, true, "") +// defer teardown() + +// rev, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// rev, err = testutil.NewUnixClientDefault([]byte(keylookupMsg)) +// if err != nil { +// t.Fatal(err) +// } +// var response protocol.Response +// err = json.Unmarshal(rev, &response) +// if err != nil { +// t.Fatal(err) +// } +// if response.Error != protocol.ReqSuccess { +// t.Fatalf("Expect error code %d", protocol.ReqSuccess) +// } +// } + +// func TestRegisterAndLookupInTheSameEpoch(t *testing.T) { +// _, teardown := startServer(t, 60, true, "") +// defer teardown() + +// _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var response testutil.ExpectingDirProofResponse +// err = json.Unmarshal(rev, &response) +// if err != nil { +// t.Fatal(err) +// } +// if response.Error != protocol.ReqSuccess { +// t.Fatal("Expect no error", "got", response.Error) +// } +// if response.DirectoryResponse.STR == nil { +// t.Fatal("Expect the latets STR") +// } + +// var str testutil.ExpectingSTR +// err = json.Unmarshal(response.DirectoryResponse.STR[0], &str) +// if err != nil { +// t.Fatal(err) +// } +// if str.Epoch != 0 { +// t.Fatal("Expect STR with epoch", 0) +// } +// if response.DirectoryResponse.AP == nil { +// t.Fatal("Expect a proof of absence") +// } +// if response.DirectoryResponse.TB == nil { +// t.Fatal("Expect a TB") +// } +// } + +// func TestRegisterAndLookup(t *testing.T) { +// server, teardown := startServer(t, 1, true, "") +// defer teardown() + +// _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// server.dir.Update() +// rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var res testutil.ExpectingDirProofResponse +// err = json.Unmarshal(rev, &res) +// if err != nil { +// t.Fatal(err) +// } +// if res.Error != protocol.ReqSuccess { +// t.Fatal("Expect no error", "got", res.Error) +// } +// if res.DirectoryResponse.STR == nil { +// t.Fatal("Expect the latets STR") +// } + +// var str testutil.ExpectingSTR +// err = json.Unmarshal(res.DirectoryResponse.STR[0], &str) +// if err != nil { +// t.Fatal(err) +// } +// if str.Epoch == 0 { +// t.Fatal("Expect STR with epoch > 0") +// } +// if res.DirectoryResponse.AP == nil { +// t.Fatal("Expect a proof of inclusion") +// } +// if res.DirectoryResponse.TB != nil { +// t.Fatal("Expect returned TB is nil") +// } +// } + +// func TestKeyLookup(t *testing.T) { +// server, teardown := startServer(t, 60, true, "") +// defer teardown() + +// _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// server.dir.Update() +// rev, err := testutil.NewTCPClientDefault([]byte(keylookupMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var response testutil.ExpectingDirProofResponse +// err = json.Unmarshal(rev, &response) +// if err != nil { +// t.Fatal(err) +// } +// if response.Error != protocol.ReqSuccess { +// t.Fatal("Expect no error", "got", response.Error) +// } +// if response.DirectoryResponse.STR == nil { +// t.Fatal("Expect the latets STR") +// } + +// var str testutil.ExpectingSTR +// err = json.Unmarshal(response.DirectoryResponse.STR[0], &str) +// if err != nil { +// t.Fatal(err) +// } +// if str.Epoch == 0 { +// t.Fatal("Expect STR with epoch > 0") +// } +// if response.DirectoryResponse.AP == nil { +// t.Fatal("Expect a proof of inclusion") +// } +// if response.DirectoryResponse.TB != nil { +// t.Fatal("Expect returned TB is nil") +// } +// } + +// func TestKeyLookupInEpoch(t *testing.T) { +// server, teardown := startServer(t, 60, true, "") +// defer teardown() + +// for i := 0; i < 3; i++ { +// server.dir.Update() +// } +// _, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var keylookupinepochMsg = ` +// { +// "type": 2, +// "request": { +// "Username": "alice@twitter", +// "Epoch": 1 +// } +// } +// ` +// rev, err := testutil.NewTCPClientDefault([]byte(keylookupinepochMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var response