blob: a0b60eec2a70604073654725f95a335625aee80d [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package security
import (
"bytes"
"fmt"
"sort"
"sync"
"v.io/v23/security"
"v.io/v23/verror"
"v.io/x/lib/vlog"
"v.io/x/ref/lib/security/serialization"
)
var errRootsAddPattern = verror.Register(pkgPath+".errRootsAddPattern", verror.NoRetry, "{1:}{2:} a root cannot be recognized for all blessing names (i.e., the pattern '...')")
// blessingRoots implements security.BlessingRoots.
type blessingRoots struct {
persistedData SerializerReaderWriter
signer serialization.Signer
mu sync.RWMutex
state blessingRootsState // GUARDED_BY(mu)
}
func (br *blessingRoots) Add(root []byte, pattern security.BlessingPattern) error {
if pattern == security.AllPrincipals {
return verror.New(errRootsAddPattern, nil)
}
// Sanity check to avoid invalid keys being added.
if _, err := security.UnmarshalPublicKey(root); err != nil {
return err
}
key := string(root)
br.mu.Lock()
defer br.mu.Unlock()
patterns := br.state[key]
for _, p := range patterns {
if p == pattern {
return nil
}
}
br.state[key] = append(patterns, pattern)
if err := br.save(); err != nil {
br.state[key] = patterns[:len(patterns)-1]
return err
}
return nil
}
func (br *blessingRoots) Recognized(root []byte, blessing string) error {
key := string(root)
br.mu.RLock()
for _, p := range br.state[key] {
if p.MatchedBy(blessing) {
br.mu.RUnlock()
return nil
}
}
br.mu.RUnlock()
// Silly to have to unmarshal the public key on an error.
// Change the error message to not require that?
obj, err := security.UnmarshalPublicKey(root)
if err != nil {
return err
}
return security.NewErrUnrecognizedRoot(nil, obj.String(), nil)
}
func (br *blessingRoots) Dump() map[security.BlessingPattern][]security.PublicKey {
dump := make(map[security.BlessingPattern][]security.PublicKey)
br.mu.RLock()
defer br.mu.RUnlock()
for keyStr, patterns := range br.state {
key, err := security.UnmarshalPublicKey([]byte(keyStr))
if err != nil {
vlog.Errorf("security.UnmarshalPublicKey(%v) returned error: %v", []byte(keyStr), err)
return nil
}
for _, p := range patterns {
dump[p] = append(dump[p], key)
}
}
return dump
}
// DebugString return a human-readable string encoding of the roots
// DebugString encodes all roots into a string in the following
// format
//
// Public key Pattern
// <public key> <patterns>
// ...
// <public key> <patterns>
func (br *blessingRoots) DebugString() string {
const format = "%-47s %s\n"
b := bytes.NewBufferString(fmt.Sprintf(format, "Public key", "Pattern"))
var s rootSorter
for keyBytes, patterns := range br.state {
key, err := security.UnmarshalPublicKey([]byte(keyBytes))
if err != nil {
return fmt.Sprintf("failed to decode public key: %v", err)
}
s = append(s, &root{key, fmt.Sprintf("%v", patterns)})
}
sort.Sort(s)
for _, r := range s {
b.WriteString(fmt.Sprintf(format, r.key, r.patterns))
}
return b.String()
}
type root struct {
key security.PublicKey
patterns string
}
type rootSorter []*root
func (s rootSorter) Len() int { return len(s) }
func (s rootSorter) Less(i, j int) bool { return s[i].patterns < s[j].patterns }
func (s rootSorter) Swap(i, j int) { s[i], s[j] = s[j], s[i] }
func (br *blessingRoots) save() error {
if (br.signer == nil) && (br.persistedData == nil) {
return nil
}
data, signature, err := br.persistedData.Writers()
if err != nil {
return err
}
return encodeAndStore(br.state, data, signature, br.signer)
}
// newInMemoryBlessingRoots returns an in-memory security.BlessingRoots.
//
// The returned BlessingRoots is initialized with an empty set of keys.
func newInMemoryBlessingRoots() security.BlessingRoots {
return &blessingRoots{
state: make(blessingRootsState),
}
}
// newPersistingBlessingRoots returns a security.BlessingRoots for a principal
// that is initialized with the persisted data. The returned security.BlessingRoots
// also persists any updates to its state.
func newPersistingBlessingRoots(persistedData SerializerReaderWriter, signer serialization.Signer) (security.BlessingRoots, error) {
if persistedData == nil || signer == nil {
return nil, verror.New(errDataOrSignerUnspecified, nil)
}
br := &blessingRoots{
state: make(blessingRootsState),
persistedData: persistedData,
signer: signer,
}
data, signature, err := br.persistedData.Readers()
if err != nil {
return nil, err
}
if (data != nil) && (signature != nil) {
if err := decodeFromStorage(&br.state, data, signature, br.signer.PublicKey()); err != nil {
return nil, err
}
}
return br, nil
}