diff options
Diffstat (limited to 'pkg/policy')
-rw-r--r-- | pkg/policy/default.go | 66 | ||||
-rw-r--r-- | pkg/policy/policy.go | 32 |
2 files changed, 98 insertions, 0 deletions
diff --git a/pkg/policy/default.go b/pkg/policy/default.go new file mode 100644 index 0000000..6f35fa4 --- /dev/null +++ b/pkg/policy/default.go @@ -0,0 +1,66 @@ +package policy + +import ( + "fmt" + + "git.sigsum.org/sigsum-lib-go/pkg/types" +) + +type DefaultPolicy struct{} + +// Verify checks if the cosigned tree head satisifies the policy "one log and +// a majority of witnesses". Any unverifiable cosignatures are removed. +func (dp *DefaultPolicy) Verify(*types.CosignedTreeHead) error { + return fmt.Errorf("TODO") +} + +func (dp *DefaultPolicy) Logs() []Log { + return []Log{ + Log{ + Name: "Test log operated by ln5", + LogURL: "https://poc.sigsum.org/glasswing-butterfly/sigsum/v0", + PublicKey: types.PublicKey{ + 74, 179, 210, 181, + 30, 71, 220, 157, + 228, 204, 228, 189, + 235, 169, 224, 134, + 34, 233, 58, 47, + 127, 137, 180, 203, + 119, 25, 127, 198, + 176, 4, 77, 231, + }, + ShardStart: 1639579652, + TrustUntil: 1648771200, // Apr 1 2022 + }, + } +} + +func (dp *DefaultPolicy) Witnesses() []Witness { + return []Witness{ + Witness{ + Name: "Test witness operated by rgdd", + PublicKey: types.PublicKey{ + 129, 45, 190, 240, + 21, 107, 7, 158, + 45, 4, 135, 71, + 178, 24, 156, 191, + 166, 79, 150, 226, + 32, 74, 23, 203, + 35, 203, 82, 128, + 128, 135, 21, 3, + }, + TrustUntil: 1648771200, // Apr 1 2022 + }, + } +} + +// ShardHint returns the smallest shard hint that all logs accept +func (dp *DefaultPolicy) ShardHint() uint64 { + var shardHint uint64 + for _, l := range dp.Logs() { + if l.ShardStart > shardHint { + shardHint = l.ShardStart + } + } + return shardHint +} diff --git a/pkg/policy/policy.go b/pkg/policy/policy.go new file mode 100644 index 0000000..b4fe920 --- /dev/null +++ b/pkg/policy/policy.go @@ -0,0 +1,32 @@ +package policy + +import ( + "git.sigsum.org/sigsum-lib-go/pkg/types" +) + +type Policy interface { + // Logs returns the list of known logs. It is needed so that an + // appropriate log can be picked when submitting a signed checksum. + Logs() []Log + + // ShardHint returns a recommended shard hint. + ShardHint() uint64 + + // Verify checks if a cosigned tree head is trustworthy. On success, + // any invalid or unknown cosignatures may be removed. + Verify(*types.CosignedTreeHead) error +} + +type Log struct { + Name string + LogURL string + PublicKey types.PublicKey + ShardStart uint64 + TrustUntil uint64 +} + +type Witness struct { + Name string + PublicKey types.PublicKey + TrustUntil uint64 +} |