aboutsummaryrefslogtreecommitdiff
path: root/client/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'client/cmd')
-rw-r--r--client/cmd/add-entry/main.go4
-rwxr-xr-xclient/cmd/example.sh33
-rw-r--r--client/cmd/get-consistency-proof/main.go70
-rw-r--r--client/cmd/get-entries/main.go83
-rw-r--r--client/cmd/get-proof-by-hash/main.go66
5 files changed, 254 insertions, 2 deletions
diff --git a/client/cmd/add-entry/main.go b/client/cmd/add-entry/main.go
index 03844fa..a29d01f 100644
--- a/client/cmd/add-entry/main.go
+++ b/client/cmd/add-entry/main.go
@@ -13,8 +13,8 @@ import (
)
var (
- identifier = flag.String("identifier", "foobar-1.2.3", "checksum identifier")
- checksum = flag.String("checksum", "50e7967bce266a506f8f614bb5096beba580d205046b918f47d23b2ec626d75e", "base64-encoded checksum")
+ identifier = flag.String("identifier", "", "checksum identifier")
+ checksum = flag.String("checksum", "", "base64-encoded checksum")
)
func main() {
diff --git a/client/cmd/example.sh b/client/cmd/example.sh
new file mode 100755
index 0000000..beac26e
--- /dev/null
+++ b/client/cmd/example.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+echo "fetching sth..."
+go run get-sth/main.go --logtostderr -v 3 | tee sth1.output
+echo "" && sleep 1
+
+echo "adding an entry..."
+go run add-entry/main.go --logtostderr -v 3 \
+ --identifier "example.sh v0.0.1-$(cat /dev/urandom | base64 | head -c 10)" \
+ --checksum $(sha256sum example.sh) | tee add-entry.output
+echo "" && sleep 1
+
+echo "fetching another sth..."
+go run get-sth/main.go --logtostderr -v 3 | tee sth2.output
+echo "" && sleep 1
+
+echo "verifying inclusion..."
+go run get-proof-by-hash/main.go --logtostderr -v 3 \
+ --leaf_hash $(cat add-entry.output | awk '{print $3}') \
+ --sth $(cat sth2.output | awk '{print $2}')
+echo "" && sleep 1
+
+echo "verifying consistency..."
+go run get-consistency-proof/main.go --logtostderr -v 3 \
+ --first $(cat sth1.output | awk '{print $2}') \
+ --second $(cat sth2.output | awk '{print $2}')
+echo "" && sleep 1
+
+echo "fetching the log's first entry..."
+go run get-entries/main.go --logtostderr -v 3 --start 0 --end 0
+echo ""
+
+rm *.output
diff --git a/client/cmd/get-consistency-proof/main.go b/client/cmd/get-consistency-proof/main.go
new file mode 100644
index 0000000..bb8a7a6
--- /dev/null
+++ b/client/cmd/get-consistency-proof/main.go
@@ -0,0 +1,70 @@
+package main
+
+import (
+ "context"
+ "flag"
+ "fmt"
+
+ "encoding/base64"
+
+ "github.com/golang/glog"
+ "github.com/system-transparency/stfe/client"
+ "github.com/system-transparency/stfe/types"
+)
+
+var (
+ first = flag.String("first", "", "base64-encoded sth")
+ second = flag.String("second", "", "base64-encoded sth")
+)
+
+func main() {
+ flag.Parse()
+ defer glog.Flush()
+
+ client, err := client.NewClientFromFlags()
+ if err != nil {
+ glog.Errorf("NewClientFromFlags: %v", err)
+ return
+ }
+ sth1, sth2, err := newParamsFromFlags()
+ if err != nil {
+ glog.Errorf("NewRequestFromFlags: %v", err)
+ return
+ }
+
+ proof, err := client.GetConsistencyProof(context.Background(), sth1, sth2)
+ if err != nil {
+ glog.Errorf("GetConsistencyProof: %v", err)
+ return
+ }
+ serialized, err := types.Marshal(*proof)
+ if err != nil {
+ glog.Errorf("Marshal: %v", err)
+ return
+ }
+ fmt.Println("proof:", base64.StdEncoding.EncodeToString(serialized))
+}
+
+func newParamsFromFlags() (*types.StItem, *types.StItem, error) {
+ sth1, err := decodeSthStr(*first)
+ if err != nil {
+ return nil, nil, fmt.Errorf("first: decodeSthStr: %v", err)
+ }
+ sth2, err := decodeSthStr(*second)
+ if err != nil {
+ return nil, nil, fmt.Errorf("second: decodeSthStr: %v", err)
+ }
+ return sth1, sth2, nil
+}
+
+func decodeSthStr(sthStr string) (*types.StItem, error) {
+ serialized, err := base64.StdEncoding.DecodeString(sthStr)
+ if err != nil {
+ return nil, fmt.Errorf("DecodeString: %v", err)
+ }
+ var item types.StItem
+ if err = types.Unmarshal(serialized, &item); err != nil {
+ return nil, fmt.Errorf("Unmarshal: %v", err)
+ }
+ return &item, nil
+}
diff --git a/client/cmd/get-entries/main.go b/client/cmd/get-entries/main.go
new file mode 100644
index 0000000..f32fdbf
--- /dev/null
+++ b/client/cmd/get-entries/main.go
@@ -0,0 +1,83 @@
+package main
+
+import (
+ "context"
+ "flag"
+ "fmt"
+
+ "encoding/base64"
+
+ "github.com/golang/glog"
+ "github.com/google/trillian/merkle/rfc6962"
+ "github.com/system-transparency/stfe/client"
+ "github.com/system-transparency/stfe/types"
+)
+
+var (
+ start = flag.Uint64("start", 0, "inclusive start index to download")
+ end = flag.Uint64("end", 0, "inclusive stop index to download")
+)
+
+func main() {
+ flag.Parse()
+ defer glog.Flush()
+
+ client, err := client.NewClientFromFlags()
+ if err != nil {
+ glog.Errorf("NewClientFromFlags: %v", err)
+ return
+ }
+ items, err := getRange(client, *start, *end)
+ if err != nil {
+ glog.Errorf("getRange: %v", err)
+ return
+ }
+ if err := printRange(items); err != nil {
+ glog.Errorf("printRange: %v", err)
+ return
+ }
+}
+
+func getRange(client *client.Client, start, end uint64) ([]*types.StItem, error) {
+ items := make([]*types.StItem, 0, end-start+1)
+ for len(items) != cap(items) {
+ rsp, err := client.GetEntries(context.Background(), start, end)
+ if err != nil {
+ return nil, fmt.Errorf("fetching entries failed: %v", err)
+ }
+ items = append(items, rsp...)
