From dda238b9fc105219f220f0ec3b341b0c81b71301 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Mon, 20 Dec 2021 19:53:54 +0100 Subject: types: Start using sigsum-lib-go This commit does not change the way in which the log behaves externally. In other words, all changes are internal and involves renaming and code restructuring. Most notably picking up the refactored sigsum-lib-go. --- cmd/sigsum_log_go/main.go | 24 ++++++++++++------------ cmd/tmp/cosign/main.go | 43 +++++++++++++++++++++++-------------------- cmd/tmp/dns/main.go | 8 ++++---- cmd/tmp/keygen/main.go | 4 ++-- cmd/tmp/submit/main.go | 12 ++++++------ 5 files changed, 47 insertions(+), 44 deletions(-) (limited to 'cmd') diff --git a/cmd/sigsum_log_go/main.go b/cmd/sigsum_log_go/main.go index 0c1035b..acda9d6 100644 --- a/cmd/sigsum_log_go/main.go +++ b/cmd/sigsum_log_go/main.go @@ -21,11 +21,11 @@ import ( "github.com/prometheus/client_golang/prometheus/promhttp" "google.golang.org/grpc" - sigsum "git.sigsum.org/sigsum-log-go/pkg/instance" - "git.sigsum.org/sigsum-log-go/pkg/state" - trillianWrapper "git.sigsum.org/sigsum-log-go/pkg/trillian" - "git.sigsum.org/sigsum-log-go/pkg/types" + "git.sigsum.org/sigsum-lib-go/pkg/types" + "git.sigsum.org/sigsum-log-go/pkg/db" "git.sigsum.org/sigsum-log-go/pkg/dns" + "git.sigsum.org/sigsum-log-go/pkg/instance" + "git.sigsum.org/sigsum-log-go/pkg/state" ) var ( @@ -90,8 +90,8 @@ func main() { } // SetupInstance sets up a new sigsum-log-go instance from flags -func setupInstanceFromFlags() (*sigsum.Instance, error) { - var i sigsum.Instance +func setupInstanceFromFlags() (*instance.Instance, error) { + var i instance.Instance var err error // Setup log configuration @@ -119,7 +119,7 @@ func setupInstanceFromFlags() (*sigsum.Instance, error) { if err != nil { return nil, fmt.Errorf("Dial: %v", err) } - i.Client = &trillianWrapper.TrillianClient{ + i.Client = &db.TrillianClient{ TreeID: i.TreeID, GRPC: trillian.NewTrillianLogClient(conn), } @@ -157,8 +157,8 @@ func newLogIdentity(key string) (crypto.Signer, string, error) { } // newWitnessMap creates a new map of trusted witnesses -func newWitnessMap(witnesses string) (map[[types.HashSize]byte][types.VerificationKeySize]byte, error) { - w := make(map[[types.HashSize]byte][types.VerificationKeySize]byte) +func newWitnessMap(witnesses string) (map[types.Hash]types.PublicKey, error) { + w := make(map[types.Hash]types.PublicKey) if len(witnesses) > 0 { for _, witness := range strings.Split(witnesses, ",") { b, err := hex.DecodeString(witness) @@ -166,11 +166,11 @@ func newWitnessMap(witnesses string) (map[[types.HashSize]byte][types.Verificati return nil, fmt.Errorf("DecodeString: %v", err) } - var vk [types.VerificationKeySize]byte - if n := copy(vk[:], b); n != types.VerificationKeySize { + var vk types.PublicKey + if n := copy(vk[:], b); n != types.PublicKeySize { return nil, fmt.Errorf("Invalid verification key size: %v", n) } - w[*types.Hash(vk[:])] = vk + w[*types.HashFn(vk[:])] = vk } } return w, nil diff --git a/cmd/tmp/cosign/main.go b/cmd/tmp/cosign/main.go index cb39355..122241f 100644 --- a/cmd/tmp/cosign/main.go +++ b/cmd/tmp/cosign/main.go @@ -3,17 +3,18 @@ package main import ( "bytes" "crypto/ed25519" - "encoding/hex" "flag" "fmt" "log" "net/http" - "git.sigsum.org/sigsum-log-go/pkg/types" + "git.sigsum.org/sigsum-lib-go/pkg/hex" + "git.sigsum.org/sigsum-lib-go/pkg/requests" + "git.sigsum.org/sigsum-lib-go/pkg/types" ) var ( - url = flag.String("url", "http://localhost:6965/sigsum/v0", "base url") + url = flag.String("url", "http://localhost:6965/testonly/sigsum/v0", "base url") sk = flag.String("sk", "e1d7c494dacb0ddf809a17e4528b01f584af22e3766fa740ec52a1711c59500d711090dd2286040b50961b0fe09f58aa665ccee5cb7ee042d819f18f6ab5046b", "witness secret key (hex)") log_vk = flag.String("log_vk", "cc0e7294a9d002c33aaa828efba6622ab1ce8ebdb8a795902555c2813133cfe8", "log public key (hex)") ) @@ -21,14 +22,14 @@ var ( func main() { flag.Parse() - log_vk, err := hex.DecodeString(*log_vk) + log_vk, err := hex.Deserialize(*log_vk) if err != nil { - log.Fatalf("DecodeString: %v", err) + log.Fatalf("Deserialize: %v", err) } - priv, err := hex.DecodeString(*sk) + priv, err := hex.Deserialize(*sk) if err != nil { - log.Fatalf("DecodeString: %v", err) + log.Fatal(err) } sk := ed25519.PrivateKey(priv) vk := sk.Public().