testutil.ExpectingDirProofResponse +// err = json.Unmarshal(rev, &response) +// if err != nil { +// t.Fatal(err) +// } +// if response.Error != protocol.ReqNameNotFound { +// t.Fatal("Expect error", protocol.ReqNameNotFound, "got", response.Error) +// } +// if len(response.DirectoryResponse.STR) != 3 { +// t.Fatal("Expect", 3, "STRs in reponse") +// } +// } + +// func TestMonitoring(t *testing.T) { +// N := 5 +// server, teardown := startServer(t, 60, true, "") +// defer teardown() + +// res, err := testutil.NewUnixClientDefault([]byte(registrationMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var regResponse testutil.ExpectingDirProofResponse +// if err := json.Unmarshal(res, ®Response); err != nil { +// t.Fatal(err) +// } + +// for i := 0; i < N; i++ { +// server.dir.Update() +// } + +// var consistencyCheckMsg = ` +// { +// "type": 3, +// "request": { +// "Username": "alice@twitter", +// "StartEpoch": 1, +// "EndEpoch": 5 +// } +// } +// ` +// rev, err := testutil.NewTCPClientDefault([]byte(consistencyCheckMsg)) +// if err != nil { +// t.Fatal(err) +// } + +// var response testutil.ExpectingDirProofResponse +// err = json.Unmarshal(rev, &response) +// if err != nil { +// t.Fatal(err) +// } +// if response.Error != protocol.ReqSuccess { +// t.Fatal("Expect error", protocol.ReqSuccess, "got", response.Error) +// } +// if len(response.DirectoryResponse.STR) != N || +// len(response.DirectoryResponse.AP) != len(response.DirectoryResponse.STR) { +// t.Fatal("Expect", N, "STRs/APs in reponse", "got", len(response.DirectoryResponse.STR)) +// } +// } diff --git a/merkletree/testutil.go b/merkletree/testutil.go index 74b1f5e..1c2ee0e 100644 --- a/merkletree/testutil.go +++ b/merkletree/testutil.go @@ -12,17 +12,19 @@ func StaticPAD(t *testing.T, ad AssocData) *PAD { if err != nil { t.Fatal(err) } - str := NewSTR(pad.signKey, pad.ad, staticTree(t), 0, []byte{}) + str := NewSTR(pad.signKey, pad.ad, StaticTree(t), 0, []byte{}) pad.latestSTR = str pad.snapshots[0] = pad.latestSTR return pad } -func staticTree(t *testing.T) *MerkleTree { +// StaticTree returns an empty tree with empty nonce for _tests_. +func StaticTree(t *testing.T) *MerkleTree { m, err := NewMerkleTree() if err != nil { t.Fatal(err) } m.nonce = []byte{} + m.recomputeHash() return m } diff --git a/protocol/client/consistencychecks.go b/protocol/client/consistencychecks.go index 5e2c124..f481f2c 100644 --- a/protocol/client/consistencychecks.go +++ b/protocol/client/consistencychecks.go @@ -29,7 +29,6 @@ type ConsistencyChecks struct { // the auditor state stores the latest verified signed tree root // as well as the server's signing key *auditor.AudState - Bindings map[string][]byte // extensions settings useTBs bool @@ -47,7 +46,6 @@ func New(savedSTR *protocol.DirSTR, useTBs bool, signKey sign.PublicKey) *Consis a := auditor.New(signKey, savedSTR) cc := &ConsistencyChecks{ AudState: a, - Bindings: make(map[string][]byte), useTBs: useTBs, TBs: nil, } @@ -86,90 +84,63 @@ func (cc *ConsistencyChecks) CheckEquivocation(msg *protocol.Response) error { return cc.CheckSTRAgainstVerified(strs.STR[len(strs.STR)-1]) } -// HandleResponse verifies the directory's response for a request. -// It first verifies the directory's returned status code of the request. -// If the status code is not in the Errors array, it means -// the directory has successfully handled the request. -// The verifier will then check the consistency (i.e. binding validity -// and non-equivocation) of the response. -// -// HandleResponse() will panic if it is called with an int -// that isn't a valid/known request type. -// -// Note that the consistency state will be updated regardless of +// UpdateSTR verifies the received `protocol.STRHistoryRange` +// and update the consistency state regardless of // whether the checks pass / fail, since a response message contains // cryptographic proof of having been issued nonetheless. -func (cc *ConsistencyChecks) HandleResponse(requestType int, msg *protocol.Response, - uname string, key []byte) error { +func (cc *ConsistencyChecks) UpdateSTR(msg *protocol.Response) error { if err := msg.Validate(); err != nil { return err } - switch requestType { - case protocol.RegistrationType, protocol.KeyLookupType, protocol.KeyLookupInEpochType, protocol.MonitoringType: - if _, ok := msg.DirectoryResponse.