Pin key server initial STR, load in client (#204)

Author: masomel

.travis.yml

@@ -4,7 +4,7 @@ language: go
 go:
   - "1.9"
   - "1.10"
-  - tip
+# Temporarily stop testing for Go tip due to unknown go fmt error - tip
 
 # TODO: Run `dep ensure` in Travis
 # see: https://github.com/coniks-sys/coniks-go/pull/201

application/client/config.go

@@ -3,6 +3,7 @@ package client
 import (
 	"github.com/coniks-sys/coniks-go/application"
 	"github.com/coniks-sys/coniks-go/crypto/sign"
+	"github.com/coniks-sys/coniks-go/protocol"
 )
 
 // Config contains the client's configuration needed to send a request to a
@@ -17,8 +18,10 @@ type Config struct {
 	*application.CommonConfig
 
 	SignPubkeyPath string `toml:"sign_pubkey_path"`
+	SigningPubKey  sign.PublicKey
 
-	SigningPubKey sign.PublicKey
+	InitSTRPath string `toml:"init_str_path"`
+	InitSTR     *protocol.DirSTR
 
 	RegAddress string `toml:"registration_address,omitempty"`
 	Address    string `toml:"address"`
@@ -30,11 +33,12 @@ var _ application.AppConfig = (*Config)(nil)
 // given file path, with the given config encoding,
 // server signing public key path, registration address, and
 // server address.
-func NewConfig(file, encoding string, signPubkeyPath, regAddr,
+func NewConfig(file, encoding, signPubkeyPath, initSTRPath, regAddr,
 	serverAddr string) *Config {
 	var conf = Config{
 		CommonConfig:   application.NewCommonConfig(file, encoding, nil),
 		SignPubkeyPath: signPubkeyPath,
+		InitSTRPath:    initSTRPath,
 		RegAddress:     regAddr,
 		Address:        serverAddr,
 	}
@@ -58,6 +62,13 @@ func (conf *Config) Load(file, encoding string) error {
 	}
 	conf.SigningPubKey = signPubKey
 
+	// load initial STR
+	initSTR, err := application.LoadInitSTR(conf.InitSTRPath, file)
+	if err != nil {
+		return err
+	}
+	conf.InitSTR = initSTR
+
 	return nil
 }
 

application/config.go

@@ -1,10 +1,14 @@
 package application
 
 import (
+	"bytes"
+	"encoding/json"
 	"fmt"
 	"io/ioutil"
 
+	"github.com/BurntSushi/toml"
 	"github.com/coniks-sys/coniks-go/crypto/sign"
+	"github.com/coniks-sys/coniks-go/protocol"
 	"github.com/coniks-sys/coniks-go/utils"
 )
 
@@ -61,3 +65,64 @@ func LoadSigningPubKey(path, file string) (sign.PublicKey, error) {
 	}
 	return signPubKey, nil
 }
+
+// LoadInitSTR loads an initial STR at the given path
+// specified in the given config file.
+// If there is any parsing error or the STR is malformed,
+// LoadInitSTR() returns an error with a nil STR.
+func LoadInitSTR(path, file string) (*protocol.DirSTR, error) {
+	initSTRPath := utils.ResolvePath(path, file)
+	initSTRBytes, err := ioutil.ReadFile(initSTRPath)
+	if err != nil {
+		return nil, fmt.Errorf("Cannot read init STR: %v", err)
+	}
+	initSTR := new(protocol.DirSTR)
+	if err := json.Unmarshal(initSTRBytes, &initSTR); err != nil {
+		return nil, fmt.Errorf("Cannot parse initial STR: %v", err)
+	}
+	if initSTR.Epoch != 0 {
+		return nil, fmt.Errorf("Initial STR epoch must be 0 (got %d)", initSTR.Epoch)
+	}
+	return initSTR, nil
+}
+
+// SaveSTR serializes the given STR to the given file.
+func SaveSTR(file string, str *protocol.DirSTR) error {
+	strBytes, err := json.Marshal(str)
+	if err != nil {
+		return err
+	}
+
+	if err := utils.WriteFile(file, strBytes, 0600); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// LoadConfig loads an application configuration from the given toml-encoded
+// file. If there is any decoding error, an LoadConfig() returns an error
+// with a nil config.
+func LoadConfig(file string) (AppConfig, error) {
+	var conf AppConfig
+	if _, err := toml.DecodeFile(file, &conf); err != nil {
+		return nil, fmt.Errorf("Failed to load config: %v", err)
+	}
+	return conf, nil
+}
+
+// SaveConfig stores the given configuration conf in the given
+// file using toml encoding.
+// If there is any encoding or IO error, SaveConfig() returns an error.
+func SaveConfig(file string, conf AppConfig) error {
+	var confBuf bytes.Buffer
+
+	e := toml.NewEncoder(&confBuf)
+	if err := e.Encode(conf); err != nil {
+		return err
+	}
+	if err := utils.WriteFile(file, confBuf.Bytes(), 0644); err != nil {
+		return err
+	}
+	return nil
+}

