From c003c2fc189748f082c09a2b4a729eb1c5732668 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Tue, 24 May 2022 23:33:38 +0200 Subject: wip --- pkg/instance/instance.go | 44 ++++++++++++++----- pkg/state/single.go | 60 ++++++++++++++++++++++++-- pkg/state/single_sec.go | 108 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 197 insertions(+), 15 deletions(-) create mode 100644 pkg/state/single_sec.go (limited to 'pkg') diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go index f4c0089..78b5d81 100644 --- a/pkg/instance/instance.go +++ b/pkg/instance/instance.go @@ -35,22 +35,44 @@ type Instance struct { Signer crypto.Signer // provides access to Ed25519 private key Stateman state.StateManager // coordinates access to (co)signed tree heads DNS dns.Verifier // checks if domain name knows a public key + Role Role + Peer ServiceEndpoint +} + +type Role int64 +const ( + Primary Role = iota + Secondary +) + +type ServiceEndpoint struct { + URL string + Pubkey types.PublicKey } -// Handlers returns a list of sigsum handlers func (i *Instance) Handlers() []Handler { - return []Handler{ - Handler{Instance: i, Handler: addLeaf, Endpoint: types.EndpointAddLeaf, Method: http.MethodPost}, - Handler{Instance: i, Handler: addCosignature, Endpoint: types.EndpointAddCosignature, Method: http.MethodPost}, - Handler{Instance: i, Handler: getTreeHeadToCosign, Endpoint: types.EndpointGetTreeHeadToCosign, Method: http.MethodGet}, - Handler{Instance: i, Handler: getTreeHeadCosigned, Endpoint: types.EndpointGetTreeHeadCosigned, Method: http.MethodGet}, - Handler{Instance: i, Handler: getCheckpoint, Endpoint: types.Endpoint("get-checkpoint"), Method: http.MethodGet}, - Handler{Instance: i, Handler: getConsistencyProof, Endpoint: types.EndpointGetConsistencyProof, Method: http.MethodGet}, - Handler{Instance: i, Handler: getInclusionProof, Endpoint: types.EndpointGetInclusionProof, Method: http.MethodGet}, - Handler{Instance: i, Handler: getLeaves, Endpoint: types.EndpointGetLeaves, Method: http.MethodGet}, + switch i.Role { + case Primary: + return []Handler{ + Handler{Instance: i, Handler: addLeaf, Endpoint: types.EndpointAddLeaf, Method: http.MethodPost}, + Handler{Instance: i, Handler: addCosignature, Endpoint: types.EndpointAddCosignature, Method: http.MethodPost}, + Handler{Instance: i, Handler: getTreeHeadToCosign, Endpoint: types.EndpointGetTreeHeadToCosign, Method: http.MethodGet}, // ToSign -> ToCoSign + Handler{Instance: i, Handler: getTreeHeadCosigned, Endpoint: types.EndpointGetTreeHeadCosigned, Method: http.MethodGet}, + Handler{Instance: i, Handler: getCheckpoint, Endpoint: types.Endpoint("get-checkpoint"), Method: http.MethodGet}, + Handler{Instance: i, Handler: getConsistencyProof, Endpoint: types.EndpointGetConsistencyProof, Method: http.MethodGet}, + Handler{Instance: i, Handler: getInclusionProof, Endpoint: types.EndpointGetInclusionProof, Method: http.MethodGet}, + Handler{Instance: i, Handler: getLeaves, Endpoint: types.EndpointGetLeaves, Method: http.MethodGet}, + } + case Secondary: + return []Handler{ + Handler{Instance: i, Handler: getTreeHeadToCosign, Endpoint: types.EndpointGetSecondaryTreeHead, Method: http.MethodGet}, + } + default: + return []Handler{} } } + // checkHTTPMethod checks if an HTTP method is supported func (i *Instance) checkHTTPMethod(m string) bool { return m == http.MethodGet || m == http.MethodPost @@ -95,7 +117,7 @@ func (i *Instance) cosignatureRequestFromHTTP(r *http.Request) (*requests.Cosign func (i *Instance) consistencyProofRequestFromHTTP(r *http.Request) (*requests.ConsistencyProof, error) { var req requests.ConsistencyProof if err := req.FromURL(r.URL.Path); err != nil { - return nil, fmt.Errorf("FromASCII: %v", err) + return nil, fmt.Errorf("FromURL: %v", err) } if req.OldSize < 1 { return nil, fmt.Errorf("OldSize(%d) must be larger than zero", req.OldSize) diff --git a/pkg/state/single.go b/pkg/state/single.go index 695f0e3..2e44fee 100644 --- a/pkg/state/single.go +++ b/pkg/state/single.go @@ -8,18 +8,21 @@ import ( "sync" "time" + "git.sigsum.org/log-go/pkg/client" "git.sigsum.org/log-go/pkg/db" "git.sigsum.org/sigsum-go/pkg/log" + //"git.sigsum.org/sigsum-go/pkg/requests" "git.sigsum.org/sigsum-go/pkg/types" ) -// StateManagerSingle implements a single-instance StateManager +// StateManagerSingle implements a single-instance StateManager for primary nodes type StateManagerSingle struct { client db.Client signer crypto.Signer namespace types.Hash interval time.Duration deadline time.Duration + secondary *client.Client // Lock-protected access to pointers. A write lock is only obtained once // per interval when doing pointer rotation. All endpoints are readers. @@ -32,13 +35,14 @@ type StateManagerSingle struct { cosignatures map[types.Hash]*types.Signature } -func NewStateManagerSingle(client db.Client, signer crypto.Signer, interval, deadline time.Duration) (*StateManagerSingle, error) { +func NewStateManagerSingle(dbcli db.Client, signer crypto.Signer, interval, deadline time.Duration, securl string, secpk types.PublicKey) (*StateManagerSingle, error) { sm := &StateManagerSingle{ - client: client, + client: dbcli, signer: signer, namespace: *types.HashFn(signer.Public().(ed25519.PublicKey)), interval: interval, deadline: deadline, + secondary: client.NewClient(securl, secpk), } sth, err := sm.latestSTH(context.Background()) sm.setCosignedTreeHead() @@ -157,9 +161,57 @@ func (sm *StateManagerSingle) latestSTH(ctx context.Context) (*types.SignedTreeH if err != nil { return nil, fmt.Errorf("failed fetching tree head: %v", err) } - sth, err := th.Sign(sm.signer, &sm.namespace) + + //pth, err := choseTree(ctx, sm.deadline, sm.secondary, th) + pth, err := th, nil // DEBUG + if err != nil { + return nil, fmt.Errorf("failed chosing tree head: %v", err) + } + + sth, err := pth.Sign(sm.signer, &sm.namespace) if err != nil { return nil, fmt.Errorf("failed signing tree head: %v", err) } + return sth, nil } + +func choseTree(ctx context.Context, deadline time.Duration, secondary *client.Client, th *types.TreeHead) (*types.TreeHead, error) { + // TODO: handle multiple secondaries and not just one + + if !secondary.Configured { + return th, nil + } + + sctx, cancel := context.WithTimeout(ctx, deadline) // FIXME: use a separate timeout value for secondaries? + defer cancel() + secsth, err := secondary.GetCurrentTreeHead(sctx) + if err != nil { + return nil, fmt.Errorf("failed getting the latest tree head from all secondaries: %v", err) + } + + if secsth.TreeSize < th.TreeSize { + // We're stuck at secsth.size so let's verify + // consistency since secsth and sign that + + // TODO: get and verify consinstency proof + + // req := &requests.ConsistencyProof{ + // OldSize: secsth.TreeSize, + // NewSize: th.TreeSize, + // } + + // proof, err := sm.client.GetConsistencyProof(ctx, req) + // if err != nil { + // return nil, fmt.Errorf("unable to get consistency proof from %d to %d: %v", req.OldSize, req.NewSize, err) + // } + + // if !proof.Verify() { + // return nil, fmt.Errorf("invalid consistency proof from %d to %d", req.OldSize, req.NewSize) + // } + + th = &secsth.TreeHead // FIXME: need to copy? + } + + return th, nil +} diff --git a/pkg/state/single_sec.go b/pkg/state/single_sec.go new file mode 100644 index 0000000..9c69fa8 --- /dev/null +++ b/pkg/state/single_sec.go @@ -0,0 +1,108 @@ +package state + +import ( + "context" + "crypto" + "crypto/ed25519" + "fmt" + "sync" + "time" + + "git.sigsum.org/log-go/pkg/client" + "git.sigsum.org/log-go/pkg/db" + "git.sigsum.org/sigsum-go/pkg/log" + //"git.sigsum.org/sigsum-go/pkg/requests" + "git.sigsum.org/sigsum-go/pkg/types" +) + +// StateManagerSingleSecondary implements a single-instance StateManager for secondary nodes +type StateManagerSingleSecondary struct { + client db.Client + signer crypto.Signer + namespace types.Hash + interval time.Duration + deadline time.Duration + primary *client.Client + + // Lock-protected access to pointers. A write lock is only obtained once + // per interval when doing pointer rotation. All endpoints are readers. + sync.RWMutex + signedTreeHead *types.SignedTreeHead +} + +func NewStateManagerSingleSecondary(dbcli db.Client, signer crypto.Signer, interval, deadline time.Duration, primurl string, primpk types.PublicKey) (*StateManagerSingleSecondary, error) { + sm := &StateManagerSingleSecondary{ + client: dbcli, + signer: signer, + namespace: *types.HashFn(signer.Public().(ed25519.PublicKey)), + interval: interval, + deadline: deadline, + primary: client.NewClient(primurl, primpk), + } + sth, err := sm.latestSTH(context.Background()) + sm.setSignedTreeHead(sth) + return sm, err +} + +func (sm *StateManagerSingleSecondary) Run(ctx context.Context) { + rotation := func() { + nextSTH, err := sm.latestSTH(ctx) + if err != nil { + log.Warning("cannot rotate without tree head: %v", err) + return + } + sm.rotate(nextSTH) + } + + ticker := time.NewTicker(sm.interval) + defer ticker.Stop() + + // TODO: fetch leaves from primary + + rotation() + for { + select { + case <-ticker.C: + rotation() + case <-ctx.Done(): + return + } + } +} + +func (sm *StateManagerSingleSecondary) AddCosignature(ctx context.Context, pub *types.PublicKey, sig *types.Signature) error { + return fmt.Errorf("internal error: AddCosignature() called in secondary node") +} +func (sm *StateManagerSingleSecondary) CosignedTreeHead(_ context.Context) (*types.CosignedTreeHead, error) { + return nil, fmt.Errorf("internal error: AddCosignature() called in secondary node") +} +func (sm *StateManagerSingleSecondary) ToCosignTreeHead(_ context.Context) (*types.SignedTreeHead, error) { + return nil, fmt.Errorf("internal error: AddCosignature() called in secondary node") +} + +func (sm *StateManagerSingleSecondary) setSignedTreeHead(nextSTH *types.SignedTreeHead) { + sm.signedTreeHead = nextSTH +} + +func (sm *StateManagerSingleSecondary) latestSTH(ctx context.Context) (*types.SignedTreeHead, error) { + ictx, cancel := context.WithTimeout(ctx, sm.deadline) + defer cancel() + + th, err := sm.client.GetTreeHead(ictx) + if err != nil { + return nil, fmt.Errorf("failed fetching tree head: %v", err) + } + sth, err := th.Sign(sm.signer, &sm.namespace) + if err != nil { + return nil, fmt.Errorf("failed signing tree head: %v", err) + } + return sth, nil +} + +func (sm *StateManagerSingleSecondary) rotate(nextSTH *types.SignedTreeHead) { + sm.Lock() + defer sm.Unlock() + + log.Debug("rotating tree heads") + sm.setSignedTreeHead(nextSTH) +} -- cgit v1.2.3