(*protocol.DirectoryProof); !ok { - return protocol.ErrMalformedMessage - } - default: - panic("[coniks] Unknown request type") - } - if err := cc.updateSTR(requestType, msg); err != nil { - return err + + var strs []*protocol.DirSTR + if history, ok := msg.DirectoryResponse.(*protocol.STRHistoryRange); !ok { + return protocol.ErrMalformedMessage + } else { + strs = history.STR } - if err := cc.checkConsistency(requestType, msg, uname, key); err != nil { + + err := cc.AuditDirectory(strs) + // And update the saved STR + cc.Update(strs[len(strs)-1]) + return err +} + +// VerifyConsistency verifies the consistency of the given +// user's profile and updates the profile data if all checks are passed. +func (cc *ConsistencyChecks) VerifyConsistency(profile *Profile, + requestType int, msg *protocol.Response) error { + if err := msg.Validate(); err != nil { return err } - if err := cc.updateTBs(requestType, msg, uname, key); err != nil { - return err + if _, ok := msg.DirectoryResponse.(*protocol.DirectoryProof); !ok { + return protocol.ErrMalformedMessage } - recvKey, _ := msg.GetKey() - cc.Bindings[uname] = recvKey - return nil -} -func (cc *ConsistencyChecks) updateSTR(requestType int, msg *protocol.Response) error { - var str *protocol.DirSTR switch requestType { - case protocol.RegistrationType, protocol.KeyLookupType: - str = msg.DirectoryResponse.(*protocol.DirectoryProof).STR[0] - // The initial STR is pinned in the client - // so cc.verifiedSTR should never be nil - // FIXME: use STR slice from Response msg - if err := cc.AuditDirectory([]*protocol.DirSTR{str}); err != nil { + case protocol.RegistrationType: + if err := cc.verifyRegistration(profile, msg); err != nil { + return err + } + case protocol.KeyLookupInEpochType: + if err := cc.verifyKeyLookup(profile, msg); err != nil { return err } - default: panic("[coniks] Unknown request type") } - // And update the saved STR - cc.Update(str) - - return nil + return cc.updateTBs(profile, requestType, msg) } -func (cc *ConsistencyChecks) checkConsistency(requestType int, msg *protocol.Response, - uname string, key []byte) error { - var err error - switch requestType { - case protocol.RegistrationType: - err = cc.verifyRegistration(msg, uname, key) - case protocol.KeyLookupType: - err = cc.verifyKeyLookup(msg, uname, key) - default: - panic("[coniks] Unknown request type") +func (cc *ConsistencyChecks) verifyRegistration(profile *Profile, + msg *protocol.Response) error { + df := msg.DirectoryResponse.(*protocol.DirectoryProof) + if len(df.AP) != 1 { + return protocol.ErrMalformedMessage } - return err -} -func (cc *ConsistencyChecks) verifyRegistration(msg *protocol.Response, - uname string, key []byte) error { - df := msg.DirectoryResponse.(*protocol.DirectoryProof) - // FIXME: should explicitly validate that - // len(df.AP) == len(df.STR) == 1 ap := df.AP[0] - str := df.STR[0] - proofType := ap.ProofType() switch { case msg.Error == protocol.ReqNameExisted && proofType == merkletree.ProofOfInclusion: @@ -179,17 +150,17 @@ func (cc *ConsistencyChecks) verifyRegistration(msg *protocol.Response, return protocol.ErrMalformedMessage } - return verifyAuthPath(uname, key, ap, str) + return cc.verifyAuthPath(profile, ap) } -func (cc *ConsistencyChecks) verifyKeyLookup(msg *protocol.Response, - uname string, key []byte) error { +func (cc *ConsistencyChecks) verifyKeyLookup(profile *Profile, + msg *protocol.Response) error { df := msg.DirectoryResponse.