1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
package stfe
import (
"crypto"
"crypto/ed25519"
"fmt"
"time"
"github.com/system-transparency/stfe/types"
)
// LogParameters is a collection of log parameters
type LogParameters struct {
LogId string // serialized log id (hex)
TreeId int64 // used internally by Trillian
Prefix string // e.g., "test" for <base>/test
MaxRange int64 // max entries per get-entries request
Deadline time.Duration // gRPC deadline
Interval time.Duration // cosigning sth frequency
HashType crypto.Hash // hash function used by Trillian
Signer crypto.Signer // access to Ed25519 private key
// Witnesses map trusted witness identifiers to public verification keys
Witnesses map[[types.HashSize]byte][types.VerificationKeySize]byte
}
// Sign signs a tree head
func (lp *LogParameters) Sign(th *types.TreeHead) (*types.SignedTreeHead, error) {
sig, err := lp.Signer.Sign(nil, th.Marshal(), crypto.Hash(0))
if err != nil {
return nil, fmt.Errorf("Sign failed: %v", err)
}
lastSthTimestamp.Set(float64(time.Now().Unix()), lp.LogId)
lastSthSize.Set(float64(th.TreeSize), lp.LogId)
sigident := types.SigIdent{
KeyHash: types.Hash(lp.Signer.Public().(ed25519.PublicKey)[:]),
Signature: &[types.SignatureSize]byte{},
}
copy(sigident.Signature[:], sig)
return &types.SignedTreeHead{
TreeHead: *th,
SigIdent: []*types.SigIdent{
&sigident,
},
}, nil
}
|
