blob: 6130d8495294ce687c2f6facec97748b33d25ef7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
#!/bin/bash
# Need to add cleanup function to remove the log_dir in the next phase (if required).
# trap cleanup EXIT
function safe_methods() {
links=("https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-to-cosign" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1" "https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-consistency-proof/1/3")
for url in ${links[@]};
do
response=$(curl -s -w "%{http_code}" $url)
http_code=$(tail -n1 <<< "$response")
domain_name=$(echo $url | awk -F[/:] '{print $4}')
if [ $http_code != 200 ]; then
msg="Warning: $url is down. status_code $http_code"
echo $msg | mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
else
echo $url is working. status_code $http_code
fi
done
}
function get_tree_size() {
res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-tree-head-cosigned)
resarray=($res)
export ${resarray[1]}
echo $tree_size
}
function main() {
log_pub_key=4791eff3bfc17f352bcc76d4752b38c07882093a5935a84577c63de224b0f6b3
log_pub_key_hash=$(echo $log_pub_key | sigsum-debug key hash)
safe_methods
log_dir=$(mktemp -d)
res=$(curl -s https://poc.sigsum.org/crocodile-icefish/sigsum/v0/get-leaves/0/1)
resarray=($res)
export ${resarray[0]} # getting the shard_hint value
export ssrv_shard_start=$shard_hint
export seed_value=`date +%s` # getting the message
cli_priv=`cat ./priv`
cli_pub=`cat ./pub`
cli_key_hash=`cat ./pubhash`
cli_domain_hint=_sigsum_v0.sigsum.org
log_url=https://poc.sigsum.org/crocodile-icefish/sigsum/v0
get_tree_size
check_add_leaf $seed_value
api=add-leaf
wit1_priv=`cat wit1_priv`
wit1_pub=`cat wit1_pub`
wit1_key_hash=`cat wit1_pubhash`
old_tree_size=$tree_size
# We don't know how much to sleep
sleep 480
get_tree_size
test_inclusion_proof $tree_size $seed_value $old_tree_size
check_add_cosignature $wit1_key_hash $wit1_priv
}
function check_add_leaf() {
desc="POST add-leaf (data \"$1\")"
echo "shard_hint=$shard_hint" > $log_dir/req
echo "message=$(openssl dgst -binary <(echo $1) | base16)" >> $log_dir/req
echo "signature=$(echo $1 |
sigsum-debug leaf sign -k $cli_priv -h $shard_hint)" >> $log_dir/req
echo "public_key=$cli_pub" >> $log_dir/req
echo "domain_hint=$cli_domain_hint" >> $log_dir/req
cat $log_dir/req |
curl -s -w "%{http_code}" --data-binary @- $log_url/add-leaf \
>$log_dir/rsp
status_code=$(tail -n1 < $log_dir/rsp)
api=add_leaf
if [ $status_code == 202 ]; then
msg="Info: $api request is Accepted with status_code $http_code"
echo $msg #| mail -s "Info: $api Accepted" anwesha@verkligendata.se
# Acceptance Message
elif [ $status_code != 200 ]; then
msg="Warning: $api is down with status_code $status_code"
echo $msg #| mail -s "Warning: $api is down" anwesha@verkligendata.se
# Failure message
return
fi
pass $desc
}
function test_inclusion_proof() {
desc="GET get-inclusion-proof (tree_size $1, data \"$2\", index $3)"
signature=$(echo $2 | sigsum-debug leaf sign -k $cli_priv -h $ssrv_shard_start)
leaf_hash=$(echo $2 | sigsum-debug leaf hash -k $cli_key_hash -s $signature -h $ssrv_shard_start)
curl -s -w "%{http_code}" $log_url/get-inclusion-proof/$1/$leaf_hash >$log_dir/rsp
cp $log_dir/rsp $log_dir/rsp_get_inclusion_proof
status_code=$(tail -n1 < $log_dir/rsp)
if [[ $status_code != 200 ]]; then
fail "$desc: http status code $status_code "
return
fi
if ! keys "leaf_index" "inclusion_path"; then
fail "$desc: ascii keys in response $(debug_response)"
return
fi
if [[ $(value_of leaf_index) != $3 ]]; then
fail "$desc: wrong leaf index $(value_of leaf_index)"
return
fi
# TODO: verify inclusion proof
pass $desc
}
function check_add_cosignature() {
desc="POST add-cosignature (witness $1)"
echo "key_hash=$1" > $log_dir/req
echo "cosignature=$(curl -s $log_url/get-tree-head-to-cosign |
sigsum-debug head sign -k $2 -h $log_pub_key_hash)" >> $log_dir/req
cat $log_dir/req |
curl -s -w "%{http_code}" --data-binary @- $log_url/add-cosignature \
>$log_dir/rsp
status_code=$(tail -n1 < $log_dir/rsp)
if [ "$status_code" != 200 ]; then
msg="Warning: $log_url/add-cosignature is down. status_code $status_code"
echo $msg #| mail -s "Warning: $domain_name is down" anwesha@verkligendata.se
else
echo $log_url/add-cosignature is working. status_code $status_code
return
fi
pass $desc
}
function info() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[94mINFO\e[0m] $@" >&2
}
function warn() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[93mWARN\e[0m] $@" >&2
}
function pass() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[32mPASS\e[0m] $@" >&2
}
function fail() {
echo -e "\e[37m$(date +"%y-%m-%d %H:%M:%S %Z")\e[0m [\e[91mFAIL\e[0m] $@" >&2
}
function keys() {
declare -A map
map[thedummystring]=to_avoid_error_on_size_zero
while read line; do
key=$(echo $line | cut -d"=" -f1)
map[$key]=ok
done < <(head --lines=-1 $log_dir/rsp)
if [[ $# != $(( ${#map[@]} - 1 )) ]]; then
return 1
fi
for key in $@; do
if [[ -z ${map[$key]} ]]; then
return 1
fi
done
return 0
}
function value_of() {
while read line; do
key=$(echo $line | cut -d"=" -f1)
if [[ $key != $1 ]]; then
continue
fi
value=$(echo $line | cut -d"=" -f2)
echo $value
done < <(head --lines=-1 $log_dir/rsp)
}
main
|