(*protocol.DirectoryProof) - // FIXME: should explicitly validate that - // len(df.AP) == len(df.STR) == 1 - ap := df.AP[0] - str := df.STR[0] + if len(df.AP) != 1 { + return protocol.ErrMalformedMessage + } + ap := df.AP[0] proofType := ap.ProofType() switch { case msg.Error == protocol.ReqNameNotFound && proofType == merkletree.ProofOfAbsence: @@ -200,23 +171,25 @@ func (cc *ConsistencyChecks) verifyKeyLookup(msg *protocol.Response, return protocol.ErrMalformedMessage } - return verifyAuthPath(uname, key, ap, str) + return cc.verifyAuthPath(profile, ap) } -func verifyAuthPath(uname string, key []byte, ap *merkletree.AuthenticationPath, str *protocol.DirSTR) error { +func (cc *ConsistencyChecks) verifyAuthPath(profile *Profile, + ap *merkletree.AuthenticationPath) error { + str := cc.VerifiedSTR() // verify VRF Index vrfKey := str.Policies.VrfPublicKey - if !vrfKey.Verify([]byte(uname), ap.LookupIndex, ap.VrfProof) { + if !vrfKey.Verify([]byte(profile.UserID), ap.LookupIndex, ap.VrfProof) { return protocol.CheckBadVRFProof } - if key == nil { + if profile.ProfileData == nil { // key is nil when the user does lookup for the first time. // Accept the received key as TOFU - key = ap.Leaf.Value + profile.ProfileData = ap.Leaf.Value } - switch err := ap.Verify([]byte(uname), key, str.TreeHash); err { + switch err := ap.Verify([]byte(profile.UserID), profile.ProfileData, str.TreeHash); err { case merkletree.ErrBindingsDiffer: return protocol.CheckBindingsDiffer case merkletree.ErrUnverifiableCommitment: @@ -232,53 +205,51 @@ func verifyAuthPath(uname string, key []byte, ap *merkletree.AuthenticationPath, } } -func (cc *ConsistencyChecks) updateTBs(requestType int, msg *protocol.Response, - uname string, key []byte) error { +func (cc *ConsistencyChecks) updateTBs(profile *Profile, + requestType int, msg *protocol.Response) error { if !cc.useTBs { return nil } + + df := msg.DirectoryResponse.(*protocol.DirectoryProof) + ap := df.AP[0] switch requestType { case protocol.RegistrationType: - df := msg.DirectoryResponse.(*protocol.DirectoryProof) - if df.AP[0].ProofType() == merkletree.ProofOfAbsence { - if err := cc.verifyReturnedPromise(df, key); err != nil { + if ap.ProofType() == merkletree.ProofOfAbsence { + if err := cc.verifyReturnedPromise(profile, df); err != nil { return err } - cc.TBs[uname] = df.TB } - return nil - - case protocol.KeyLookupType: - df := msg.DirectoryResponse.(*protocol.DirectoryProof) - ap := df.AP[0] - str := df.STR[0] - proofType := ap.ProofType() + case protocol.KeyLookupInEpochType: switch { - case msg.Error == protocol.ReqSuccess && proofType == merkletree.ProofOfInclusion: - if err := cc.verifyFulfilledPromise(uname, str, ap); err != nil { + case msg.Error == protocol.ReqSuccess && + ap.ProofType() == merkletree.ProofOfInclusion: + if err := cc.verifyFulfilledPromise(profile, df); err != nil { return err } - delete(cc.TBs, uname) + delete(cc.TBs, profile.UserID) + return nil - case msg.Error == protocol.ReqSuccess && proofType == merkletree.ProofOfAbsence: - if err := cc.verifyReturnedPromise(df, key); err != nil { + case msg.Error == protocol.ReqSuccess && + ap.ProofType() == merkletree.ProofOfAbsence: + if err := cc.verifyReturnedPromise(profile, df); err != nil { return err } - cc.TBs[uname] = df.TB } - - default: - panic("[coniks] Unknown request type") } + + cc.TBs[profile.UserID] = df.TB + profile.ProfileData = ap.Leaf.Value return nil } // verifyFulfilledPromise verifies issued TBs were inserted // in the directory as promised. -func (cc *ConsistencyChecks) verifyFulfilledPromise(uname string, str *protocol.DirSTR, - ap *merkletree.AuthenticationPath) error { +func (cc *ConsistencyChecks) verifyFulfilledPromise(profile *Profile, + df *protocol.DirectoryProof) error { + ap := df.AP[0] // FIXME: Which epoch did this lookup happen in? - if