aboutsummaryrefslogtreecommitdiff
path: root/type.go
diff options
context:
space:
mode:
Diffstat (limited to 'type.go')
-rw-r--r--type.go306
1 files changed, 0 insertions, 306 deletions
diff --git a/type.go b/type.go
deleted file mode 100644
index db9ddc6..0000000
--- a/type.go
+++ /dev/null
@@ -1,306 +0,0 @@
-package stfe
-
-import (
- "fmt"
- "time"
-
- "encoding/base64"
-
- "github.com/google/certificate-transparency-go/tls"
- "github.com/google/trillian/types"
- "github.com/system-transparency/stfe/namespace"
-)
-
-// StFormat defines a particular StItem type that is versioned
-type StFormat tls.Enum
-
-const (
- StFormatReserved StFormat = 0
- StFormatSignedTreeHeadV1 StFormat = 1
- StFormatSignedDebugInfoV1 StFormat = 2
- StFormatConsistencyProofV1 StFormat = 3
- StFormatInclusionProofV1 StFormat = 4
- StFormatChecksumV1 = 5
- StFormatCosignedTreeHeadV1 = 6
-)
-
-// StItem references a versioned item based on a given format specifier
-type StItem struct {
- Format StFormat `tls:"maxval:65535"`
- SignedTreeHeadV1 *SignedTreeHeadV1 `tls:"selector:Format,val:1"`
- SignedDebugInfoV1 *SignedDebugInfoV1 `tls:"selector:Format,val:2"`
- ConsistencyProofV1 *ConsistencyProofV1 `tls:"selector:Format,val:3"`
- InclusionProofV1 *InclusionProofV1 `tls:"selector:Format,val:4"`
- ChecksumV1 *ChecksumV1 `tls:"selector:Format,val:5"`
- CosignedTreeHeadV1 *CosignedTreeHeadV1 `tls:"selector:Format,val:6"`
-}
-
-// SignedTreeHeadV1 is a signed tree head as defined by RFC 6962/bis, §4.10
-type SignedTreeHeadV1 struct {
- LogId []byte `tls:"minlen:35,maxlen:35"`
- TreeHead TreeHeadV1
- Signature []byte `tls:"minlen:1,maxlen:65535"`
-}
-
-// SignedDebugInfoV1 is a signed statement that we intend (but do not promise)
-// to insert an entry into the log as defined by markdown/api.md
-type SignedDebugInfoV1 struct {
- LogId []byte `tls:"minlen:35,maxlen:35"`
- Message []byte `tls:"minlen:0,maxlen:65535"`
- Signature []byte `tls:"minlen:1,maxlen:65535"`
-}
-
-// ConsistencyProofV1 is a consistency proof as defined by RFC 6962/bis, §4.11
-type ConsistencyProofV1 struct {
- LogId []byte `tls:"minlen:35,maxlen:35"`
- TreeSize1 uint64
- TreeSize2 uint64
- ConsistencyPath []NodeHash `tls:"minlen:0,maxlen:65535"`
-}
-
-// InclusionProofV1 is an inclusion proof as defined by RFC 6962/bis, §4.12
-type InclusionProofV1 struct {
- LogId []byte `tls:"minlen:35,maxlen:35"`
- TreeSize uint64
- LeafIndex uint64
- InclusionPath []NodeHash `tls:"minlen:0,maxlen:65535"`
-}
-
-// ChecksumV1 associates a leaf type as defined by markdown/api.md
-type ChecksumV1 struct {
- Package []byte `tls:"minlen:1,maxlen:255"`
- Checksum []byte `tls:"minlen:1,maxlen:64"`
- Namespace namespace.Namespace
-}
-
-// TreeHeadV1 is a tree head as defined by RFC 6962/bis, §4.10
-type TreeHeadV1 struct {
- Timestamp uint64
- TreeSize uint64
- RootHash NodeHash
- Extension []byte `tls:"minlen:0,maxlen:65535"`
-}
-
-// CosignedTreeheadV1 is a cosigned STH
-type CosignedTreeHeadV1 struct {
- SignedTreeHeadV1 SignedTreeHeadV1
- SignatureV1 []SignatureV1 `tls:"minlen:0,maxlen:4294967295"`
-}
-
-// SignatureV1 is a detached signature that was produced by a namespace
-type SignatureV1 struct {
- Namespace namespace.Namespace
- Signature []byte `tls:"minlen:1,maxlen:65535"`
-}
-
-// NodeHash is a Merkle tree hash as defined by RFC 6962/bis, §4.9
-type NodeHash struct {
- Data []byte `tls:"minlen:32,maxlen:255"`