application/server/config.go

@@ -21,6 +21,8 @@ type Config struct {
 	LoadedHistoryLength uint64 `toml:"loaded_history_length"`
 	// Policies contains the server's CONIKS policies configuration.
 	Policies *Policies `toml:"policies"`
+	// Path to store the initial STR
+	InitSTRPath string `toml:"init_str_path"`
 	// Addresses contains the server's connections configuration.
 	Addresses []*Address `toml:"addresses"`
 	// The server's epoch interval for updating the directory
@@ -34,12 +36,13 @@ var _ application.AppConfig = (*Config)(nil)
 // loaded history length and server application policies.
 func NewConfig(file, encoding string, addrs []*Address,
 	logConfig *application.LoggerConfig,
-	loadedHistLen uint64, policies *Policies) *Config {
+	loadedHistLen uint64, policies *Policies, initSTRPath string) *Config {
 	var conf = Config{
 		CommonConfig:        application.NewCommonConfig(file, encoding, logConfig),
 		LoadedHistoryLength: loadedHistLen,
 		Addresses:           addrs,
 		Policies:            policies,
+		InitSTRPath:         initSTRPath,
 	}
 
 	return &conf

application/server/server.go

@@ -4,6 +4,7 @@ import (
 	"github.com/coniks-sys/coniks-go/application"
 	"github.com/coniks-sys/coniks-go/protocol"
 	"github.com/coniks-sys/coniks-go/protocol/directory"
+	"github.com/coniks-sys/coniks-go/utils"
 )
 
 // An Address describes a server's connection.
@@ -64,6 +65,13 @@ func NewConiksServer(conf *Config) *ConiksServer {
 		epochTimer: application.NewEpochTimer(conf.EpochDeadline),
 	}
 
+	// save the initial STR to be used for initializing auditors
+	// FIXME: this saving should happen in protocol/ (i.e., when the
+	// server starts and updates), because eventually we'll need
+	// persistent storage.
+	initSTRPath := utils.ResolvePath(conf.InitSTRPath, conf.Path)
+	application.SaveSTR(initSTRPath, server.dir.LatestSTR())
+
 	return server
 }
 

cli/coniksclient/internal/cmd/init.go

@@ -21,8 +21,8 @@ func init() {
 func mkConfigOrExit(cmd *cobra.Command, args []string) {
 	dir := cmd.Flag("dir").Value.String()
 	file := path.Join(dir, "config.toml")
-
 	conf := client.NewConfig(file, "toml", "../coniksserver/sign.pub",
+		"../../keyserver/coniksserver/init.str",
 		"tcp://127.0.0.1:3000", "tcp://127.0.0.1:3000")
 
 	if err := conf.Save(); err != nil {

cli/coniksclient/internal/cmd/run.go

@@ -42,7 +42,10 @@ func init() {
 func run(cmd *cobra.Command, args []string) {
 	isDebugging, _ := strconv.ParseBool(cmd.Flag("debug").Value.String())
 	conf := loadConfigOrExit(cmd)
-	cc := client.New(nil, true, conf.SigningPubKey)
+
+	// FIXME: right now we're passing the initSTR, but we should really
+	// be passing the latest pinned STR here
+	cc := client.New(conf.InitSTR, true, conf.SigningPubKey)
 
 	state, err := terminal.MakeRaw(int(os.Stdin.Fd()))
 	if err != nil {

cli/coniksserver/internal/cmd/init.go

@@ -66,7 +66,8 @@ func mkConfig(dir string) {
 		SignKeyPath:   "sign.priv",
 	}
 
-	conf := server.NewConfig(file, "toml", addrs, logger, 1000000, policies)
+	conf := server.NewConfig(file, "toml", addrs, logger, 1000000, policies,
+		"init.str")
 
 	if err := conf.Save(); err != nil {
 		log.Println(err)