aboutsummaryrefslogtreecommitdiff
path: root/pkg/instance/instance.go
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2022-05-24 23:33:38 +0200
committerRasmus Dahlberg <rasmus@mullvad.net>2022-06-23 11:33:17 +0200
commit559bccccd40d028e412d9f11709ded0250ba6dcd (patch)
tree50f3193dbe70fec21357963c11e5f663013f4b4c /pkg/instance/instance.go
parent4b20ef0c1732bcef633c0ed7104501898aa84e2c (diff)
implement primary and secondary role, for replicationv0.5.0
Diffstat (limited to 'pkg/instance/instance.go')
-rw-r--r--pkg/instance/instance.go135
1 files changed, 0 insertions, 135 deletions
diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go
deleted file mode 100644
index f4c0089..0000000
--- a/pkg/instance/instance.go
+++ /dev/null
@@ -1,135 +0,0 @@
-package instance
-
-import (
- "context"
- "crypto"
- "fmt"
- "net/http"
- "time"
-
- "git.sigsum.org/log-go/pkg/db"
- "git.sigsum.org/log-go/pkg/state"
- "git.sigsum.org/sigsum-go/pkg/dns"
- "git.sigsum.org/sigsum-go/pkg/requests"
- "git.sigsum.org/sigsum-go/pkg/types"
-)
-
-// Config is a collection of log parameters
-type Config struct {
- LogID string // H(public key), then hex-encoded
- TreeID int64 // Merkle tree identifier used by Trillian
- Prefix string // The portion between base URL and st/v0 (may be "")
- MaxRange int64 // Maximum number of leaves per get-leaves request
- Deadline time.Duration // Deadline used for gRPC requests
- Interval time.Duration // Cosigning frequency
- ShardStart uint64 // Shard interval start (num seconds since UNIX epoch)
-
- // Witnesses map trusted witness identifiers to public keys
- Witnesses map[types.Hash]types.PublicKey
-}
-
-// Instance is an instance of the log's front-end
-type Instance struct {
- Config // configuration parameters
- Client db.Client // provides access to the Trillian backend
- Signer crypto.Signer // provides access to Ed25519 private key
- Stateman state.StateManager // coordinates access to (co)signed tree heads
- DNS dns.Verifier // checks if domain name knows a public key
-}
-
-// Handlers returns a list of sigsum handlers
-func (i *Instance) Handlers() []Handler {
- return []Handler{
- Handler{Instance: i, Handler: addLeaf, Endpoint: types.EndpointAddLeaf, Method: http.MethodPost},
- Handler{Instance: i, Handler: addCosignature, Endpoint: types.EndpointAddCosignature, Method: http.MethodPost},
- Handler{Instance: i, Handler: getTreeHeadToCosign, Endpoint: types.EndpointGetTreeHeadToCosign, Method: http.MethodGet},
- Handler{Instance: i, Handler: getTreeHeadCosigned, Endpoint: types.EndpointGetTreeHeadCosigned, Method: http.MethodGet},
- Handler{Instance: i, Handler: getCheckpoint, Endpoint: types.Endpoint("get-checkpoint"), Method: http.MethodGet},
- Handler{Instance: i, Handler: getConsistencyProof, Endpoint: types.EndpointGetConsistencyProof, Method: http.MethodGet},
- Handler{Instance: i, Handler: getInclusionProof, Endpoint: types.EndpointGetInclusionProof, Method: http.MethodGet},
- Handler{Instance: i, Handler: getLeaves, Endpoint: types.EndpointGetLeaves, Method: http.MethodGet},
- }
-}
-
-// checkHTTPMethod checks if an HTTP method is supported
-func (i *Instance) checkHTTPMethod(m string) bool {
- return m == http.MethodGet || m == http.MethodPost
-}
-
-func (i *Instance) leafRequestFromHTTP(ctx context.Context, r *http.Request) (*requests.Leaf, error) {
- var req requests.Leaf
- if err := req.FromASCII(r.Body); err != nil {
- return nil, fmt.Errorf("FromASCII: %v", err)
- }
- stmt := types.Statement{
- ShardHint: req.ShardHint,
- Checksum: *types.HashFn(req.Message[:]),
- }
- if !stmt.Verify(&req.PublicKey, &req.Signature) {
- return nil, fmt.Errorf("invalid signature")
- }
- shardEnd := uint64(time.Now().Unix())
- if req.ShardHint < i.ShardStart {
- return nil, fmt.Errorf("invalid shard hint: %d not in [%d, %d]", req.ShardHint, i.ShardStart, shardEnd)
- }
- if req.ShardHint > shardEnd {
- return nil, fmt.Errorf("invalid shard hint: %d not in [%d, %d]", req.ShardHint, i.ShardStart, shardEnd)
- }
- if err := i.DNS.Verify(ctx, req.DomainHint, &req.PublicKey); err != nil {
- return nil, fmt.Errorf("invalid domain hint: %v", err)
- }
- return &req, nil
-}
-
-func (i *Instance) cosignatureRequestFromHTTP(r *http.Request) (*requests.Cosignature, error) {
- var req requests.Cosignature
- if err := req.FromASCII(r.Body); err != nil {
- return nil, fmt.Errorf("FromASCII: %v", err)
- }
- if _, ok := i.Witnesses[req.KeyHash]; !ok {
- return nil, fmt.Errorf("Unknown witness: %x", req.KeyHash)
- }
- return &req, nil
-}
-
-func (i *Instance) consistencyProofRequestFromHTTP(r *http.Request) (*requests.ConsistencyProof, error) {
- var req requests.ConsistencyProof
- if err := req.FromURL(r.URL.Path); err != nil {
- return nil, fmt.Errorf("FromASCII: %v", err)
- }
- if req.OldSize < 1 {
- return nil, fmt.Errorf("OldSize(%d) must be larger than zero", req.OldSize)
- }
- if req.NewSize <= req.OldSize {
- return nil, fmt.Errorf("NewSize(%d) must be larger than OldSize(%d)", req.NewSize, req.OldSize)
- }
- return &req, nil
-}
-
-func (i *Instance) inclusionProofRequestFromHTTP(r *http.Request) (*requests.InclusionProof, error) {
- var req requests.InclusionProof
- if err := req.FromURL(r.URL.Path); err != nil {
- return nil, fmt.Errorf("FromASCII: %v", err)
- }
- if req.TreeSize < 2 {
- // TreeSize:0 => not possible to prove inclusion of anything
- // TreeSize:1 => you don't need an inclusion proof (it is always empty)
- return nil, fmt.Errorf("TreeSize(%d) must be larger than one", req.TreeSize)
- }
- return &req, nil
-}
-
-func (i *Instance) leavesRequestFromHTTP(r *http.Request) (*requests.Leaves, error) {
- var req requests.Leaves
- if err := req.FromURL(r.URL.Path); err != nil {
- return nil, fmt.Errorf("FromASCII: %v", err)
- }
-
- if req.StartSize > req.EndSize {
- return nil, fmt.Errorf("StartSize(%d) must be less than or equal to EndSize(%d)", req.StartSize, req.EndSize)
- }
- if req.EndSize-req.StartSize+1 > uint64(i.MaxRange) {
- req.EndSize = req.StartSize + uint64(i.MaxRange) - 1
- }
- return &req, nil
-}