Rebase auditor-cli code onto refactored cli package

application/auditor/config.go

@@ -0,0 +1,87 @@
+package auditor
+
+import (
+	"github.com/coniks-sys/coniks-go/application"
+	"github.com/coniks-sys/coniks-go/crypto/sign"
+	"github.com/coniks-sys/coniks-go/protocol"
+)
+
+// directoryConfig contains the auditor's configuration needed to send a
+// request to a CONIKS server: the path to the server's signing public-key
+// file and the actual public-key parsed from that file; the path to
+// the server's initial STR file and the actual STR parsed from that file;
+// the server's address for receiving STR history requests.
+type directoryConfig struct {
+	SignPubkeyPath string `toml:"sign_pubkey_path"`
+	SigningPubKey  sign.PublicKey
+
+	InitSTRPath string `toml:"init_str_path"`
+	InitSTR     *protocol.DirSTR
+
+	Address string `toml:"address"`
+}
+
+// Config maintains the auditor's configurations for all CONIKS
+// directories it tracks.
+type Config struct {
+	TrackedDirs []*directoryConfig
+	// TODO: Add server-side auditor config
+}
+
+var _ application.AppConfig = (*Config)(nil)
+
+func newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) *directoryConfig {
+	var dconf = directoryConfig{
+		SignPubkeyPath: signPubkeyPath,
+		InitSTRPath:    initSTRPath,
+		Address:        serverAddr,
+	}
+
+	return &dconf
+}
+
+// NewConfig initializes a new auditor configuration with the given
+// server signing public key path, registration address, and
+// server address.
+func NewConfig() *Config {
+	var conf = Config{
+		TrackedDirs: make([]*directoryConfig, 0),
+	}
+	return &conf
+}
+
+// AddDirectoryConfig adds the given CONIKS server settings to the
+// auditor's configuration.
+func (conf *Config) AddDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr string) {
+	dconf := newDirectoryConfig(signPubkeyPath, initSTRPath, serverAddr)
+	conf.TrackedDirs = append(conf.TrackedDirs, dconf)
+}
+
+// Load initializes an auditor's configuration from the given file.
+// For each directory in the configuration, it reads the signing public-key file
+// and initial STR file, and parses the actual key and initial STR.
+func (conf *Config) Load(file string) error {
+	tmp, err := application.LoadConfig(file)
+	if err != nil {
+		return err
+	}
+	conf = tmp.(*Config)
+
+	for _, dconf := range conf.TrackedDirs {
+		// load signing key
+		signPubKey, err := application.LoadSigningPubKey(dconf.SignPubkeyPath, file)
+		if err != nil {
+			return err
+		}
+		dconf.SigningPubKey = signPubKey
+
+		// load initial STR
+		initSTR, err := application.LoadInitSTR(dconf.InitSTRPath, file)
+		if err != nil {
+			return err
+		}
+		dconf.InitSTR = initSTR
+	}
+
+	return nil
+}

coniksauditor/doc.go → application/auditor/doc.go

@@ -1,9 +1,9 @@
 /*
-Package coniksauditor provides an executable of
-an auditor for the CONIKS key management system.
+Package auditor implements the CONIKS auditor service
+protocol.
 
 Note: The auditor can current only be used in
 interactive test mode with a server, and does not
 accept auditing requests from CONIKS clients.
 */
-package coniksauditor
+package auditor

application/bots/twitterbot.go

@@ -12,7 +12,6 @@ import (
 
 	"github.com/coniks-sys/coniks-go/application"
 	"github.com/coniks-sys/coniks-go/protocol"
-	"github.com/coniks-sys/coniks-go/utils/binutils"
 	"github.com/dghubble/go-twitter/twitter"
 	"github.com/dghubble/oauth1"
 )

application/config.go

@@ -2,11 +2,13 @@ package application
 
 import (
 	"bytes"
+	"encoding/json"
 	"fmt"
 	"io/ioutil"
 
 	"github.com/BurntSushi/toml"
 	"github.com/coniks-sys/coniks-go/crypto/sign"
+	"github.com/coniks-sys/coniks-go/protocol"
 	"github.com/coniks-sys/coniks-go/utils"
 )
 
@@ -33,6 +35,26 @@ func LoadSigningPubKey(path, file string) (sign.PublicKey, error) {
 	return signPubKey, nil
 }
 
+// LoadIinitSTR loads an initial STR at the given path
+// specified in the given config file.
+// If there is any parsing error or the STR is malformed,
+// LoadInitSTR() returns an error with a nil STR.
+func LoadInitSTR(path, file string) (*protocol.DirSTR, error) {
+	initSTRPath := utils.ResolvePath(path, file)
+	initSTRBytes, err := ioutil.ReadFile(initSTRPath)
+	if err != nil {
+		return nil, fmt.Errorf("Cannot read init STR: %v", err)
+	}
+	initSTR := new(protocol.DirSTR)
+	if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil {
+		return nil, fmt.Errorf("Cannot parse initial STR: %v", err)
+	}
+	if initSTR.Epoch != 0 {
+		return nil, fmt.Errorf("Initial STR epoch must be 0 (got %d)", initSTR.Epoch)
+	}
+	return initSTR, nil
+}
+
 // LoadConfig loads an application configuration from the given toml-encoded
 // file. If there is any decoding error, an LoadConfig() returns an error
 // with a nil config.