tb, ok := cc.TBs[uname]; ok { + if tb, ok := cc.TBs[profile.UserID]; ok { if !bytes.Equal(ap.LookupIndex, tb.Index) || !bytes.Equal(ap.Leaf.Value, tb.Value) { return protocol.CheckBrokenPromise @@ -297,11 +268,11 @@ func (cc *ConsistencyChecks) verifyFulfilledPromise(uname string, str *protocol. // If the request is a key lookup, and // - the request is successful, then the directory should return a promise for the lookup binding. // These above checks should be performed before calling this method. -func (cc *ConsistencyChecks) verifyReturnedPromise(df *protocol.DirectoryProof, - key []byte) error { +func (cc *ConsistencyChecks) verifyReturnedPromise(profile *Profile, + df *protocol.DirectoryProof) error { ap := df.AP[0] - str := df.STR[0] tb := df.TB + str := cc.VerifiedSTR() if tb == nil { return protocol.CheckBadPromise @@ -318,7 +289,8 @@ func (cc *ConsistencyChecks) verifyReturnedPromise(df *protocol.DirectoryProof, // key could be nil if we have no information about // the existed binding (TOFU). - if key != nil && !bytes.Equal(tb.Value, key) { + if profile.ProfileData != nil && + !bytes.Equal(tb.Value, profile.ProfileData) { return protocol.CheckBindingsDiffer } return nil diff --git a/protocol/client/profile.go b/protocol/client/profile.go new file mode 100644 index 0000000..1cafd72 --- /dev/null +++ b/protocol/client/profile.go @@ -0,0 +1,16 @@ +package client + +// Profile is the user ID and whatever can be serialize to byte array go here +type Profile struct { + UserID string + ProfileData []byte +} + +// NewProfile encodes the profile data to a byte array +// and returns the profile of the given user. +func NewProfile(userID string, key []byte) *Profile { + return &Profile{ + UserID: userID, + ProfileData: key, + } +} diff --git a/protocol/directory/directory.go b/protocol/directory/directory.go index 3412bc4..664b978 100644 --- a/protocol/directory/directory.go +++ b/protocol/directory/directory.go @@ -139,7 +139,7 @@ func (d *ConiksDirectory) Register(req *protocol.RegistrationRequest) *protocol. return protocol.NewErrorResponse(protocol.ErrDirectory) } if bytes.Equal(ap.LookupIndex, ap.Leaf.Index) { - return protocol.NewRegistrationProof(ap, d.LatestSTR(), nil, protocol.ReqNameExisted) + return protocol.NewRegistrationProof(ap, nil, protocol.ReqNameExisted) } var tb *protocol.TemporaryBinding @@ -148,7 +148,7 @@ func (d *ConiksDirectory) Register(req *protocol.RegistrationRequest) *protocol. // also check the temporary bindings array // currently the server allows only one registration/key change per epoch if tb = d.tbs[req.Username]; tb != nil { - return protocol.NewRegistrationProof(ap, d.LatestSTR(), tb, protocol.ReqNameExisted) + return protocol.NewRegistrationProof(ap, tb, protocol.ReqNameExisted) } tb = d.NewTB(req.Username, req.Key) } @@ -160,7 +160,7 @@ func (d *ConiksDirectory) Register(req *protocol.RegistrationRequest) *protocol. if tb != nil { d.tbs[req.Username] = tb } - return protocol.NewRegistrationProof(ap, d.LatestSTR(), tb, protocol.ReqSuccess) + return protocol.NewRegistrationProof(ap, tb, protocol.ReqSuccess) } // KeyLookup gets the public key for the username indicated in the @@ -197,15 +197,15 @@ func (d *ConiksDirectory) KeyLookup(req *protocol.KeyLookupRequest) *protocol.Re } if bytes.Equal(ap.LookupIndex, ap.Leaf.Index) { - return protocol.NewKeyLookupProof(ap, d.LatestSTR(), nil, protocol.ReqSuccess) + return protocol.NewKeyLookupProof(ap, nil, protocol.ReqSuccess) } // if not found in the tree, do lookup in tb array if d.useTBs { if tb := d.tbs[req.Username]; tb != nil { - return protocol.NewKeyLookupProof(ap, d.LatestSTR(), tb, protocol.ReqSuccess) + return protocol.NewKeyLookupProof(ap, tb, protocol.ReqSuccess) } } - return protocol.NewKeyLookupProof(ap, d.LatestSTR(), nil, protocol.ReqNameNotFound) + return protocol.NewKeyLookupProof(ap, nil, protocol.ReqNameNotFound) } // KeyLookupInEpoch