blob: 264101c10a0e1a72cf2295d617140453e365348b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
|
#!/bin/bash
# Need to add cleanup function to remove the log_dir in the next phase (if required).
# trap cleanup EXIT
function safe_methods() {
links=("https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-to-cosign" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-consistency-proof/1/3")
for url in ${links[@]};
do
response=$(curl -s -w "%{http_code}" $url)
http_code=$(tail -n1 <<< "$response")
domain_name=$(echo $url | awk -F[/:] '{print $4}')
if [ $http_code != 200 ]; then
msg="Warning: $url is down. status_code $http_code"
echo $msg | mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
else
echo $url is working. status_code $http_code
fi
done
}
function get_tree_size() {
res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned)
resarray=($res)
export ${resarray[1]}
echo $tree_size
}
function main() {
# Used the current poc log pub_key from https://git.sigsum.org/log-go/tree/README.md
log_pub_key=4791eff3bfc17f352bcc76d4752b38c07882093a5935a84577c63de224b0f6b3
log_pub_key_hash=$(echo $log_pub_key | sigsum-debug key hash)
# Calling all get_methods
safe_methods
# Creates a new temporary directory for the test run
log_dir=$(mktemp -d)
# Storing `get-leaves` output in `res`
res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1)
# Converting `$res` in an array spliting by space
# To see the whole array try : `echo ${resarray[*]}`
resarray=($res)
# Exporting the first value of the resarray, shard_hint value
export ${resarray[0]}
# Exporting the `shard_hint` value in `ssrv_shard_start`
export ssrv_shard_start=$shard_hint
# Everytime message in add_leaf has to unique. Using the `date +%s`` for that.
# Exporting the value of date +%s command in seed_value (tobe used as message)
export seed_value=`date +%s`
# Generated all the following private, public and hash of public key via sigsum-debug tool.
# See `sigsum-debug key help`
# `./priv` contains the private key of the signer/submitter
cli_priv=`cat ./priv`
# `./pub` contains the public key of the signer/submitter
# `./pub`, the public key has to be added to the log first time before trying the code.
cli_pub=`cat ./pub`
# `./pubhash` contains the hash public key of the signer/submitter
cli_key_hash=`cat ./pubhash`
cli_domain_hint=_sigsum_v0.sigsum.org
log_url=https://poc.sigsum.org/crocodile-icefish/sigsum/v0
get_tree_size
check_add_leaf $seed_value
api=add-leaf
wit1_priv=`cat wit1_priv`
wit1_pub=`cat wit1_pub`
wit1_key_hash=`cat wit1_pubhash`
old_tree_size=$tree_size
# We don't know how much to sleep
sleep 480
get_tree_size
test_inclusion_proof $tree_size $seed_value $old_tree_size
check_add_cosignature $wit1_key_hash $wit1_priv
}
function check_add_leaf() {
desc="POST add-leaf (data \"$1\")"
echo "shard_hint=$shard_hint" > $log_dir/req
echo "message=$(openssl dgst -binary <(echo $1) | base16)" >> $log_dir/req
echo "signature=$(echo $1 |
sigsum-debug leaf sign -k $cli_priv -h $shard_hint)" >> $log_dir/req
echo "public_key=$cli_pub" >> $log_dir/req
echo "domain_hint=$cli_domain_hint" >> $log_dir/req
cat $log_dir/req |
curl -s -w "%{http_code}" --data-binary @- $log_url/add-leaf \
>$log_dir/rsp
status_code=$(tail -n1 < $log_dir/rsp)
api=add_leaf
if [ $status_code == 202 ]; then
msg="Info: $api request is Accepted with status_code $http_code"
echo $msg #| mail -s "Info: $api Accepted" anwesha@verkligendata.se
# Acceptance Message
elif [ $status_code != 200 ]; then
msg="Warning: $api is down with status_code $status_code"
echo $msg #| mail -s "Warning: $api is down" anwesha@verkligendata.se
# Failure message
return
fi
pass $desc
}
function test_inclusion_proof() {
desc="GET get-inclusion-proof (tree_size $1, data \"$2\", index $3)"
signature=$(echo $2 | sigsum-debug leaf sign -k $cli_priv -h $ssrv_shard_start)
leaf_hash=$(echo $2 | sigsum-debug leaf hash -k $cli_key_hash -s $signature -h $ssrv_shard_start)
curl -s -w "%{http_code}" $log_url/get-inclusion-proof/$1/$leaf_hash >$log_dir/rsp
cp $log_dir/rsp $log_dir/rsp_get_inclusion_proof
status_code=$(tail -n1 < $log_dir/rsp)
if [[ $status_code != 200 ]]; then
fail "$desc: http status code $status_code "
return
fi
if ! keys "leaf_index" "inclusion_path"; then
fail "$desc: ascii keys in response $(debug_response)"
return
fi
if [[ $(value_of leaf_index) != $3 ]]; then
fail "$desc: wrong leaf index $(value_of leaf_index)"
return
fi
# TODO: verify inclusion proof
pass $desc
}
function check_add_cosignature() {
desc="POST add-cosignature (witness $1)"
echo "key_hash=$1" > $log_dir/req
echo "cosignature=$(curl -s $log_url/get-tree-head-to-cosign |
sigsum-debug head sign -k $2 -h $log_pub_key_hash)" >> $log_dir/req
cat $log_dir/req |
curl -s -w "%{http_code}" --data-binary @- $log_url/add-cosignature \
>$log_dir/rsp
status_code=$(tail -n1 < $log_dir/rsp)
if [ "$status_code" != 200 ]; then
msg="Warning: $log_url/add-cosignature is down. status_code $status_code"
echo $msg #| mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
else
echo $log_url/add-cosignature is working. status_code $status_code
return
fi
pass $desc
}
function info() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[94mINFO\e[0m] $@" >&2
}
function warn() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[93mWARN\e[0m] $@" >&2
}
function pass() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[32mPASS\e[0m] $@" >&2
}
function fail() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[91mFAIL\e[0m] $@" >&2
}
function keys() {
declare -A map
map[thedummystring]=to_avoid_error_on_size_zero
while read line; do
key=$(echo $line | cut -d"=" -f1)
map[$key]=ok
done < <(head --lines=-1 $log_dir/rsp)
if [[ $# != $(( ${#map[@]} - 1 )) ]]; then
return 1
fi
for key in $@; do
if [[ -z ${map[$key]} ]]; then
return 1
fi
done
return 0
}
function value_of() {
while read line; do
key=$(echo $line | cut -d"=" -f1)
if [[ $key != $1 ]]; then
continue
fi
value=$(echo $line | cut -d"=" -f2)
echo $value
done < <(head --lines=-1 $log_dir/rsp)
}
main
|