application/encoding.go

@@ -8,6 +8,7 @@ import (
 	"encoding/json"
 
 	"github.com/coniks-sys/coniks-go/protocol"
+	"github.com/coniks-sys/coniks-go/utils"
 )
 
 // MarshalRequest returns a JSON encoding of the client's request.
@@ -39,6 +40,8 @@ func UnmarshalRequest(msg []byte) (*protocol.Request, error) {
 		request = new(protocol.KeyLookupInEpochRequest)
 	case protocol.MonitoringType:
 		request = new(protocol.MonitoringRequest)
+	case protocol.STRType:
+		request = new(protocol.STRHistoryRequest)
 	}
 	if err := json.Unmarshal(content, &request); err != nil {
 		return nil, err
@@ -92,6 +95,17 @@ func UnmarshalResponse(t int, msg []byte) *protocol.Response {
 			Error:             res.Error,
 			DirectoryResponse: response,
 		}
+	case protocol.AuditType, protocol.STRType:
+		response := new(protocol.STRHistoryRange)
+		if err := json.Unmarshal(res.DirectoryResponse, &response); err != nil {
+			return &protocol.Response{
+				Error: protocol.ErrMalformedMessage,
+			}
+		}
+		return &protocol.Response{
+			Error:             res.Error,
+			DirectoryResponse: response,
+		}
 	default:
 		panic("Unknown request type")
 	}
@@ -104,3 +118,30 @@ func malformedClientMsg(err error) *protocol.Response {
 	}
 	return protocol.NewErrorResponse(protocol.ErrMalformedMessage)
 }
+
+// CreateSTRRequestMsg returns a JSON encoding of
+// a protocol.STRHistoryRequest for the given (start, end) epoch
+// range.
+func CreateSTRRequestMsg(start, end uint64) ([]byte, error) {
+	return json.Marshal(&protocol.Request{
+		Type: protocol.STRType,
+		Request: &protocol.STRHistoryRequest{
+			StartEpoch: start,
+			EndEpoch:   end,
+		},
+	})
+}
+
+// MarshalSTRToFile serializes the given STR to the given path.
+func MarshalSTRToFile(str *protocol.DirSTR, path string) error {
+	strBytes, err := json.Marshal(str)
+	if err != nil {
+		return err
+	}
+
+	if err := utils.WriteFile(path, strBytes, 0600); err != nil {
+		return err
+	}
+
+	return nil
+}

application/encoding_test.go

@@ -22,7 +22,20 @@ func TestUnmarshalErrorResponse(t *testing.T) {
 	}
 }
 
-func TestUnmarshalMalformedErrorResponse(t *testing.T) {
+func TestUnmarshalErrorSTRHistoryResponse(t *testing.T) {
+	errResponse := protocol.NewErrorResponse(protocol.ErrAuditLog)
+	msg, err := json.Marshal(errResponse)
+	if err != nil {
+		t.Fatal(err)
+	}
+	res := UnmarshalResponse(protocol.AuditType, msg)
+	if res.Error != protocol.ErrAuditLog {
+		t.Error("Expect error", protocol.ErrAuditLog,
+			"got", res.Error)
+	}
+}
+
+func TestUnmarshalMalformedDirectoryProof(t *testing.T) {
 	errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound)
 	msg, err := json.Marshal(errResponse)
 	if err != nil {
@@ -35,7 +48,20 @@ func TestUnmarshalMalformedErrorResponse(t *testing.T) {
 	}
 }
 
-func TestUnmarshalSampleMessage(t *testing.T) {
+func TestUnmarshalMalformedSTRHistoryRange(t *testing.T) {
+	errResponse := protocol.NewErrorResponse(protocol.ReqNameNotFound)
+	msg, err := json.Marshal(errResponse)
+	if err != nil {
+		t.Fatal(err)
+	}
+	res := UnmarshalResponse(protocol.STRType, msg)
+	if res.Error != protocol.ErrMalformedMessage {
+		t.Error("Expect error", protocol.ErrMalformedMessage,
+			"got", res.Error)
+	}
+}
+
+func TestUnmarshalSampleClientMessage(t *testing.T) {
 	d, _ := directory.NewTestDirectory(t, true)
 	res := d.Register(&protocol.RegistrationRequest{
 		Username: "alice",
@@ -47,3 +73,16 @@ func TestUnmarshalSampleMessage(t *testing.T) {
 		t.Error("Cannot unmarshal Associate Data properly")
 	}
 }
+
+func TestUnmarshalSampleAuditorMessage(t *testing.T) {
+	d, _ := directory.NewTestDirectory(t, true)
+	res := d.GetSTRHistory(&protocol.STRHistoryRequest{
+		StartEpoch: uint64(0),
+		EndEpoch:   uint64(1)})
+	msg, _ := MarshalResponse(res)
+	response := UnmarshalResponse(protocol.STRType, []byte(msg))
+	str := response.DirectoryResponse.(*protocol.STRHistoryRange).STR[0]
+	if !bytes.Equal(d.LatestSTR().Serialize(), str.Serialize()) {
+		t.Error("Cannot unmarshal Associate Data properly")
+	}
+}