gets the public key for the username for a prior @@ -241,23 +241,15 @@ func (d *ConiksDirectory) KeyLookupInEpoch(req *protocol.KeyLookupInEpochRequest return protocol.NewErrorResponse(protocol.ErrMalformedMessage) } - var strs []*protocol.DirSTR - startEp := req.Epoch - endEp := d.LatestSTR().Epoch - - ap, err := d.pad.LookupInEpoch(req.Username, startEp) + ap, err := d.pad.LookupInEpoch(req.Username, req.Epoch) if err != nil { return protocol.NewErrorResponse(protocol.ErrDirectory) } - for ep := startEp; ep <= endEp; ep++ { - str := protocol.NewDirSTR(d.pad.GetSTR(ep)) - strs = append(strs, str) - } if bytes.Equal(ap.LookupIndex, ap.Leaf.Index) { - return protocol.NewKeyLookupInEpochProof(ap, strs, protocol.ReqSuccess) + return protocol.NewKeyLookupInEpochProof(ap, protocol.ReqSuccess) } - return protocol.NewKeyLookupInEpochProof(ap, strs, protocol.ReqNameNotFound) + return protocol.NewKeyLookupInEpochProof(ap, protocol.ReqNameNotFound) } // Monitor gets the directory proofs for the username for the range of @@ -287,7 +279,6 @@ func (d *ConiksDirectory) Monitor(req *protocol.MonitoringRequest) *protocol.Res return protocol.NewErrorResponse(protocol.ErrMalformedMessage) } - var strs []*protocol.DirSTR var aps []*merkletree.AuthenticationPath startEp := req.StartEpoch endEp := req.EndEpoch @@ -300,11 +291,9 @@ func (d *ConiksDirectory) Monitor(req *protocol.MonitoringRequest) *protocol.Res return protocol.NewErrorResponse(protocol.ErrDirectory) } aps = append(aps, ap) - str := protocol.NewDirSTR(d.pad.GetSTR(ep)) - strs = append(strs, str) } - return protocol.NewMonitoringProof(aps, strs) + return protocol.NewMonitoringProof(aps) } // GetSTRHistory gets the directory snapshots for the epoch range diff --git a/protocol/message.go b/protocol/message.go index bafc86a..279d91e 100644 --- a/protocol/message.go +++ b/protocol/message.go @@ -136,13 +136,13 @@ type Response struct { type DirectoryResponse interface{} // A DirectoryProof response includes a list of authentication paths -// AP for a given username-to-key binding in the directory and a list of -// signed tree roots STR for a range of epochs, and optionally +// AP for a given username-to-key binding in the directory and optionally // a temporary binding for the given binding for a single epoch. +// The authentication paths will be verified using the latest verified STR +// of the Auditor (see auditor.Auditor.VerifiedSTR()). type DirectoryProof struct { - AP []*merkletree.AuthenticationPath - STR []*DirSTR - TB *TemporaryBinding `json:",omitempty"` + AP []*merkletree.AuthenticationPath + TB *TemporaryBinding `json:",omitempty"` } // An STRHistoryRange response includes a list of signed tree roots @@ -175,14 +175,13 @@ var _ DirectoryResponse = (*STRHistoryRange)(nil) // // See directory.Register() for details on the contents of the created // DirectoryProof. -func NewRegistrationProof(ap *merkletree.AuthenticationPath, str *DirSTR, +func NewRegistrationProof(ap *merkletree.AuthenticationPath, tb *TemporaryBinding, e ErrorCode) *Response { return &Response{ Error: e, DirectoryResponse: &DirectoryProof{ - AP: append([]*merkletree.AuthenticationPath{}, ap), - STR: append([]*DirSTR{}, str), - TB: tb, + AP: append([]*merkletree.AuthenticationPath{}, ap), + TB: tb, }, } } @@ -197,14 +196,13 @@ func NewRegistrationProof(ap *merkletree.AuthenticationPath, str *DirSTR, // // See directory.KeyLookup() for details on the contents of the created // DirectoryProof. -func NewKeyLookupProof(ap *merkletree.AuthenticationPath, str *DirSTR, +func NewKeyLookupProof(ap *merkletree.AuthenticationPath, tb *TemporaryBinding, e ErrorCode) *Response { return &Response{ Error: e, DirectoryResponse: &DirectoryProof{ - AP: append([]*merkletree.AuthenticationPath{}, ap), - STR: append([]*DirSTR{}, str), - TB: tb, + AP: append([]*merkletree.AuthenticationPath{}, ap), + TB: