-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Client-auditor protocol #155
Changes from 23 commits
5a923db
d9ed76d
146e91a
90e2517
e8178c1
badbafc
3bd8653
c2d107f
13d3eb2
0d0d312
8b1eeeb
3872e32
1f609a8
477cddf
c6d106c
9843f4a
9f212b1
fcebf89
7e54087
699858a
92cee27
92c6a98
073aa70
e3cb343
e886828
3e340b9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,196 @@ | ||
// This module implements a CONIKS audit log that a CONIKS auditor | ||
// maintains. | ||
// An audit log is a mirror of many CONIKS key directories' STR history, | ||
// allowing CONIKS clients to audit the CONIKS directories. | ||
|
||
package protocol | ||
|
||
import ( | ||
"github.com/coniks-sys/coniks-go/crypto/sign" | ||
) | ||
|
||
type directoryHistory struct { | ||
addr string | ||
signKey sign.PublicKey | ||
snapshots map[uint64]*DirSTR | ||
latestSTR *DirSTR | ||
} | ||
|
||
// A ConiksAuditLog maintains the histories | ||
// of all CONIKS directories known to a CONIKS auditor, | ||
// indexing the histories by the hash of a directory's initial | ||
// STR (specifically, the hash of the STR's signature as a string). | ||
// Each history includes the directory's domain addr as a string, its | ||
// public signing key enabling the auditor to verify the corresponding | ||
// signed tree roots, and a map with the snapshots for each observed | ||
// epoch. | ||
type ConiksAuditLog map[string]*directoryHistory | ||
|
||
// updateLatestSTR inserts a new STR into a directory history; | ||
// assumes the STR has been validated by the caller | ||
func (h *directoryHistory) updateLatestSTR(newLatest *DirSTR) { | ||
h.snapshots[newLatest.Epoch] = newLatest | ||
h.latestSTR = newLatest | ||
} | ||
|
||
// caller validates that initSTR is for epoch 0 | ||
func newDirectoryHistory(addr string, signKey sign.PublicKey, initSTR *DirSTR) *directoryHistory { | ||
h := new(directoryHistory) | ||
h.addr = addr | ||
h.signKey = signKey | ||
h.snapshots = make(map[uint64]*DirSTR) | ||
h.updateLatestSTR(initSTR) | ||
return h | ||
} | ||
|
||
// NewAuditLog constructs a new ConiksAuditLog. It creates an empty | ||
// log; the auditor will add an entry for each CONIKS directory | ||
// the first time it observes an STR for that directory. | ||
func NewAuditLog() ConiksAuditLog { | ||
return make(map[string]*directoryHistory) | ||
} | ||
|
||
// Set associates the given directoryHistory with the directory identifier | ||
// (i.e. the hash of the initial STR) dirInitHash in the ConiksAuditLog. | ||
func (l ConiksAuditLog) Set(dirInitHash string, dirHistory *directoryHistory) { | ||
l[dirInitHash] = dirHistory | ||
} | ||
|
||
// Get retrieves the directory history for the given directory identifier | ||
// dirInitHash from the ConiksAuditLog. | ||
// Get() also returns a boolean indicating whether the requested dirInitHash | ||
// is present in the log. | ||
func (l ConiksAuditLog) Get(dirInitHash string) (*directoryHistory, bool) { | ||
h, ok := l[dirInitHash] | ||
return h, ok | ||
} | ||
|
||
// Insert creates a new directory history for the key directory addr, | ||
// verifies the consistency of the STR history so far, and inserts it | ||
// into the audit log l if the checks pass. | ||
// The directory history is initialized with the key directory's | ||
// signing key signKey, and a list of snapshots snaps representing the | ||
// directory's STR history so far, in chronological order. | ||
// Insert() returns an ErrAuditLog if the auditor attempts to create | ||
// a new history for a known directory, an ErrMalformedDirectoryMessage | ||
// if oldSTRs is malformed, a CheckBadSignature or CheckBadSTR if there | ||
// is an inconsistency in the history given in hist, and nil otherwise. | ||
// Insert() only creates the initial entry in the log for addr. Use Update() | ||
// to insert newly observed STRs for addr in subsequent epochs. | ||
// FIXME: pass Response message as param | ||
// masomel: will probably want to write a more generic function | ||
// for "catching up" on a history in case an auditor misses epochs | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Before we merge this, the comments should follow golang's documentation convention (start with There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ah yes, thanks for pointing this out! |
||
func (l ConiksAuditLog) Insert(addr string, signKey sign.PublicKey, | ||
snaps []*DirSTR) error { | ||
|
||
// make sure we're getting an initial STR at the very least | ||
if len(snaps) < 1 && snaps[0].Epoch != 0 { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should it be There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Oops yes, this should be an OR. Thank you for catching that. |
||
return ErrMalformedDirectoryMessage | ||
} | ||
|
||
// compute the hash of the initial STR | ||
dirInitHash := ComputeDirectoryIdentity(snaps[0]) | ||