application/server/config.go

@@ -20,6 +20,8 @@ type Config struct {
 	LoadedHistoryLength uint64 `toml:"loaded_history_length"`
 	// Policies contains the server's CONIKS policies configuration.
 	Policies *Policies `toml:"policies"`
+	// Path to store the initial STR
+	InitSTRPath string `toml:"init_str_path"`
 	// Addresses contains the server's connections configuration.
 	Addresses []*Address `toml:"addresses"`
 }

application/server/server.go

@@ -6,6 +6,7 @@ import (
 	"github.com/coniks-sys/coniks-go/application"
 	"github.com/coniks-sys/coniks-go/protocol"
 	"github.com/coniks-sys/coniks-go/protocol/directory"
+	"github.com/coniks-sys/coniks-go/utils"
 )
 
 // An Address describes a server's connection.
@@ -68,6 +69,11 @@ func NewConiksServer(conf *Config) *ConiksServer {
 		epochTimer: time.NewTimer(time.Duration(conf.Policies.EpochDeadline) * time.Second),
 	}
 
+	// save the initial STR to be used for initializing auditors
+	initSTRPath := utils.ResolvePath(conf.InitSTRPath,
+		conf.ConfigFilePath)
+	application.MarshalSTRToFile(server.dir.LatestSTR(), initSTRPath)
+
 	return server
 }
 

application/server/server_test.go

@@ -13,10 +13,6 @@ import (
 	"github.com/coniks-sys/coniks-go/crypto/sign"
 	"github.com/coniks-sys/coniks-go/crypto/vrf"
 	"github.com/coniks-sys/coniks-go/protocol"
-<<<<<<< HEAD:application/server/server_test.go
-=======
-	"github.com/coniks-sys/coniks-go/utils/binutils"
->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go
 )
 
 var registrationMsg = `
@@ -87,20 +83,8 @@ func newTestServer(t *testing.T, epDeadline protocol.Timestamp, useBot bool,
 		},
 		LoadedHistoryLength: 100,
 		Addresses:           addrs,
-<<<<<<< HEAD:application/server/server_test.go
 		Policies: NewPolicies(epDeadline, "", "", vrfKey,
 			signKey),
-=======
-		Policies: &ServerPolicies{
-			EpochDeadline: epDeadline,
-			vrfKey:        vrfKey,
-			signKey:       signKey,
-		},
-		Logger: &binutils.LoggerConfig{
-			Environment: "development",
-			Path:        path.Join(dir, "coniksserver.log"),
-		},
->>>>>>> 5a6db3d... Add auditor config and encoding:coniksserver/server_test.go
 	}
 
 	return NewConiksServer(conf), conf

cli/coniksauditor/coniksauditor.go

@@ -0,0 +1,12 @@
+// Executable CONIKS auditor. See README for
+// usage instructions.
+package main
+
+import (
+	"github.com/coniks-sys/coniks-go/cli"
+	"github.com/coniks-sys/coniks-go/cli/coniksauditor/internal/cmd"
+)
+
+func main() {
+	cli.Execute(cmd.RootCmd)
+}

cli/coniksauditor/internal/cmd/init.go

@@ -0,0 +1,36 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"path"
+
+	"github.com/coniks-sys/coniks-go/application"
+	"github.com/coniks-sys/coniks-go/application/auditor"
+	"github.com/coniks-sys/coniks-go/cli"
+	"github.com/spf13/cobra"
+)
+
+var initCmd = cli.NewInitCommand("CONIKS auditor", mkConfigOrExit)
+
+func init() {
+	RootCmd.AddCommand(initCmd)
+	initCmd.Flags().StringP("dir", "d", ".",
+		"Location of directory for storing generated files")
+}
+
+func mkConfigOrExit(cmd *cobra.Command, args []string) {
+	dir := cmd.Flag("dir").Value.String()
+	file := path.Join(dir, "config.toml")
+
+	conf := auditor.NewConfig()
+	conf.AddDirectoryConfig("../../keyserver/coniksserver/sign.pub",
+		"../../keyserver/coniksserver/init_str",
+		"tcp://127.0.0.1:3000")
+
+	if err := application.SaveConfig(file, conf); err != nil {
+		fmt.Println("Couldn't save config. Error message: [" +
+			err.Error() + "]")
+		os.Exit(-1)
+	}
+}