diff --git a/CTng/gossip/gossip_object.go b/CTng/gossip/gossip_object.go index 334f867..4b34f9d 100644 --- a/CTng/gossip/gossip_object.go +++ b/CTng/gossip/gossip_object.go @@ -162,6 +162,7 @@ func (g Gossip_object) Verify(c *crypto.CryptoConfig) error { case STH: return Verify_RSAPayload(g, c) case REVOCATION: + //Adding this comment here, this will check if the RSA signature on the SRH is correct, but not the hash of the CRVs within the SRH return Verify_RSAPayload(g, c) case STH_FRAG: return Verify_PayloadFrag(g, c) diff --git a/CTng/testData/fakeCA/ca1.json b/CTng/testData/fakeCA/ca1.json index 7683683..0a7a037 100644 --- a/CTng/testData/fakeCA/ca1.json +++ b/CTng/testData/fakeCA/ca1.json @@ -20,6 +20,7 @@ "N": 21807808817028069521693981025854627766849100907464628031386389529795793140445452403979568400586301388102303005688782597096478795543494617476262626637251939091457219474844544584944694111795327351162485025615396615156332890111445956553729344912738727208120229178581403780883051005207097866108991379098981205093118647139047092214048380759204440914928346690315813577955415022365974040592290311683131513649330794291316838007320668201086717296546111828165980835726696797314928836964283576233301855572522559548630195787917554335560790396850488199331707061308922415163250057868060445529850753103153976841020361249662478352377, "E": 65537 }, - "MMD": 10, + "MRD": 10, + "Day": 100, "MisbehaviorInterval": 3 } \ No newline at end of file diff --git a/CTng/testData/fakeCA/ca2.json b/CTng/testData/fakeCA/ca2.json index af2edf8..281a666 100644 --- a/CTng/testData/fakeCA/ca2.json +++ b/CTng/testData/fakeCA/ca2.json @@ -20,6 +20,7 @@ "N": 23252973551340935183125964301239394441268751011208146732992808020417063643722798116442608594279677205628615159796637042351236895510183530067421586578520622761961327937601077936607208585910560962764238731254814969375357028226260361691859503574268216691949008213953884839053600853903979504862782260745247938279459295671742467758276923319951606178695777588680957056514003518072749213888863320971271934432550756175972781344678001820332694558433506149685765145751895391937311845198206021246778714450986559172352984358941313079975500433800828535054555138262203102926122738137575483960219776073243032678302367325287435201381, "E": 65537 }, - "MMD": 10, + "MRD": 10, + "Day": 100, "MisbehaviorInterval": 3 } \ No newline at end of file diff --git a/CTng/testData/fakeCA/ca3.json b/CTng/testData/fakeCA/ca3.json index f5a60f9..17d9b61 100644 --- a/CTng/testData/fakeCA/ca3.json +++ b/CTng/testData/fakeCA/ca3.json @@ -20,6 +20,7 @@ "N": 20028649974874227033360914359590766678527711517531636997713603474008908788659881072754993703433185955779617335557947288171124892464864232545291605031424352674054323768598060610599281281539072954580390937994894319035538689968791373798820944766502542768153531189979514749140151783915919768722020901389133722554527607979186909863026840800319528623758670965878003072462079597023515002126915829370037330794543912057953039966473482799333260960689543682741483394536974500771002815055637466302437703527466497406576505348945381874007559705058294342241838471511807556669238624256963671945475465519079937531652829531772652319583, "E": 65537 }, - "MMD": 10, + "MRD": 10, + "Day": 100, "MisbehaviorInterval": 3 } \ No newline at end of file diff --git a/CTng/testData/fakeCA/fakeCA.go b/CTng/testData/fakeCA/fakeCA.go index eb2ded8..0336fa4 100644 --- a/CTng/testData/fakeCA/fakeCA.go +++ b/CTng/testData/fakeCA/fakeCA.go @@ -15,16 +15,17 @@ import ( ) type CAConfig struct { - Signer string - Port string - MRD int - Private rsa.PrivateKey - CRVs [][]byte //should be array of size 365?? - Day int + Signer string + Port string + MRD int + Private rsa.PrivateKey + CRVs [][]byte //should be array of CRVs + Day int //I use int so I don't have to round and convert timestamps but that would be ideal + MisbehaviorInterval int } type Revocation struct { - SRH string + SRH []byte delta_CRV []byte Timestamp string } @@ -35,27 +36,47 @@ var SRHs []gossip.Gossip_object var fakeSRHs []gossip.Gossip_object var request_count int var currentPeriod int +var