|
||
// error if we want to create a new entry for a directory | ||
// we already know | ||
h, ok := l.Get(dirInitHash) | ||
if ok { | ||
return ErrAuditLog | ||
} | ||
|
||
// create the new directory history | ||
h = newDirectoryHistory(addr, signKey, snaps[0]) | ||
|
||
// add each STR into the history | ||
// start at 1 since we've inserted the initial STR above | ||
// This loop automatically catches if snaps is malformed | ||
// (i.e. snaps is missing an epoch between 0 and the latest given) | ||
for i := 1; i < len(snaps); i++ { | ||
str := snaps[i] | ||
if str == nil || str.Epoch != uint64(i) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This check is only needed because There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I do think that this property is inherent in the consistency check, since we are verify using the initial STR, and it would fail if There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What I meant is that |
||
return ErrMalformedDirectoryMessage | ||
} | ||
|
||
// verify the consistency of each new STR before inserting | ||
// into the audit log | ||
err := verifySTRConsistency(signKey, h.latestSTR, str) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
|
||
if err != nil { | ||
return err | ||
} | ||
|
||
h.updateLatestSTR(snaps[i]) | ||
} | ||
|
||
// Finally, add the new history to the log | ||
l.Set(dirInitHash, h) | ||
|
||
return nil | ||
} | ||
|
||
// Update verifies the consistency of a newly observed STR newSTR for | ||
// the directory addr, and inserts the newSTR into addr's directory history | ||
// if the checks (i.e. STR signature and hash chain verifications) pass. | ||
// Update() returns nil if the checks pass, and the appropriate consistency | ||
// check error otherwise. Update() assumes that Insert() has been called for | ||
// addr prior to its first call and thereby expects that an entry for addr | ||
// exists in the audit log l. | ||
// FIXME: pass Response message as param | ||
func (l ConiksAuditLog) Update(dirInitHash string, newSTR *DirSTR) error { | ||
|
||
// error if we want to update the entry for an addr we don't know | ||
h, ok := l.Get(dirInitHash) | ||
if !ok { | ||
return ErrAuditLog | ||
} | ||
|
||
if err := verifySTRConsistency(h.signKey, h.latestSTR, newSTR); err != nil { | ||
return err | ||
} | ||
|
||
// update the latest STR | ||
h.updateLatestSTR(newSTR) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. With the refactor suggested above, these two operations ( There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Because of what I'm doing for #170, I need to see if it makes sense to refactor these operations both on the client and auditor. I'll probably hold off on that for now. |
||
return nil | ||
} | ||
|
||
// GetObservedSTRs gets a range of observed STRs for the CONIKS directory | ||
// address indicated in the AuditingRequest req received from a | ||
// CONIKS client, and returns a tuple of the form (response, error). | ||
// The response (which also includes the error code) is sent back to | ||
// the client. The returned error is used by the auditor | ||
// for logging purposes. | ||
// | ||
// A request without a directory address, with a StartEpoch or EndEpoch | ||
// greater than the latest observed epoch of this directory, or with | ||
// at StartEpoch > EndEpoch is considered | ||
// malformed and causes GetObservedSTRs() to return a | ||
// message.NewErrorResponse(ErrMalformedClientMessage) tuple. | ||
// GetObservedSTRs() returns a message.NewSTRHistoryRange(strs) tuple. | ||
// strs is a list of STRs for the epoch range [StartEpoch, EndEpoch]; | ||
// if StartEpoch == EndEpoch, the list returned is of length 1. | ||
// If the auditor doesn't have any history entries for the requested CONIKS | ||
// directory, GetObservedSTRs() returns a | ||
// message.NewErrorResponse(ReqUnknownDirectory) tuple. | ||
func (l ConiksAuditLog) GetObservedSTRs(req *AuditingRequest) (*Response, | ||
ErrorCode) { | ||
|
||
// make sure we have a history for the requested directory in the log | ||
h, ok := l.Get(req.DirInitSTRHash) | ||
if !ok { | ||
return NewErrorResponse(ReqUnknownDirectory), ReqUnknownDirectory | ||
} | ||
|
||
// make sure the request is well-formed | ||
if req.EndEpoch > h.latestSTR.Epoch || req.StartEpoch > req.EndEpoch { | ||
return NewErrorResponse(ErrMalformedClientMessage), | ||
ErrMalformedClientMessage | ||
} | ||
|
||
var strs []*DirSTR | ||
for ep := req.StartEpoch; ep <= req.EndEpoch; ep++ { | ||
str := h.snapshots[ep] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is problematic if latestSTR isn't in the snapshots. See the discussion above. |
||
strs = append(strs, str) | ||
} | ||
|
||
return NewSTRHistoryRange(strs) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we unexport this function? Same with
Set
.