Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConsistencyChecks ¶
type ConsistencyChecks struct { // the auditor state stores the latest verified signed tree root // as well as the server's signing key *auditor.AudState Bindings map[string][]byte TBs map[string]*protocol.TemporaryBinding // contains filtered or unexported fields }
ConsistencyChecks stores the latest consistency check state of a CONIKS client. This includes the latest SignedTreeRoot, all the verified name-to-key bindings of the client, as well as a directory's policies (e.g., whether the TemporaryBinding extension is being used).
The client should create a new ConsistencyChecks instance only once, when it registers its user's binding with a ConiksDirectory. This ConsistencyChecks instance will then be used to verify subsequent responses from the ConiksDirectory to any client request.
func New ¶
New creates an instance of ConsistencyChecks using a CONIKS directory's pinned STR at epoch 0, or the consistency state read from persistent storage.
func (*ConsistencyChecks) CheckEquivocation ¶
func (cc *ConsistencyChecks) CheckEquivocation(msg *protocol.Response) error
CheckEquivocation checks for possible equivocation between an auditors' observed STRs and the client's own view. CheckEquivocation() first verifies the STR range received in msg if msg contains more than 1 STR, and then checks the most recent STR in msg against the cc.verifiedSTR. CheckEquivocation() is called when a client receives a response to a message.AuditingRequest from an auditor.
func (*ConsistencyChecks) HandleResponse ¶
func (cc *ConsistencyChecks) HandleResponse(requestType int, msg *protocol.Response, uname string, key []byte) error
HandleResponse verifies the directory's response for a request. It first verifies the directory's returned status code of the request. If the status code is not in the Errors array, it means the directory has successfully handled the request. The verifier will then check the consistency (i.e. binding validity and non-equivocation) of the response.
HandleResponse() will panic if it is called with an int that isn't a valid/known request type.
Note that the consistency state will be updated regardless of whether the checks pass / fail, since a response message contains cryptographic proof of having been issued nonetheless.