From 5d21f7c5afcf28352d2d095e389d600892b9c369 Mon Sep 17 00:00:00 2001 From: huyvq Date: Thu, 8 Jun 2017 12:51:11 +0700 Subject: [PATCH] Revert #170 --- protocol/auditor.go | 55 ----------------------------------- protocol/consistencychecks.go | 45 ++++++++++++++++++++++++---- 2 files changed, 39 insertions(+), 61 deletions(-) delete mode 100644 protocol/auditor.go diff --git a/protocol/auditor.go b/protocol/auditor.go deleted file mode 100644 index c631c31..0000000 --- a/protocol/auditor.go +++ /dev/null @@ -1,55 +0,0 @@ -// This module implements a generic CONIKS auditor, i.e. the -// functionality that clients and auditors need to verify -// a server's STR history. - -package protocol - -import ( - "reflect" - - "github.com/coniks-sys/coniks-go/crypto/sign" -) - -type auditorState struct { - // SavedSTR stores the latest verified signed tree root. - SavedSTR *DirSTR - signKey sign.PublicKey -} - -// NewAuditorState creates an auditor state for a specific directory. -func newAuditorState(signKey sign.PublicKey, saved *DirSTR) *auditorState { - return &auditorState{ - SavedSTR: saved, - signKey: signKey, - } -} - -// verifySTR checks whether the received STR is the same with -// the saved STR in the audit state using reflect.DeepEqual(). -// FIXME: check whether the STR was issued on time and whatnot. -// Maybe it has something to do w/ #81 and client transitioning between epochs. -// Try to verify w/ what's been saved -func (a *auditorState) verifySTR(str *DirSTR) error { - if reflect.DeepEqual(a.SavedSTR, str) { - return nil - } - return CheckBadSTR -} - -// verifySTRConsistency checks the consistency between 2 snapshots. -// It uses the signing key signKey to verify the STR's signature. -// The signKey param either comes from a client's -// pinned signing key in its consistency state, -// or an auditor's pinned signing key in its history. -func (a *auditorState) verifySTRConsistency(savedSTR, str *DirSTR) error { - // verify STR's signature - if !a.signKey.Verify(str.Serialize(), str.Signature) { - return CheckBadSignature - } - if str.VerifyHashChain(savedSTR) { - return nil - } - - // TODO: verify the directory's policies as well. See #115 - return CheckBadSTR -} diff --git a/protocol/consistencychecks.go b/protocol/consistencychecks.go index 5ae0e7b..d504a33 100644 --- a/protocol/consistencychecks.go +++ b/protocol/consistencychecks.go @@ -7,6 +7,7 @@ package protocol import ( "bytes" + "reflect" "github.com/coniks-sys/coniks-go/crypto/sign" m "github.com/coniks-sys/coniks-go/merkletree" @@ -24,7 +25,8 @@ import ( // subsequent responses from the ConiksDirectory to any // client request. type ConsistencyChecks struct { - *auditorState + // SavedSTR stores the latest verified signed tree root. + SavedSTR *DirSTR // Bindings stores all the verified name-to-key bindings. Bindings map[string][]byte // RegEpoch keeps the registration epoch of each user. @@ -38,6 +40,8 @@ type ConsistencyChecks struct { // extensions settings useTBs bool TBs map[string]*TemporaryBinding + + signKey sign.PublicKey } // NewCC creates an instance of ConsistencyChecks using @@ -50,11 +54,12 @@ func NewCC(savedSTR *DirSTR, signKey sign.PublicKey, regs map[string]uint64, panic("[coniks] Currently the server is forced to use TBs") } cc := &ConsistencyChecks{ - auditorState: newAuditorState(signKey, savedSTR), - Bindings: make(map[string][]byte), - RegEpoch: regs, - oldSTR: savedSTR, - useTBs: useTBs, + SavedSTR: savedSTR, + Bindings: make(map[string][]byte), + useTBs: useTBs, + signKey: signKey, + RegEpoch: regs, + oldSTR: savedSTR, } if len(regs) == 0 { cc.RegEpoch = make(map[string]uint64) @@ -168,6 +173,34 @@ func (cc *ConsistencyChecks) updateSTR(requestType int, msg *Response) error { return nil } +// verifySTR checks whether the received STR is the same with +// the SavedSTR using reflect.DeepEqual(). +// FIXME: check whether the STR was issued on time and whatnot. +// Maybe it has something to do w/ #81 and client transitioning between epochs. +// Try to verify w/ what's been saved +func (cc *ConsistencyChecks) verifySTR(str *DirSTR) error { + if reflect.DeepEqual(cc.SavedSTR, str) { + return nil + } + return CheckBadSTR +} + +// verifySTRConsistency checks the consistency between 2 snapshots. +// It uses the pinned signing key in cc +// to verify the STR's signature and should not verify +// the hash chain using the STR stored in cc. +func (cc *ConsistencyChecks) verifySTRConsistency(savedSTR, str *DirSTR) error { + // verify STR's signature + if !cc.signKey.Verify(str.Serialize(), str.Signature) { + return CheckBadSignature + } + if str.VerifyHashChain(savedSTR) { + return nil + } + // TODO: verify the directory's policies as well. See #115 + return CheckBadSTR +} + func (cc *ConsistencyChecks) checkConsistency(requestType int, msg *Response, uname string, key []byte) ErrorCode { var err error