aboutsummaryrefslogtreecommitdiff
path: root/log_parameters.go
blob: 9c23fa61581958b4a52cfef8b94acdc22122ad77 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package stfe

import (
	"crypto"
	"fmt"
	"time"

	"crypto/rand"

	"github.com/system-transparency/stfe/types"
)

// LogParameters is a collection of log parameters
type LogParameters struct {
	LogId           *types.Namespace     // log identifier
	LogIdBytes      []byte               // serialized log id
	LogIdStr        string               // serialized log id (hex)
	TreeId          int64                // used internally by Trillian
	Prefix          string               // e.g., "test" for <base>/test
	MaxRange        int64                // max entries per get-entries request
	SubmitterPolicy bool                 // if we have a submitter policy (true means that namespaces must be registered)
	WitnessPolicy   bool                 // if we have a witness policy (true means that namespaces must be registered)
	Submitters      *types.NamespacePool // trusted submitters
	Witnesses       *types.NamespacePool // trusted witnesses
	Deadline        time.Duration        // gRPC deadline
	Interval        time.Duration        // cosigning sth frequency
	HashType        crypto.Hash          // hash function used by Trillian
	Signer          crypto.Signer        // access to Ed25519 private key
}

// NewLogParameters creates newly initialized log parameters
func NewLogParameters(signer crypto.Signer, logId *types.Namespace, treeId int64, prefix string, submitters, witnesses *types.NamespacePool, maxRange int64, interval, deadline time.Duration, submitterPolicy, witnessPolicy bool) (*LogParameters, error) {
	logIdBytes, err := types.Marshal(*logId)
	if err != nil {
		return nil, fmt.Errorf("Marshal failed for log identifier: %v", err)
	}
	return &LogParameters{
		LogId:           logId,
		LogIdBytes:      logIdBytes,
		LogIdStr:        fmt.Sprintf("%x", logIdBytes),
		TreeId:          treeId,
		Prefix:          prefix,
		MaxRange:        maxRange,
		SubmitterPolicy: submitterPolicy,
		WitnessPolicy:   witnessPolicy,
		Submitters:      submitters,
		Witnesses:       witnesses,
		Deadline:        deadline,
		Interval:        interval,
		HashType:        crypto.SHA256,
		Signer:          signer,
	}, nil
}

// SignTreeHeadV1 signs a TreeHeadV1 structure
func (lp *LogParameters) SignTreeHeadV1(th *types.TreeHeadV1) (*types.StItem, error) {
	serialized, err := types.Marshal(*th)
	if err != nil {
		return nil, fmt.Errorf("Marshal failed for TreeHeadV1: %v", err)
	}
	sig, err := lp.Signer.Sign(rand.Reader, serialized, crypto.Hash(0))
	if err != nil {
		return nil, fmt.Errorf("Sign failed: %v", err)
	}
	lastSthTimestamp.Set(float64(time.Now().Unix()), lp.LogIdStr)
	lastSthSize.Set(float64(th.TreeSize), lp.LogIdStr)
	return &types.StItem{
		Format: types.StFormatSignedTreeHeadV1,
		SignedTreeHeadV1: &types.SignedTreeHeadV1{
			TreeHead: *th,
			Signature: types.SignatureV1{
				Namespace: *lp.LogId,
				Signature: sig,
			},
		},
	}, nil
}