caType int -func generateCRVs(CA CAConfig) gossip.Gossip_object { +func generateCRVs(CA CAConfig, day int) gossip.Gossip_object { // Generate delta CRV and then compress it first_arr := CA.CRVs[CA.Day-1] //this assumes we never have CRV of len 0 (fresh CA) sec_arr := CA.CRVs[CA.Day] - var delta_crv [len(sec_arr)]byte + var delta_crv = make([]byte, 0, len(sec_arr)) for i, e := range first_arr { delta_crv[i] = e & sec_arr[i] } //this is scuffed/slow for giant CRVs O(n), also I am assuming CRVs are same size, can modify for different sizes delta_crv = GZip.Compress(delta_crv) //should work... + //Hash the current day CRV + hash_CRV, err := crypto.GenerateMD5(sec_arr) + if err != nil { + fmt.Println("Error Hashing", err) + + } + + //we hash the delta CRV (compressed version) + hash_dCRV, err := crypto.GenerateMD5(delta_crv) + if err != nil { + fmt.Println("Error Hashing", err) + + } + + //Appends byte of day, hash of CRV and hash of deltaCRV (lovely looking line of code) + sign := append([]byte{byte(CA.Day - day)}, append(hash_CRV, hash_dCRV)) + //Added (CA.Day-day) to produce incorrect SRHs when needed + REV := Revocation{ - SRH: CA.Signer, + SRH: sign, delta_CRV: delta_crv, Timestamp: gossip.GetTimestamp(), } payload, _ := json.Marshal(REV) signature, _ := crypto.RSASign([]byte(payload), &CA.Private, crypto.CTngID(CA.Signer)) + gossipREV := gossip.Gossip_object{ Application: "CTng", Type: gossip.REVOCATION, @@ -72,37 +93,41 @@ func periodicTasks() { time.AfterFunc(time.Duration(config.MRD)*time.Second, periodicTasks) // Generate CRV and SRH fmt.Println("Running Tasks") - Rev1 := generateCRVs(config) + Rev1 := generateCRVs(config, caType-1) //If it's 1 then it should just be 0 which will produce correct SRH request_count++ - fakeRev1 := generateCRVs(config) + fakeRev1 := generateCRVs(config, caType-1) //Should be incorrect SRH SRHs = append(SRHs, Rev1) fakeSRHs = append(fakeSRHs, fakeRev1) currentPeriod++ } -//I'm up to here right now, messaged on discord just to make sure I'm on a good path -//ignore json files at the moment -func requestSTH(w http.ResponseWriter, r *http.Request) { +func requestSRH(w http.ResponseWriter, r *http.Request) { //Disconnecting logger: request_count++ - if loggerType == 3 && currentPeriod%config.MisbehaviorInterval == 0 { + if caType == 3 && currentPeriod%config.MisbehaviorInterval == 0 { // No response or any bad request response should trigger the accusation return } // Split-World Logger - if loggerType == 2 && request_count%2 == 0 && currentPeriod%config.MisbehaviorInterval == 0 { + if caType == 2 && request_count%2 == 0 && currentPeriod%config.MisbehaviorInterval == 0 { json.NewEncoder(w).Encode(fakeSRHs[currentPeriod-1]) return } json.NewEncoder(w).Encode(SRHs[currentPeriod-1]) } -// Runs a fake logger server with the ability to act roguely. -// Note that the monitor configurations must include the fakeLogger's Public key and ID as trusted, which -// Requires copying them from the fakelogger config file that is being used. (see testData/fakeLogger/logger1.json) +func getCAType() { + fmt.Println("What type of CA would you like to use?") + fmt.Println("1. Normal, behaving CA (default)") + fmt.Println("2. Split-World (Two different SRHs on every", config.MisbehaviorInterval, "MRD)") + fmt.Println("3. Disconnecting CA (unresponsive every", config.MisbehaviorInterval, "MRD)") + fmt.Scanln(&caType) +} + +// Runs a fake CA server with the ability to act roguely. func RunCA(configFile string) { // Global Variable initialization - + caType = 1 currentPeriod = 0 request_count = 0 SRHs = make([]gossip.Gossip_object, 0, 20) @@ -118,10 +143,11 @@ func RunCA(configFile string) { if err != nil { fmt.Println("Error reading config file: ", err) } - getLoggerType() + + getCAType() // MUX which routes HTTP directories to functions. gorillaRouter := mux.NewRouter().StrictSlash(true) - gorillaRouter.HandleFunc("/ctng/v2/get-revocation", requestSTH).Methods("GET") + gorillaRouter.HandleFunc("/ctng/v2/get-revocation", requestSRH).Methods("GET") http.Handle("/", gorillaRouter) fmt.Println("Listening on port", config.Port) go periodicTasks()