aboutsummaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rw-r--r--scripts/monitor.sh152
1 files changed, 130 insertions, 22 deletions
diff --git a/scripts/monitor.sh b/scripts/monitor.sh
index 0007859..6130d84 100644
--- a/scripts/monitor.sh
+++ b/scripts/monitor.sh
@@ -13,7 +13,7 @@ function safe_methods() {
response=$(curl -s -w "%{http_code}" $url)
http_code=$(tail -n1 <<< "$response")
domain_name=$(echo $url | awk -F[/:] '{print $4}')
- if [[ "$http_code" != 200 ]]; then
+ if [ $http_code != 200 ]; then
msg="Warning: $url is down. status_code $http_code"
echo $msg | mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
else
@@ -23,39 +23,117 @@ function safe_methods() {
}
+function get_tree_size() {
+ res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned)
+ resarray=($res)
+ export ${resarray[1]}
+ echo $tree_size
+}
+
function main() {
+
+ log_pub_key=4791eff3bfc17f352bcc76d4752b38c07882093a5935a84577c63de224b0f6b3
+ log_pub_key_hash=$(echo $log_pub_key | sigsum-debug key hash)
+
safe_methods
log_dir=$(mktemp -d)
res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1)
resarray=($res)
export ${resarray[0]} # getting the shard_hint value
+ export ssrv_shard_start=$shard_hint
export seed_value=`date +%s` # getting the message
cli_priv=`cat ./priv`
cli_pub=`cat ./pub`
+ cli_key_hash=`cat ./pubhash`
cli_domain_hint=_sigsum_v0.sigsum.org
- log_url=https://poc.sigsum.org/crocodile-icefish/sigsum/v0/
- test_add_leaf $seed_value
+ log_url=https://poc.sigsum.org/crocodile-icefish/sigsum/v0
+ get_tree_size
+ check_add_leaf $seed_value
+ api=add-leaf
+ wit1_priv=`cat wit1_priv`
+ wit1_pub=`cat wit1_pub`
+ wit1_key_hash=`cat wit1_pubhash`
+ old_tree_size=$tree_size
+ # We don't know how much to sleep
+ sleep 480
+ get_tree_size
+ test_inclusion_proof $tree_size $seed_value $old_tree_size
+ check_add_cosignature $wit1_key_hash $wit1_priv
+}
+
+function check_add_leaf() {
+ desc="POST add-leaf (data \"$1\")"
+ echo "shard_hint=$shard_hint" > $log_dir/req
+ echo "message=$(openssl dgst -binary <(echo $1) | base16)" >> $log_dir/req
+ echo "signature=$(echo $1 |
+ sigsum-debug leaf sign -k $cli_priv -h $shard_hint)" >> $log_dir/req
+ echo "public_key=$cli_pub" >> $log_dir/req
+ echo "domain_hint=$cli_domain_hint" >> $log_dir/req
+ cat $log_dir/req |
+ curl -s -w "%{http_code}" --data-binary @- $log_url/add-leaf \
+ >$log_dir/rsp
+ status_code=$(tail -n1 < $log_dir/rsp)
+ api=add_leaf
+ if [ $status_code == 202 ]; then
+ msg="Info: $api request is Accepted with status_code $http_code"
+ echo $msg #| mail -s "Info: $api Accepted" anwesha@verkligendata.se
+ # Acceptance Message
+ elif [ $status_code != 200 ]; then
+ msg="Warning: $api is down with status_code $status_code"
+ echo $msg #| mail -s "Warning: $api is down" anwesha@verkligendata.se
+ # Failure message
+ return
+ fi
+
+ pass $desc
+}
+
+function test_inclusion_proof() {
+ desc="GET get-inclusion-proof (tree_size $1, data \"$2\", index $3)"
+ signature=$(echo $2 | sigsum-debug leaf sign -k $cli_priv -h $ssrv_shard_start)
+ leaf_hash=$(echo $2 | sigsum-debug leaf hash -k $cli_key_hash -s $signature -h $ssrv_shard_start)
+ curl -s -w "%{http_code}" $log_url/get-inclusion-proof/$1/$leaf_hash >$log_dir/rsp
+ cp $log_dir/rsp $log_dir/rsp_get_inclusion_proof
+ status_code=$(tail -n1 < $log_dir/rsp)
+
+ if [[ $status_code != 200 ]]; then
+ fail "$desc: http status code $status_code "
+ return
+ fi
+
+ if ! keys "leaf_index" "inclusion_path"; then
+ fail "$desc: ascii keys in response $(debug_response)"
+ return
+ fi
+
+ if [[ $(value_of leaf_index) != $3 ]]; then
+ fail "$desc: wrong leaf index $(value_of leaf_index)"
+ return
+ fi
+
+ # TODO: verify inclusion proof
+ pass $desc
}
-function test_add_leaf() {
- desc="POST add-leaf (data \"$1\")"
- echo "shard_hint=$shard_hint" > $log_dir/req
- echo "message=$(openssl dgst -binary <(echo $1) | base16)" >> $log_dir/req
- echo "signature=$(echo $1 |
- sigsum-debug leaf sign -k $cli_priv -h $shard_hint)" >> $log_dir/req
- echo "public_key=$cli_pub" >> $log_dir/req
- echo "domain_hint=$cli_domain_hint" >> $log_dir/req
- cat $log_dir/req |
- curl -s -w "%{http_code}" --data-binary @- /add-leaf \
- >$log_dir/rsp
- status_code=$(tail -n1 < $log_dir/rsp)
-
- if [[ $status_code != 200 ]]; then
- fail "$desc: http status code $status_code" # send mail
- return
- fi
-
- pass $desc
+function check_add_cosignature() {
+ desc="POST add-cosignature (witness $1)"
+ echo "key_hash=$1" > $log_dir/req
+ echo "cosignature=$(curl -s $log_url/get-tree-head-to-cosign |
+ sigsum-debug head sign -k $2 -h $log_pub_key_hash)" >> $log_dir/req
+ cat $log_dir/req |
+ curl -s -w "%{http_code}" --data-binary @- $log_url/add-cosignature \
+ >$log_dir/rsp
+
+ status_code=$(tail -n1 < $log_dir/rsp)
+ if [ "$status_code" != 200 ]; then
+ msg="Warning: $log_url/add-cosignature is down. status_code $status_code"
+ echo $msg #| mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
+ else
+ echo $log_url/add-cosignature is working. status_code $status_code
+ return
+ fi
+
+ pass $desc
}
function info() {
@@ -74,5 +152,35 @@ function fail() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[91mFAIL\e[0m] $@" >&2
}
+function keys() {
+ declare -A map
+ map[thedummystring]=to_avoid_error_on_size_zero
+ while read line; do
+ key=$(echo $line | cut -d"=" -f1)
+ map[$key]=ok
+ done < <(head --lines=-1 $log_dir/rsp)
+
+ if [[ $# != $(( ${#map[@]} - 1 )) ]]; then
+ return 1
+ fi
+ for key in $@; do
+ if [[ -z ${map[$key]} ]]; then
+ return 1
+ fi
+ done
+ return 0
+}
+
+function value_of() {
+ while read line; do
+ key=$(echo $line | cut -d"=" -f1)
+ if [[ $key != $1 ]]; then
+ continue
+ fi
+
+ value=$(echo $line | cut -d"=" -f2)
+ echo $value
+ done < <(head --lines=-1 $log_dir/rsp)
+}
main \ No newline at end of file