Add verification methods #74
Conversation
vqhuy
force-pushed
the
cgo-client
branch
2 times, most recently
from
7ed7bbe
to
f91dc4c
Compare
vqhuy
changed the title
vqhuy
force-pushed
the
lookup
branch
2 times, most recently
from
60f803d
to
498f6e8
Compare
vqhuy
force-pushed
the
cgo-client
branch
5 times, most recently
from
23b04d4
to
4e9f659
Compare
vqhuy
force-pushed
the
cgo-client
branch
5 times, most recently
from
7fec73a
to
a7c6680
Compare
| } | ||
| } | ||
|
|
||
| // step 2. verify STR's signature |
There was a problem hiding this comment.
I think it makes more sense to verify the STR signature before verifying the TB's signature, since the TB's signature depends on the STR's signature.
arlolra
force-pushed
the
registration-bots
branch
from
c2e9d08
to
3a20ee8
Compare
vqhuy
force-pushed
the
registration-bots
branch
from
3a20ee8
to
c89c5d5
Compare
Q: Which epoch did this lookup happen in? A: verifyFulfilledPromise must take a STR as its argument. This STR should be verified in updateSTR (e.g., epoch transitioning etc ...).
| if err := cc.verifySTR(str); err == nil { | ||
| return nil | ||
| } | ||
| // Otherwise, expect that we've enterred a new epoch |
| // FIXME: check whether the STR was issued on time and whatnot. | ||
| // Maybe it has something to do w/ #81 and client transitioning between epochs. | ||
| // Try to verify w/ what's been saved | ||
| if err := cc.verifySTR(str); err == nil { |
There was a problem hiding this comment.
https://github.com/coniks-sys/coniks-go/blob/cgo-client/protocol/consistencychecks.go#L257 states that verifySTR() should only be called in the case that requestType is KeyLookupType, but here it's clearly called for a RegistrationType as well. I'm probably missing something, but won't verifySTR() return an ErrorBadSTR in that case? I'm unclear at which point the cc is initialized with an STR before the registration response is received that won't cause verifySTR() to fail. (I see that in the tests we sort of "cheat" and just pass in d.LatestSTR(), but this presumably won't be the case in practice).
There was a problem hiding this comment.
Here is @arlolra explanantion:
#74 (comment)
There was a problem hiding this comment.
I had originally written it like this, 80e453c
But Huy made this change, 8e97d88
I'm assuming because of #74 (comment)
However, we've since opened #106 and agreed to do TOFU for the time being, so that should probably be reverted too? Huy?
Maybe he was thinking we'd do a #119 first?
There was a problem hiding this comment.
I see, thanks for this explanation.
| return nil | ||
| } | ||
| // Otherwise, expect that we've enterred a new epoch | ||
| if err := cc.verifySTRConsistency(cc.SavedSTR, str); err != nil { |
There was a problem hiding this comment.
Similarly to above, https://github.com/coniks-sys/coniks-go/blob/cgo-client/protocol/consistencychecks.go#L238 states that verifySTRConsistency() should only be called in the case of a RegistrationType or a MonitoringType. So I'm wondering why the registration and key lookup responses are being handled the same way.
There was a problem hiding this comment.
Sorry, the comment is no longer true. See #74 (comment).
| // This uses the pinning signing key in cc | ||
| // verifySTRConsistency checks the consistency between 2 snapshots. | ||
| // This should be called if the request is either registration or | ||
| // monitoring. It uses the pinning signing key in cc |
| return invalidProof, ErrorBadCommitment | ||
| } | ||
| proofType = proofOfInclusion | ||
| key = ap.Leaf.Value |
There was a problem hiding this comment.
I would add to the comment that we accept the received key as TOFU.
| case msg.Error == ErrorNameNotFound && proofType == proofOfAbsence: | ||
| case msg.Error == Success: | ||
| case msg.Error == ErrorNameNotFound && proofType == m.ProofOfAbsence: | ||
| case msg.Error == Success && proofType == m.ProofOfInclusion && tb == nil: |
There was a problem hiding this comment.
This case is going to change when we support key changes, so I would add a FIXME or TODO to indicate this.
| func (cc *ConsistencyChecks) verifyReturnedPromise(requestType int, | ||
| responseCode ErrorCode, df *DirectoryProof, | ||
| // These above checks should be performed before calling this method. | ||
| func (cc *ConsistencyChecks) verifyReturnedPromise(df *DirectoryProof, |
There was a problem hiding this comment.
Update the comment: https://github.com/coniks-sys/coniks-go/blob/cgo-client/protocol/consistencychecks.go#L286 states that verifyReturnedPromise() operates based on the request type, which no longer is true.
| func (cc *ConsistencyChecks) verifyReturnedPromise(requestType int, | ||
| responseCode ErrorCode, df *DirectoryProof, | ||
| // These above checks should be performed before calling this method. | ||
| func (cc *ConsistencyChecks) verifyReturnedPromise(df *DirectoryProof, | ||
| uname string, key []byte) error { |
There was a problem hiding this comment.
