From 453a0c38516496052c5f570691c74516c8675e2d Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 16 Mar 2021 16:29:24 +0100 Subject: added additional basic client commands --- client/cmd/add-entry/main.go | 4 +- client/cmd/example.sh | 33 +++++++++++++ client/cmd/get-consistency-proof/main.go | 70 +++++++++++++++++++++++++++ client/cmd/get-entries/main.go | 83 ++++++++++++++++++++++++++++++++ client/cmd/get-proof-by-hash/main.go | 66 +++++++++++++++++++++++++ 5 files changed, 254 insertions(+), 2 deletions(-) create mode 100755 client/cmd/example.sh create mode 100644 client/cmd/get-consistency-proof/main.go create mode 100644 client/cmd/get-entries/main.go create mode 100644 client/cmd/get-proof-by-hash/main.go (limited to 'client/cmd') diff --git a/client/cmd/add-entry/main.go b/client/cmd/add-entry/main.go index 03844fa..a29d01f 100644 --- a/client/cmd/add-entry/main.go +++ b/client/cmd/add-entry/main.go @@ -13,8 +13,8 @@ import ( ) var ( - identifier = flag.String("identifier", "foobar-1.2.3", "checksum identifier") - checksum = flag.String("checksum", "50e7967bce266a506f8f614bb5096beba580d205046b918f47d23b2ec626d75e", "base64-encoded checksum") + identifier = flag.String("identifier", "", "checksum identifier") + checksum = flag.String("checksum", "", "base64-encoded checksum") ) func main() { diff --git a/client/cmd/example.sh b/client/cmd/example.sh new file mode 100755 index 0000000..beac26e --- /dev/null +++ b/client/cmd/example.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +echo "fetching sth..." +go run get-sth/main.go --logtostderr -v 3 | tee sth1.output +echo "" && sleep 1 + +echo "adding an entry..." +go run add-entry/main.go --logtostderr -v 3 \ + --identifier "example.sh v0.0.1-$(cat /dev/urandom | base64 | head -c 10)" \ + --checksum $(sha256sum example.sh) | tee add-entry.output +echo "" && sleep 1 + +echo "fetching another sth..." +go run get-sth/main.go --logtostderr -v 3 | tee sth2.output +echo "" && sleep 1 + +echo "verifying inclusion..." +go run get-proof-by-hash/main.go --logtostderr -v 3 \ + --leaf_hash $(cat add-entry.output | awk '{print $3}') \ + --sth $(cat sth2.output | awk '{print $2}') +echo "" && sleep 1 + +echo "verifying consistency..." +go run get-consistency-proof/main.go --logtostderr -v 3 \ + --first $(cat sth1.output | awk '{print $2}') \ + --second $(cat sth2.output | awk '{print $2}') +echo "" && sleep 1 + +echo "fetching the log's first entry..." +go run get-entries/main.go --logtostderr -v 3 --start 0 --end 0 +echo "" + +rm *.output diff --git a/client/cmd/get-consistency-proof/main.go b/client/cmd/get-consistency-proof/main.go new file mode 100644 index 0000000..bb8a7a6 --- /dev/null +++ b/client/cmd/get-consistency-proof/main.go @@ -0,0 +1,70 @@ +package main + +import ( + "context" + "flag" + "fmt" + + "encoding/base64" + + "github.com/golang/glog" + "github.com/system-transparency/stfe/client" + "github.com/system-transparency/stfe/types" +) + +var ( + first = flag.String("first", "", "base64-encoded sth") + second = flag.String("second", "", "base64-encoded sth") +) + +func main() { + flag.Parse() + defer glog.Flush() + + client, err := client.NewClientFromFlags() + if err != nil { + glog.Errorf("NewClientFromFlags: %v", err) + return + } + sth1, sth2, err := newParamsFromFlags() + if err != nil { + glog.Errorf("NewRequestFromFlags: %v", err) + return + } + + proof, err := client.GetConsistencyProof(context.Background(), sth1, sth2) + if err != nil { + glog.Errorf("GetConsistencyProof: %v", err) + return + } + serialized, err := types.Marshal(*proof) + if err != nil { + glog.Errorf("Marshal: %v", err) + return + } + fmt.Println("proof:", base64.StdEncoding.EncodeToString(serialized)) +} + +func newParamsFromFlags() (*types.StItem, *types.StItem, error) { + sth1, err := decodeSthStr(*first) + if err != nil { + return nil, nil, fmt.Errorf("first: decodeSthStr: %v", err) + } + sth2, err := decodeSthStr(*second) + if err != nil { + return nil, nil, fmt.Errorf("second: decodeSthStr: %v", err) + } + return sth1, sth2, nil +} + +func decodeSthStr(sthStr string) (*types.StItem, error) { + serialized, err := base64.StdEncoding.DecodeString(sthStr) + if err != nil { + return nil, fmt.Errorf("DecodeString: %v", err) + } + var item types.StItem + if err = types.Unmarshal(serialized, &item); err != nil { + return nil, fmt.Errorf("Unmarshal: %v", err) + } + return &item, nil +} diff --git a/client/cmd/get-entries/main.go b/client/cmd/get-entries/main.go new file mode 100644 index 0000000..f32fdbf --- /dev/null +++ b/client/cmd/get-entries/main.go @@ -0,0 +1,83 @@ +package main + +import ( + "context" + "flag" + "fmt" + + "encoding/base64" + + "github.com/golang/glog" + "github.com/google/trillian/merkle/rfc6962" + "github.com/system-transparency/stfe/client" + "github.com/system-transparency/stfe/types" +) + +var ( + start = flag.Uint64("start", 0, "inclusive start index to download") + end = flag.Uint64("end", 0, "inclusive stop index to download") +) + +func main() { + flag.Parse() + defer glog.Flush() + + client, err := client.NewClientFromFlags() + if err != nil { + glog.Errorf("NewClientFromFlags: %v", err) + return + } + items, err := getRange(client, *start, *end) + if err != nil { + glog.Errorf("getRange: %v", err) + return + } + if err := printRange(items); err != nil { + glog.Errorf("printRange: %v", err) + return + } +} + +func getRange(client *client.Client, start, end uint64) ([]*types.StItem, error) { + items := make([]*types.StItem, 0, end-start+1) + for len(items) != cap(items) { + rsp, err := client.GetEntries(context.Background(), start, end) + if err != nil { + return nil, fmt.Errorf("fetching entries failed: %v", err) + } + items = append(items, rsp...) + start += uint64(len(rsp)) + } + return items, nil +} + +func printRange(items []*types.StItem) error { + for i, item := range items { + var status string + msg, err := types.Marshal(item.SignedChecksumV1.Data) + if err != nil { + return fmt.Errorf("Marshal data failed: %v", err) + } + sig := item.SignedChecksumV1.Signature.Signature + namespace := &item.SignedChecksumV1.Signature.Namespace + if err := namespace.Verify(msg, sig); err != nil { + status = "unverified signature" + } else { + status = "verified signature" + } + serializedNamespace, err := types.Marshal(*namespace) + if err != nil { + return fmt.Errorf("Marshal namespace failed: %v", err) + } + serializedLeaf, err := types.Marshal(*item) + if err != nil { + return fmt.Errorf("Marshal item on index %d: %v", *start+uint64(i), err) + } + fmt.Printf("Index(%d) - %s\n", *start+uint64(i), status) + fmt.Printf("-> Namespace: %s\n", base64.StdEncoding.EncodeToString(serializedNamespace)) + fmt.Printf("-> Identifier: %s\n", string(item.SignedChecksumV1.Data.Identifier)) + fmt.Printf("-> Checksum: %s\n", base64.StdEncoding.EncodeToString(item.SignedChecksumV1.Data.Checksum)) + fmt.Printf("-> Leaf hash: %s\n", base64.StdEncoding.EncodeToString(rfc6962.DefaultHasher.HashLeaf(serializedLeaf))) + } + return nil +} diff --git a/client/cmd/get-proof-by-hash/main.go b/client/cmd/get-proof-by-hash/main.go new file mode 100644 index 0000000..1f4f304 --- /dev/null +++ b/client/cmd/get-proof-by-hash/main.go @@ -0,0 +1,66 @@ +package main + +import ( + "context" + "flag" + "fmt" + + "encoding/base64" + + "github.com/golang/glog" + "github.com/system-transparency/stfe/client" + "github.com/system-transparency/stfe/types" +) + +var ( + sthStr = flag.String("sth", "", "base64-encoded StItem of type StFormatSignedTreeHeadV1 (default: fetch new sth)") + leafHashStr = flag.String("leaf_hash", "", "base64-encoded leaf hash") +) + +func main() { + flag.Parse() + defer glog.Flush() + + client, err := client.NewClientFromFlags() + if err != nil { + glog.Errorf("NewClientFromFlags: %v", err) + return + } + leafHash, sth, err := newParamsFromFlags(client) + if err != nil { + glog.Errorf("NewRequestFromFlags: %v", err) + return + } + + proof, err := client.GetProofByHash(context.Background(), leafHash, sth) + if err != nil { + glog.Errorf("GetProofByHash: %v", err) + return + } + serialized, err := types.Marshal(*proof) + if err != nil { + glog.Errorf("Marshal: %v", err) + } + fmt.Println("proof:", base64.StdEncoding.EncodeToString(serialized)) +} + +func newParamsFromFlags(client *client.Client) ([]byte, *types.StItem, error) { + serialized, err := base64.StdEncoding.DecodeString(*sthStr) + if err != nil { + return nil, nil, fmt.Errorf("sth: DecodeString: %v", err) + } + var item types.StItem + if err = types.Unmarshal(serialized, &item); err != nil { + return nil, nil, fmt.Errorf("sth: Unmarshal: %v", err) + } else if got, want := item.Format, types.StFormatSignedTreeHeadV1; got != want { + return nil, nil, fmt.Errorf("unexpected StItem format: %v", got) + } + leafHash, err := base64.StdEncoding.DecodeString(*leafHashStr) + if err != nil { + return nil, nil, fmt.Errorf("leaf_hash: DecodeString: %v", err) + } else if got, want := len(leafHash), 32; got != want { + return nil, nil, fmt.Errorf("leaf_hash: unexpected size: %v", got) + } + glog.V(3).Infof("created request parameters TreeSize(%d) and LeafHash(%s)", item.SignedTreeHeadV1.TreeHead.TreeSize, *leafHashStr) + return leafHash, &item, nil +} -- cgit v1.2.3