(ed25519.PublicKey) @@ -36,30 +37,32 @@ func main() { rsp, err := http.Get(*url + "/get-tree-head-to-sign") if err != nil { - log.Fatalf("Get: %v", err) + log.Fatal(err) } var sth types.SignedTreeHead - if err := sth.UnmarshalASCII(rsp.Body); err != nil { - log.Fatalf("UnmarshalASCII: %v", err) + if err := sth.FromASCII(rsp.Body); err != nil { + log.Fatal(err) } - sth.TreeHead.KeyHash = types.Hash(log_vk) fmt.Printf("%+v\n\n", sth) - msg := sth.TreeHead.Marshal() - sig := ed25519.Sign(sk, msg) - sigident := &types.SigIdent{ - KeyHash: types.Hash(vk[:]), - Signature: &[types.SignatureSize]byte{}, + namespace := types.HashFn(log_vk) + witSTH, err := sth.TreeHead.Sign(sk, namespace) + if err != nil { + log.Fatal(err) } - copy(sigident.Signature[:], sig) + req := requests.Cosignature{ + KeyHash: *types.HashFn(vk[:]), + Cosignature: witSTH.Signature, + } buf := bytes.NewBuffer(nil) - if err := sigident.MarshalASCII(buf); err != nil { - log.Fatalf("MarshalASCII: %v", err) + if err := req.ToASCII(buf); err != nil { + log.Fatal(err) } + rsp, err = http.Post(*url+"/add-cosignature", "type/sigsum", buf) if err != nil { - log.Fatalf("Post: %v", err) + log.Fatal(err) } fmt.Printf("Status: %v\n", rsp.StatusCode) } diff --git a/cmd/tmp/dns/main.go b/cmd/tmp/dns/main.go index b493f15..5f4e5bf 100644 --- a/cmd/tmp/dns/main.go +++ b/cmd/tmp/dns/main.go @@ -2,13 +2,13 @@ package main import ( "context" - "encoding/hex" "flag" "fmt" "log" + "git.sigsum.org/sigsum-lib-go/pkg/hex" + "git.sigsum.org/sigsum-lib-go/pkg/types" "git.sigsum.org/sigsum-log-go/pkg/dns" - "git.sigsum.org/sigsum-log-go/pkg/types" ) var ( @@ -19,7 +19,7 @@ var ( func main() { flag.Parse() - var key [types.VerificationKeySize]byte + var key types.PublicKey mustDecodeHex(*vk, key[:]) vf := dns.NewDefaultResolver() @@ -31,7 +31,7 @@ func main() { } func mustDecodeHex(s string, buf []byte) { - b, err := hex.DecodeString(s) + b, err := hex.Deserialize(s) if err != nil { log.Fatal(err) } diff --git a/cmd/tmp/keygen/main.go b/cmd/tmp/keygen/main.go index c5f60fd..c381022 100644 --- a/cmd/tmp/keygen/main.go +++ b/cmd/tmp/keygen/main.go @@ -6,7 +6,7 @@ import ( "fmt" "log" - "git.sigsum.org/sigsum-log-go/pkg/types" + "git.sigsum.org/sigsum-lib-go/pkg/types" ) func main() { @@ -16,5 +16,5 @@ func main() { } fmt.Printf("sk: %x\n", sk[:]) fmt.Printf("vk: %x\n", vk[:]) - fmt.Printf("kh: %x\n", types.Hash(vk[:])[:]) + fmt.Printf("kh: %x\n", types.HashFn(vk[:])[:]) } diff --git a/cmd/tmp/submit/main.go b/cmd/tmp/submit/main.go index 2b8050c..f29b168 100644 --- a/cmd/tmp/submit/main.go +++ b/cmd/tmp/submit/main.go @@ -10,7 +10,7 @@ import ( "fmt" "log" - "git.sigsum.org/sigsum-log-go/pkg/types" + "git.sigsum.org/sigsum-lib-go/pkg/types" ) var ( @@ -18,7 +18,7 @@ var ( checksum = flag.String("checksum", "", "checksum (hex)") sk = flag.String("sk", "", "secret key (hex)") domainHint = flag.String("domain_hint", "example.com", "domain hint (string)") - base_url = flag.String("base_url", "localhost:6965", "base url (string)") + base_url = flag.String("base_url", "localhost:6965/testonly", "base url (string)") ) func main() { @@ -28,18 +28,18 @@ func main() { var priv ed25519.PrivateKey = ed25519.PrivateKey(privBuf[:]) mustDecodeHex(*sk, priv[:]) - var c [types.HashSize]byte + var c types.Hash if *checksum != "" { mustDecodeHex(*checksum, c[:]) } else { mustPutRandom(c[:]) } - msg := types.Message{ + msg := types.Statement{ ShardHint: *shardHint, - Checksum: &c, + Checksum: c, } - sig := ed25519.Sign(priv, msg.Marshal()) + sig := ed25519.Sign(priv, msg.ToBinary()) fmt.Printf("echo \"shard_hint=%d\nchecksum=%x\nsignature=%x\nverification_key=%x\ndomain_hint=%s\" | curl --data-binary @- %s/sigsum/v0/add-leaf\n", msg.ShardHint, -- cgit v1.2.3