From 238518951868db81cd3a004e5c3f0b99f8e82b06 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Wed, 17 Feb 2021 19:58:27 +0100 Subject: added basic server-side cosigning (work in progress) --- instance.go | 37 +++++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 14 deletions(-) (limited to 'instance.go') diff --git a/instance.go b/instance.go index 3ca14b8..a67307f 100644 --- a/instance.go +++ b/instance.go @@ -14,9 +14,9 @@ import ( // Instance is an instance of a particular log front-end type Instance struct { - LogParameters *LogParameters Client trillian.TrillianLogClient - Deadline time.Duration + SthSource SthSource + LogParameters *LogParameters } // LogParameters is a collection of log parameters @@ -25,9 +25,12 @@ type LogParameters struct { TreeId int64 // used internally by Trillian Prefix string // e.g., "test" for /test MaxRange int64 // max entries per get-entries request - Namespaces *namespace.NamespacePool // trust namespaces - Signer crypto.Signer - HashType crypto.Hash // hash function used by Trillian + Submitters *namespace.NamespacePool // trusted submitters + Witnesses *namespace.NamespacePool // trusted witnesses + Deadline time.Duration // gRPC deadline + Interval time.Duration // cosigning sth frequency + Signer crypto.Signer // interface to access private key + HashType crypto.Hash // hash function used by Trillian } // Endpoint is a named HTTP API endpoint @@ -35,19 +38,22 @@ type Endpoint string const ( EndpointAddEntry = Endpoint("add-entry") + EndpointAddCosi = Endpoint("add-cosi") // TODO: name? EndpointGetEntries = Endpoint("get-entries") EndpointGetAnchors = Endpoint("get-anchors") EndpointGetProofByHash = Endpoint("get-proof-by-hash") EndpointGetConsistencyProof = Endpoint("get-consistency-proof") EndpointGetSth = Endpoint("get-sth") + EndpointGetStableSth = Endpoint("get-stable-sth") // TODO: name? + EndpointGetCosi = Endpoint("get-cosi") // TODO: name? ) func (i Instance) String() string { - return fmt.Sprintf("%s Deadline(%v)\n", i.LogParameters, i.Deadline) + return fmt.Sprintf("%s\n", i.LogParameters) } func (lp LogParameters) String() string { - return fmt.Sprintf("LogId(%s) TreeId(%d) Prefix(%s) MaxRange(%d) Namespaces(%d)", lp.id(), lp.TreeId, lp.Prefix, lp.MaxRange, len(lp.Namespaces.List())) + return fmt.Sprintf("LogId(%s) TreeId(%d) Prefix(%s) MaxRange(%d) Submitters(%d) Witnesses(%d) Deadline(%v) Interval(%v)", lp.id(), lp.TreeId, lp.Prefix, lp.MaxRange, len(lp.Submitters.List()), len(lp.Witnesses.List()), lp.Deadline, lp.Interval) } func (e Endpoint) String() string { @@ -55,26 +61,23 @@ func (e Endpoint) String() string { } // NewInstance creates a new STFE instance -func NewInstance(lp *LogParameters, client trillian.TrillianLogClient, deadline time.Duration) *Instance { +func NewInstance(lp *LogParameters, client trillian.TrillianLogClient, source SthSource) *Instance { return &Instance{ LogParameters: lp, Client: client, - Deadline: deadline, + SthSource: source, } } // NewLogParameters creates new log parameters. Note that the signer is // assumed to be an ed25519 signing key. Could be fixed at some point. -func NewLogParameters(signer crypto.Signer, logId *namespace.Namespace, treeId int64, prefix string, namespaces *namespace.NamespacePool, maxRange int64) (*LogParameters, error) { +func NewLogParameters(signer crypto.Signer, logId *namespace.Namespace, treeId int64, prefix string, submitters, witnesses *namespace.NamespacePool, maxRange int64, interval, deadline time.Duration) (*LogParameters, error) { if signer == nil { return nil, fmt.Errorf("need a signer but got none") } if maxRange < 1 { return nil, fmt.Errorf("max range must be at least one") } - if len(namespaces.List()) < 1 { - return nil, fmt.Errorf("need at least one trusted namespace") - } lid, err := logId.Marshal() if err != nil { return nil, fmt.Errorf("failed encoding log identifier: %v", err) @@ -84,7 +87,10 @@ func NewLogParameters(signer crypto.Signer, logId *namespace.Namespace, treeId i TreeId: treeId, Prefix: prefix, MaxRange: maxRange, - Namespaces: namespaces, + Submitters: submitters, + Witnesses: witnesses, + Deadline: deadline, + Interval: interval, Signer: signer, HashType: crypto.SHA256, // STFE assumes RFC 6962 hashing }, nil @@ -94,11 +100,14 @@ func NewLogParameters(signer crypto.Signer, logId *namespace.Namespace, treeId i func (i *Instance) Handlers() []Handler { return []Handler{ Handler{instance: i, handler: addEntry, endpoint: EndpointAddEntry, method: http.MethodPost}, + Handler{instance: i, handler: addCosi, endpoint: EndpointAddCosi, method: http.MethodPost}, Handler{instance: i, handler: getEntries, endpoint: EndpointGetEntries, method: http.MethodGet}, Handler{instance: i, handler: getAnchors, endpoint: EndpointGetAnchors, method: http.MethodGet}, Handler{instance: i, handler: getProofByHash, endpoint: EndpointGetProofByHash, method: http.MethodGet}, Handler{instance: i, handler: getConsistencyProof, endpoint: EndpointGetConsistencyProof, method: http.MethodGet}, Handler{instance: i, handler: getSth, endpoint: EndpointGetSth, method: http.MethodGet}, + Handler{instance: i, handler: getStableSth, endpoint: EndpointGetStableSth, method: http.MethodGet}, + Handler{instance: i, handler: getCosi, endpoint: EndpointGetCosi, method: http.MethodGet}, } } -- cgit v1.2.3