-}
-
-// RawCertificate is a serialized X.509 certificate
-type RawCertificate struct {
- Data []byte `tls:"minlen:0,maxlen:65535"`
-}
-
-func (f StFormat) String() string {
- switch f {
- case StFormatReserved:
- return "reserved"
- case StFormatSignedTreeHeadV1:
- return "signed_tree_head_v1"
- case StFormatSignedDebugInfoV1:
- return "signed_debug_info_v1"
- case StFormatConsistencyProofV1:
- return "consistency_proof_v1"
- case StFormatInclusionProofV1:
- return "inclusion_proof_v1"
- case StFormatChecksumV1:
- return "checksum_v1"
- case StFormatCosignedTreeHeadV1:
- return "cosigned_tree_head_v1"
- default:
- return fmt.Sprintf("Unknown StFormat: %d", f)
- }
-}
-
-func (i StItem) String() string {
- switch i.Format {
- case StFormatChecksumV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.ChecksumV1)
- case StFormatConsistencyProofV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.ConsistencyProofV1)
- case StFormatInclusionProofV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.InclusionProofV1)
- case StFormatSignedDebugInfoV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.SignedDebugInfoV1)
- case StFormatSignedTreeHeadV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.SignedTreeHeadV1)
- case StFormatCosignedTreeHeadV1:
- return fmt.Sprintf("Format(%s): %s", i.Format, i.CosignedTreeHeadV1)
- default:
- return fmt.Sprintf("unknown StItem: %s", i.Format)
- }
-}
-
-func (i SignedTreeHeadV1) String() string {
- return fmt.Sprintf("LogId(%s) TreeHead(%s) Signature(%s)", b64(i.LogId), i.TreeHead, b64(i.Signature))
-}
-
-func (i SignedDebugInfoV1) String() string {
- return fmt.Sprintf("LogId(%s) Message(%s) Signature(%s)", b64(i.LogId), string(i.Message), b64(i.Signature))
-}
-
-func (i ConsistencyProofV1) String() string {
- return fmt.Sprintf("LogID(%s) TreeSize1(%d) TreeSize2(%d) ConsistencyPath(%v)", b64(i.LogId), i.TreeSize1, i.TreeSize2, B64EncodePath(i.ConsistencyPath))
-}
-
-func (i InclusionProofV1) String() string {
- return fmt.Sprintf("LogID(%s) TreeSize(%d) LeafIndex(%d) AuditPath(%v)", b64(i.LogId), i.TreeSize, i.LeafIndex, B64EncodePath(i.InclusionPath))
-}
-
-func (i ChecksumV1) String() string {
- return fmt.Sprintf("Package(%s) Checksum(%s) Namespace(%s)", string(i.Package), string(i.Checksum), i.Namespace.String())
-}
-
-func (th TreeHeadV1) String() string {
- return fmt.Sprintf("Timestamp(%s) TreeSize(%d) RootHash(%s)", time.Unix(int64(th.Timestamp/1000), 0), th.TreeSize, b64(th.RootHash.Data))
-}
-
-func (i CosignedTreeHeadV1) String() string {
- return fmt.Sprintf("SignedTreeHead(%s) #Cosignatures(%d)", i.SignedTreeHeadV1.String(), len(i.SignatureV1))
-}
-
-// Marshal serializes an Stitem as defined by RFC 5246
-func (i *StItem) Marshal() ([]byte, error) {
- serialized, err := tls.Marshal(*i)
- if err != nil {
- return nil, fmt.Errorf("marshal failed for StItem(%s): %v", i.Format, err)
- }
- return serialized, nil
-}
-
-// MarshalB64 base64-encodes a serialized StItem
-func (i *StItem) MarshalB64() (string, error) {
- serialized, err := i.Marshal()
- if err != nil {
- return "", err
- }
- return b64(serialized), nil
-}
-
-// Unmarshal unpacks a serialized StItem
-func (i *StItem) Unmarshal(serialized []byte) error {
- extra, err := tls.Unmarshal(serialized, i)
- if err != nil {
- return fmt.Errorf("unmarshal failed for StItem(%s): %v", i.Format, err)
- } else if len(extra) > 0 {