+ start += uint64(len(rsp))
+ }
+ return items, nil
+}
+
+func printRange(items []*types.StItem) error {
+ for i, item := range items {
+ var status string
+ msg, err := types.Marshal(item.SignedChecksumV1.Data)
+ if err != nil {
+ return fmt.Errorf("Marshal data failed: %v", err)
+ }
+ sig := item.SignedChecksumV1.Signature.Signature
+ namespace := &item.SignedChecksumV1.Signature.Namespace
+ if err := namespace.Verify(msg, sig); err != nil {
+ status = "unverified signature"
+ } else {
+ status = "verified signature"
+ }
+ serializedNamespace, err := types.Marshal(*namespace)
+ if err != nil {
+ return fmt.Errorf("Marshal namespace failed: %v", err)
+ }
+ serializedLeaf, err := types.Marshal(*item)
+ if err != nil {
+ return fmt.Errorf("Marshal item on index %d: %v", *start+uint64(i), err)
+ }
+ fmt.Printf("Index(%d) - %s\n", *start+uint64(i), status)
+ fmt.Printf("-> Namespace: %s\n", base64.StdEncoding.EncodeToString(serializedNamespace))
+ fmt.Printf("-> Identifier: %s\n", string(item.SignedChecksumV1.Data.Identifier))
+ fmt.Printf("-> Checksum: %s\n", base64.StdEncoding.EncodeToString(item.SignedChecksumV1.Data.Checksum))
+ fmt.Printf("-> Leaf hash: %s\n", base64.StdEncoding.EncodeToString(rfc6962.DefaultHasher.HashLeaf(serializedLeaf)))
+ }
+ return nil
+}
diff --git a/client/cmd/get-proof-by-hash/main.go b/client/cmd/get-proof-by-hash/main.go
new file mode 100644
index 0000000..1f4f304
--- /dev/null
+++ b/client/cmd/get-proof-by-hash/main.go
@@ -0,0 +1,66 @@
+package main
+
+import (
+ "context"
+ "flag"
+ "fmt"
+
+ "encoding/base64"
+
+ "github.com/golang/glog"
+ "github.com/system-transparency/stfe/client"
+ "github.com/system-transparency/stfe/types"
+)
+
+var (
+ sthStr = flag.String("sth", "", "base64-encoded StItem of type StFormatSignedTreeHeadV1 (default: fetch new sth)")
+ leafHashStr = flag.String("leaf_hash", "", "base64-encoded leaf hash")
+)
+
+func main() {
+ flag.Parse()
+ defer glog.Flush()
+
+ client, err := client.NewClientFromFlags()
+ if err != nil {
+ glog.Errorf("NewClientFromFlags: %v", err)
+ return
+ }
+ leafHash, sth, err := newParamsFromFlags(client)
+ if err != nil {
+ glog.Errorf("NewRequestFromFlags: %v", err)
+ return
+ }
+
+ proof, err := client.GetProofByHash(context.Background(), leafHash, sth)
+ if err != nil {
+ glog.Errorf("GetProofByHash: %v", err)
+ return
+ }
+ serialized, err := types.Marshal(*proof)
+ if err != nil {
+ glog.Errorf("Marshal: %v", err)
+ }
+ fmt.Println("proof:", base64.StdEncoding.EncodeToString(serialized))
+}
+
+func newParamsFromFlags(client *client.Client) ([]byte, *types.StItem, error) {
+ serialized, err := base64.StdEncoding.DecodeString(*sthStr)
+ if err != nil {
+ return nil, nil, fmt.Errorf("sth: DecodeString: %v", err)
+ }
+ var item types.StItem
+ if err = types.Unmarshal(serialized, &item); err != nil {
+ return nil, nil, fmt.Errorf("sth: Unmarshal: %v", err)
+ } else if got, want := item.Format, types.StFormatSignedTreeHeadV1; got != want {
+ return nil, nil, fmt.Errorf("unexpected StItem format: %v", got)
+ }
+ leafHash, err := base64.StdEncoding.DecodeString(*leafHashStr)
+ if err != nil {
+ return nil, nil, fmt.Errorf("leaf_hash: DecodeString: %v", err)
+ } else if got, want := len(leafHash), 32; got != want {
+ return nil, nil, fmt.Errorf("leaf_hash: unexpected size: %v", got)
+ }
+ glog.V(3).Infof("created request parameters TreeSize(%d) and LeafHash(%s)", item.SignedTreeHeadV1.TreeHead.TreeSize, *leafHashStr)
+ return leafHash, &item, nil
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-30 20:36:26 +0000