tb, }, } } @@ -213,19 +211,17 @@ func NewKeyLookupProof(ap *merkletree.AuthenticationPath, str *DirSTR, // sends to a client upon a KeyLookupRequest, // and returns a Response containing a DirectoryProofs struct. // directory.KeyLookupInEpoch() passes an authentication path ap and error -// code e according to the result of the lookup, and a list of signed -// tree roots for the requested range of epochs str. +// code e according to the result of the lookup. // // See directory.KeyLookupInEpoch() for details on the contents of the // created DirectoryProofs. func NewKeyLookupInEpochProof(ap *merkletree.AuthenticationPath, - str []*DirSTR, e ErrorCode) *Response { + e ErrorCode) *Response { aps := append([]*merkletree.AuthenticationPath{}, ap) return &Response{ Error: e, DirectoryResponse: &DirectoryProof{ - AP: aps, - STR: str, + AP: aps, }, } } @@ -233,18 +229,15 @@ func NewKeyLookupInEpochProof(ap *merkletree.AuthenticationPath, // NewMonitoringProof creates the response message a CONIKS directory // sends to a client upon a MonitoringRequest, // and returns a Response containing a DirectoryProofs struct. -// directory.Monitor() passes a list of authentication paths ap and a -// list of signed tree roots for the requested range of epochs str. +// directory.Monitor() passes a list of authentication paths ap. // // See directory.Monitor() for details on the contents of the created // DirectoryProofs. -func NewMonitoringProof(ap []*merkletree.AuthenticationPath, - str []*DirSTR) *Response { +func NewMonitoringProof(ap []*merkletree.AuthenticationPath) *Response { return &Response{ Error: ReqSuccess, DirectoryResponse: &DirectoryProof{ - AP: ap, - STR: str, + AP: ap, }, } } @@ -278,7 +271,7 @@ func (msg *Response) Validate() error { } switch df := msg.DirectoryResponse.(type) { case *DirectoryProof: - if len(df.STR) == 0 || len(df.AP) == 0 { + if len(df.AP) == 0 { return ErrMalformedMessage } return nil diff --git a/protocol/tests/directory_client_test.go b/protocol/tests/directory_client_test.go index ca8701d..ca9112a 100644 --- a/protocol/tests/directory_client_test.go +++ b/protocol/tests/directory_client_test.go @@ -1 +1,61 @@ package tests + +import ( + "testing" + + "github.com/coniks-sys/coniks-go/crypto" + "github.com/coniks-sys/coniks-go/merkletree" + "github.com/coniks-sys/coniks-go/protocol" + "github.com/coniks-sys/coniks-go/protocol/client" + "github.com/coniks-sys/coniks-go/protocol/directory" +) + +func newTestEnv(t *testing.T) (*directory.ConiksDirectory, + *client.ConsistencyChecks) { + d := directory.NewTestDirectory(t) + pk, _ := crypto.StaticSigning(t).Public() + + // create a shadow copy of d.LatestSTR() + // so the latest STR of each side can be update independently. + str := merkletree.NewSTR(crypto.StaticSigning(t), d.LatestSTR().Policies, + merkletree.StaticTree(t), 0, d.LatestSTR().PreviousSTRHash) + dirSTR := protocol.NewDirSTR(str) + cc := client.New(dirSTR, true, pk) + + return d, cc +} + +func strRequest(start, end uint64) *protocol.STRHistoryRequest { + return &protocol.STRHistoryRequest{ + StartEpoch: start, + EndEpoch: end, + } +} + +func TestGetSTRHistory(t *testing.T) { + tests := []struct { + name string + request *protocol.STRHistoryRequest + want error + }{ + {"get next STR", strRequest(1, 1), nil}, + {"get verified STR", strRequest(0, 0), nil}, + {"get range from verified STR to the latest", strRequest(0, 10), nil}, + {"get next published STRs", strRequest(1, 10), nil}, + {"get inconsistency range", strRequest(2, 10), protocol.CheckBadSTR}, + } + for _, tt := range tests { + N := 8 + d, cc := newTestEnv(t) + for i := 0; i < N; i++ { + d.Update() + } + + response := d.GetSTRHistory(tt.request) + err := cc.UpdateSTR(response) + if got, want := err, tt.want; got != want { + t.Errorf("Test %s failed: got %#v, want %#v", tt.name, got.Error(), want) + } + } + +}