diff options
author | Linus Nordberg <linus@nordberg.se> | 2022-05-24 23:33:38 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-06-23 11:33:17 +0200 |
commit | 559bccccd40d028e412d9f11709ded0250ba6dcd (patch) | |
tree | 50f3193dbe70fec21357963c11e5f663013f4b4c /pkg/instance/instance.go | |
parent | 4b20ef0c1732bcef633c0ed7104501898aa84e2c (diff) |
implement primary and secondary role, for replicationv0.5.0
Diffstat (limited to 'pkg/instance/instance.go')
-rw-r--r-- | pkg/instance/instance.go | 135 |
1 files changed, 0 insertions, 135 deletions
diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go deleted file mode 100644 index f4c0089..0000000 --- a/pkg/instance/instance.go +++ /dev/null @@ -1,135 +0,0 @@ -package instance - -import ( - "context" - "crypto" - "fmt" - "net/http" - "time" - - "git.sigsum.org/log-go/pkg/db" - "git.sigsum.org/log-go/pkg/state" - "git.sigsum.org/sigsum-go/pkg/dns" - "git.sigsum.org/sigsum-go/pkg/requests" - "git.sigsum.org/sigsum-go/pkg/types" -) - -// Config is a collection of log parameters -type Config struct { - LogID string // H(public key), then hex-encoded - TreeID int64 // Merkle tree identifier used by Trillian - Prefix string // The portion between base URL and st/v0 (may be "") - MaxRange int64 // Maximum number of leaves per get-leaves request - Deadline time.Duration // Deadline used for gRPC requests - Interval time.Duration // Cosigning frequency - ShardStart uint64 // Shard interval start (num seconds since UNIX epoch) - - // Witnesses map trusted witness identifiers to public keys - Witnesses map[types.Hash]types.PublicKey -} - -// Instance is an instance of the log's front-end -type Instance struct { - Config // configuration parameters - Client db.Client // provides access to the Trillian backend - Signer crypto.Signer // provides access to Ed25519 private key - Stateman state.StateManager // coordinates access to (co)signed tree heads - DNS dns.Verifier // checks if domain name knows a public key -} - -// Handlers returns a list of sigsum handlers -func (i *Instance) Handlers() []Handler { - return []Handler{ - Handler{Instance: i, Handler: addLeaf, Endpoint: types.EndpointAddLeaf, Method: http.MethodPost}, - Handler{Instance: i, Handler: addCosignature, Endpoint: types.EndpointAddCosignature, Method: http.MethodPost}, - Handler{Instance: i, Handler: getTreeHeadToCosign, Endpoint: types.EndpointGetTreeHeadToCosign, Method: http.MethodGet}, - Handler{Instance: i, Handler: getTreeHeadCosigned, Endpoint: types.EndpointGetTreeHeadCosigned, Method: http.MethodGet}, - Handler{Instance: i, Handler: getCheckpoint, Endpoint: types.Endpoint("get-checkpoint"), Method: http.MethodGet}, - Handler{Instance: i, Handler: getConsistencyProof, Endpoint: types.EndpointGetConsistencyProof, Method: http.MethodGet}, - Handler{Instance: i, Handler: getInclusionProof, Endpoint: types.EndpointGetInclusionProof, Method: http.MethodGet}, - Handler{Instance: i, Handler: getLeaves, Endpoint: types.EndpointGetLeaves, Method: http.MethodGet}, - } -} - -// checkHTTPMethod checks if an HTTP method is supported -func (i *Instance) checkHTTPMethod(m string) bool { - return m == http.MethodGet || m == http.MethodPost -} - -func (i *Instance) leafRequestFromHTTP(ctx context.Context, r *http.Request) (*requests.Leaf, error) { - var req requests.Leaf - if err := req.FromASCII(r.Body); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) - } - stmt := types.Statement{ - ShardHint: req.ShardHint, - Checksum: *types.HashFn(req.Message[:]), - } - if !stmt.Verify(&req.PublicKey, &req.Signature) { - return nil, fmt.Errorf("invalid signature") - } - shardEnd := uint64(time.Now().Unix()) - if req.ShardHint < i.ShardStart { - return nil, fmt.Errorf("invalid shard hint: %d not in [%d, %d]", req.ShardHint, i.ShardStart, shardEnd) - } - if req.ShardHint > shardEnd { - return nil, fmt.Errorf("invalid shard hint: %d not in [%d, %d]", req.ShardHint, i.ShardStart, shardEnd) - } - if err := i.DNS.Verify(ctx, req.DomainHint, &req.PublicKey); err != nil { - return nil, fmt.Errorf("invalid domain hint: %v", err) - } - return &req, nil -} - -func (i *Instance) cosignatureRequestFromHTTP(r *http.Request) (*requests.Cosignature, error) { - var req requests.Cosignature - if err := req.FromASCII(r.Body); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) - } - if _, ok := i.Witnesses[req.KeyHash]; !ok { - return nil, fmt.Errorf("Unknown witness: %x", req.KeyHash) - } - return &req, nil -} - -func (i *Instance) consistencyProofRequestFromHTTP(r *http.Request) (*requests.ConsistencyProof, error) { - var req requests.ConsistencyProof - if err := req.FromURL(r.URL.Path); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) - } - if req.OldSize < 1 { - return nil, fmt.Errorf("OldSize(%d) must be larger than zero", req.OldSize) - } - if req.NewSize <= req.OldSize { - return nil, fmt.Errorf("NewSize(%d) must be larger than OldSize(%d)", req.NewSize, req.OldSize) - } - return &req, nil -} - -func (i *Instance) inclusionProofRequestFromHTTP(r *http.Request) (*requests.InclusionProof, error) { - var req requests.InclusionProof - if err := req.FromURL(r.URL.Path); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) - } - if req.TreeSize < 2 { - // TreeSize:0 => not possible to prove inclusion of anything - // TreeSize:1 => you don't need an inclusion proof (it is always empty) - return nil, fmt.Errorf("TreeSize(%d) must be larger than one", req.TreeSize) - } - return &req, nil -} - -func (i *Instance) leavesRequestFromHTTP(r *http.Request) (*requests.Leaves, error) { - var req requests.Leaves - if err := req.FromURL(r.URL.Path); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) - } - - if req.StartSize > req.EndSize { - return nil, fmt.Errorf("StartSize(%d) must be less than or equal to EndSize(%d)", req.StartSize, req.EndSize) - } - if req.EndSize-req.StartSize+1 > uint64(i.MaxRange) { - req.EndSize = req.StartSize + uint64(i.MaxRange) - 1 - } - return &req, nil -} |