anastasis: policy discovery CLI

2023-08-10 15:24:43 +02:00 · 2023-08-10 15:24:43 +02:00 · d59a23885e
commit d59a23885e
parent e6c0689806
3 changed files with 68 additions and 39 deletions
--- a/packages/anastasis-cli/src/index.ts
+++ b/packages/anastasis-cli/src/index.ts
@ -1,20 +1,78 @@
 import { clk } from "@gnu-taler/taler-util/clk";
 import {
+  discoverPolicies,
  getBackupStartState,
  getRecoveryStartState,
  reduceAction,
 } from "@gnu-taler/anastasis-core";
 import fs from "fs";
+import { j2s } from "@gnu-taler/taler-util";

-export const reducerCli = clk
-  .program("reducer", {
-    help: "Command line interface for Anastasis.",
+export const reducerCli = clk.program("anastasis-cli", {
+  help: "Command line interface for Anastasis.",
+});
+
+reducerCli
+  .subcommand("reducer", "reduce", {
+    help: "Run the anastasis reducer",
  })
  .flag("initBackup", ["-b", "--backup"])
  .flag("initRecovery", ["-r", "--restore"])
  .maybeOption("argumentsJson", ["-a", "--arguments"], clk.STRING)
  .maybeArgument("action", clk.STRING)
-  .maybeArgument("stateFile", clk.STRING);
+  .maybeArgument("stateFile", clk.STRING)
+  .action(async (x) => {
+    if (x.reducer.initBackup) {
+      console.log(JSON.stringify(await getBackupStartState()));
+      return;
+    } else if (x.reducer.initRecovery) {
+      console.log(JSON.stringify(await getRecoveryStartState()));
+      return;
+    }
+
+    const action = x.reducer.action;
+    if (!action) {
+      console.log("action required");
+      return;
+    }
+
+    let lastState: any;
+    if (x.reducer.stateFile) {
+      const s = fs.readFileSync(x.reducer.stateFile, { encoding: "utf-8" });
+      lastState = JSON.parse(s);
+    } else {
+      const s = await read(process.stdin);
+      lastState = JSON.parse(s);
+    }
+
+    let args: any;
+    if (x.reducer.argumentsJson) {
+      args = JSON.parse(x.reducer.argumentsJson);
+    } else {
+      args = {};
+    }
+
+    const nextState = await reduceAction(lastState, action, args);
+    console.log(JSON.stringify(nextState));
+  });
+
+reducerCli
+  .subcommand("discover", "discover", {
+    help: "Run the anastasis reducer",
+  })
+  .maybeArgument("stateFile", clk.STRING)
+  .action(async (args) => {
+    let lastState: any;
+    if (args.discover.stateFile) {
+      const s = fs.readFileSync(args.discover.stateFile, { encoding: "utf-8" });
+      lastState = JSON.parse(s);
+    } else {
+      const s = await read(process.stdin);
+      lastState = JSON.parse(s);
+    }
+    const res = await discoverPolicies(lastState);
+    console.log(j2s(res));
+  });

 async function read(stream: NodeJS.ReadStream): Promise<string> {
  const chunks = [];
@ -24,41 +82,6 @@ async function read(stream: NodeJS.ReadStream): Promise<string> {
  return Buffer.concat(chunks).toString("utf8");
 }

-reducerCli.action(async (x) => {
-  if (x.reducer.initBackup) {
-    console.log(JSON.stringify(await getBackupStartState()));
-    return;
-  } else if (x.reducer.initRecovery) {
-    console.log(JSON.stringify(await getRecoveryStartState()));
-    return;
-  }
-
-  const action = x.reducer.action;
-  if (!action) {
-    console.log("action required");
-    return;
-  }
-
-  let lastState: any;
-  if (x.reducer.stateFile) {
-    const s = fs.readFileSync(x.reducer.stateFile, { encoding: "utf-8" });
-    lastState = JSON.parse(s);
-  } else {
-    const s = await read(process.stdin);
-    lastState = JSON.parse(s);
-  }
-
-  let args: any;
-  if (x.reducer.argumentsJson) {
-    args = JSON.parse(x.reducer.argumentsJson);
-  } else {
-    args = {};
-  }
-
-  const nextState = await reduceAction(lastState, action, args);
-  console.log(JSON.stringify(nextState));
-});
-
 export function reducerCliMain() {
  reducerCli.run();
 }
--- a/packages/anastasis-core/src/crypto.ts
+++ b/packages/anastasis-core/src/crypto.ts
@ -151,7 +151,11 @@ export async function decryptPolicyMetadata(
  userId: UserIdentifier,
  metadataEnc: OpaqueData,
 ): Promise<PolicyMetadata> {
+  // @ts-ignore
+  console.log("metadataEnc", metadataEnc);
  const plain = await anastasisDecrypt(asOpaque(userId), metadataEnc, "rmd");
+  // @ts-ignore
+  console.log("plain:", plain);
  const metadataBytes = decodeCrock(plain);
  const policyHash = encodeCrock(metadataBytes.slice(0, 64));
  const secretName = bytesToString(metadataBytes.slice(64));
--- a/packages/taler-wallet-embedded/src/wallet-qjs.ts
+++ b/packages/taler-wallet-embedded/src/wallet-qjs.ts
@ -356,3 +356,5 @@ globalThis.testWithLocal = testWithLocal;
 globalThis.testArgon2id = testArgon2id;
 // @ts-ignore
 globalThis.testReduceAction = reduceAction;
+// @ts-ignore
+globalThis.testDiscoverPolicies = discoverPolicies;