The uname parameter seems to be unused, and the ap.LookupIndex will have already been validated when verifyReturnedPromise() is called, right? We can drop this param.
| // The client should create a new ConsistencyChecks instance only once, | ||
| // when she registers her binding with a ConiksDirectory. | ||
| // This ConsistencyChecks instance then will be used to verify | ||
| // the returned responses from the ConiksDirectory. | ||
| type ConsistencyChecks struct { | ||
| oldSTR *m.SignedTreeRoot // keep a copy of SavedSTR before it gets updated |
There was a problem hiding this comment.
Is the idea for oldSTR to be a workaround for keeping track when the client has transitioned between epochs? It only seems to be relevant in verifyFulfilledPromise(), which we still expect to change when we address #116, right?
| if !tb.Verify(ap) { | ||
| if tb, ok := cc.TBs[uname]; ok { | ||
| if str.Epoch != cc.oldSTR.Epoch+1 { | ||
| return ErrorBadPromise |
There was a problem hiding this comment.
Doesn't this case being true indicate that we didn't verify a TB during the next epoch (e.g. because we didn't do a lookup for this uname)? That doesn't make it a bad (i.e. invalid) TB per se, so I'm not sure if we should be returning an error here, or if we should just delete the old TB for now (until we have #116 implemented).
There was a problem hiding this comment.
Sorry, I thought that we could use KeyLookup for monitoring until we support it. I should revert this commit and add a FIXME here as @arlolra did.
There was a problem hiding this comment.
I thought that we could use KeyLookup for monitoring until we support it.
Oh, I see. I think this would actually be fine.,and just add a FIXME. Let me look at the new changes, though.
- Re-arrange methods' order. - Remove redundant params. - Remove comments which are no longer true. - Add more tests
I re-organized code in ea46aaa. Thanks for your advice about that! |
|
|
||
| proofType := ap.ProofType() | ||
| switch { | ||
| case msg.Error == ErrorNameExisted && proofType == m.ProofOfInclusion && tb == nil: |
There was a problem hiding this comment.
Any reason you preferred this as tb == nil instead of the useTBs in 4a345e8?
There was a problem hiding this comment.
I think tb==nil is more appropriate in this case, since we expect a nill tb regardless of the value of cc.useTBs. In other hand, we probably need to use a TB extension (this way or other ways), so cc.useTBs makes not much sense to me. Or maybe that's the thinking I have when working on #89.
There was a problem hiding this comment.
we expect a nil tb regardless of the value of cc.useTBs.
Yes, that's true, but we're trying to eliminated the use of TBs here and only reference them in updateTB. I think it's ok to omit it and just have msg.Error == ErrorNameExisted && proofType == m.ProofOfInclusion.
However, I was more concerned with msg.Error == ErrorNameExisted && proofType == m.ProofOfAbsence, which is only valid if useTB is true.
There was a problem hiding this comment.
Yes, you're totally right. I was mixed between 2 tasks.
| case msg.Error == ErrorNameNotFound && proofType == m.ProofOfAbsence: | ||
| // FIXME: This would be changed when we support key changes | ||
| case msg.Error == Success && proofType == m.ProofOfInclusion && tb == nil: | ||
| case msg.Error == Success && proofType == m.ProofOfAbsence: |
There was a problem hiding this comment.
Same w/ this one msg.Error == Success && proofType == m.ProofOfAbsence && cc.useTBs.
| type ProofType int | ||
|
|
||
| const ( | ||
| undeterminedProof ProofType = iota |
There was a problem hiding this comment.
Is undeterminedProof still relevant? Doesn't seem like it's being used.
There was a problem hiding this comment.
It is being used in https://github.com/coniks-sys/coniks-go/pull/74/files/d7581cc23856723abcb0162f00cdec9d8b302905#diff-7e6b87a14023c0ebd22fb0b547fb3832R102 to avoid repeating bytes.Equal() calls.
| } | ||
|
|
||
| // And update the saved STR | ||
| cc.SavedSTR = str |
There was a problem hiding this comment.
If we had any other request types, this would overwrite with nil, right.
Can we all a default case that panics?
There was a problem hiding this comment.
We already panic in HandleResponse, is that enough?
There was a problem hiding this comment.
I'd prefer to have it in both places, like checkConsistency.
| case msg.Error == Success && proofType == m.ProofOfInclusion: | ||
| if err := cc.verifyFulfilledPromise(uname, str, ap); err != nil { | ||
| return err | ||
| } |
There was a problem hiding this comment.
Can we move the delete(cc.TBs, uname) to here?
|
After those two last things, please squash and merge this. |
|
Merged in d92753d. |
|
Yay!! |
|
Crap, sorry everyone :( |
To be paired w/ #86
protocol/clientlibrary.