- return fmt.Errorf("unmarshal found extra data for StItem(%s): %v", i.Format, extra)
- }
- return nil
-}
-
-// UnmarshalB64 unpacks a base64-encoded serialized StItem
-func (i *StItem) UnmarshalB64(s string) error {
- serialized, err := deb64(s)
- if err != nil {
- return fmt.Errorf("base64 decoding failed for StItem(%s): %v", i.Format, err)
- }
- return i.Unmarshal(serialized)
-}
-
-// Marshal serializes a TreeHeadV1 as defined by RFC 5246
-func (th *TreeHeadV1) Marshal() ([]byte, error) {
- serialized, err := tls.Marshal(*th)
- if err != nil {
- return nil, fmt.Errorf("marshal failed for TreeHeadV1: %v", err)
- }
- return serialized, nil
-}
-
-// B64EncodePath encodes a path of node hashes as a list of base64 strings
-func B64EncodePath(path []NodeHash) []string {
- p := make([]string, 0, len(path))
- for _, hash := range path {
- p = append(p, b64(hash.Data))
- }
- return p
-}
-
-// NewSignedTreeHead creates a new StItem of type signed_tree_head_v1
-func NewSignedTreeHeadV1(th *TreeHeadV1, logId, signature []byte) *StItem {
- return &StItem{
- Format: StFormatSignedTreeHeadV1,
- SignedTreeHeadV1: &SignedTreeHeadV1{logId, *th, signature},
- }
-}
-
-// NewSignedDebugInfoV1 creates a new StItem of type inclusion_proof_v1
-func NewSignedDebugInfoV1(logId, message, signature []byte) *StItem {
- return &StItem{
- Format: StFormatSignedDebugInfoV1,
- SignedDebugInfoV1: &SignedDebugInfoV1{logId, message, signature},
- }
-}
-
-// NewInclusionProofV1 creates a new StItem of type inclusion_proof_v1
-func NewInclusionProofV1(logID []byte, treeSize, index uint64, proof [][]byte) *StItem {
- path := make([]NodeHash, 0, len(proof))
- for _, hash := range proof {
- path = append(path, NodeHash{Data: hash})
- }
- return &StItem{
- Format: StFormatInclusionProofV1,
- InclusionProofV1: &InclusionProofV1{logID, treeSize, index, path},
- }
-}
-
-// NewConsistencyProofV1 creates a new StItem of type consistency_proof_v1
-func NewConsistencyProofV1(logId []byte, first, second uint64, proof [][]byte) *StItem {
- path := make([]NodeHash, 0, len(proof))
- for _, hash := range proof {
- path = append(path, NodeHash{Data: hash})
- }
- return &StItem{
- Format: StFormatConsistencyProofV1,
- ConsistencyProofV1: &ConsistencyProofV1{logId, uint64(first), uint64(second), path},
- }
-}
-
-// NewChecksumV1 creates a new StItem of type checksum_v1
-func NewChecksumV1(identifier, checksum []byte, namespace *namespace.Namespace) *StItem {
- return &StItem{
- Format: StFormatChecksumV1,
- ChecksumV1: &ChecksumV1{identifier, checksum, *namespace},
- }
-}
-
-// NewTreeHead creates a new TreeHeadV1 from a Trillian-signed log root without
-// verifying any signature. In other words, Trillian <-> STFE must be trusted.
-func NewTreeHeadV1(lr *types.LogRootV1) *TreeHeadV1 {
- return &TreeHeadV1{
- uint64(lr.TimestampNanos / 1000 / 1000),
- uint64(lr.TreeSize),
- NodeHash{lr.RootHash},
- make([]byte, 0),
- }
-}
-
-// NewCosignedTreeHeadV1 creates a new StItem of type cosigned_tree_head_v1
-func NewCosignedTreeHeadV1(sth *SignedTreeHeadV1, sigs []SignatureV1) *StItem {
- return &StItem{
- Format: StFormatCosignedTreeHeadV1,
- CosignedTreeHeadV1: &CosignedTreeHeadV1{
- SignedTreeHeadV1: *sth,
- SignatureV1: sigs,
- },
- }
-}
-
-func b64(b []byte) string {
- return base64.StdEncoding.EncodeToString(b)
-}
-
-func deb64(str string) ([]byte, error) {
- return base64.StdEncoding.DecodeString(str)
-}