package client

import "github.com/google/trillian/client"

Package client verifies responses from the Trillian log.

Index

Functions

func CreateAndInitTree 

func CreateAndInitTree(
	ctx context.Context,
	req *trillian.CreateTreeRequest,
	adminClient trillian.TrillianAdminClient,
	mapClient trillian.TrillianMapClient,
	logClient trillian.TrillianLogClient) (*trillian.Tree, error)

CreateAndInitTree uses the adminClient and logClient/mapClient to create the tree described by req. If req describes a MAP tree, then this function will also call the InitMap function using mapClient. If req describes a LOG tree, then this function will also call the InitLog function using logClient. Internally, the function will continue to retry failed requests until either the tree is created (and if necessary, initialised) successfully, or ctx is cancelled.

func InitLog 

func InitLog(ctx context.Context, tree *trillian.Tree, logClient trillian.TrillianLogClient) error

InitLog initialises a freshly created Log tree.

func InitMap 

func InitMap(ctx context.Context, tree *trillian.Tree, mapClient trillian.TrillianMapClient) error

InitMap initialises a freshly created Map tree.

Types

type LogClient 

type LogClient struct {
	*LogVerifier
	LogID         int64
	MinMergeDelay time.Duration
	// contains filtered or unexported fields
}

LogClient represents a client for a given Trillian log instance.

func New 

func New(logID int64, client trillian.TrillianLogClient, verifier *LogVerifier, root types.LogRootV1) *LogClient

New returns a new LogClient.

func NewFromTree 

func NewFromTree(client trillian.TrillianLogClient, config *trillian.Tree, root types.LogRootV1) (*LogClient, error)

NewFromTree creates a new LogClient given a tree config.

func (*LogClient) AddLeaf 

func (c *LogClient) AddLeaf(ctx context.Context, data []byte) error

AddLeaf adds leaf to the append only log. Blocks and continuously updates the trusted root until a successful inclusion proof can be retrieved.

func (*LogClient) AddSequencedLeaf 

func (c *LogClient) AddSequencedLeaf(ctx context.Context, data []byte, index int64) error

AddSequencedLeaf adds a leaf at a particular index.

func (*LogClient) AddSequencedLeafAndWait 

func (c *LogClient) AddSequencedLeafAndWait(ctx context.Context, data []byte, index int64) error

AddSequencedLeafAndWait adds a leaf at a specific index to the log. Blocks and continuously updates the trusted root until it has been included in a signed log root.

func (*LogClient) AddSequencedLeaves 

func (c *LogClient) AddSequencedLeaves(ctx context.Context, dataByIndex map[int64][]byte) error

AddSequencedLeaves adds any number of pre-sequenced leaves to the log. Indexes must be contiguous.

func (*LogClient) GetAndVerifyInclusionAtIndex 

func (c *LogClient) GetAndVerifyInclusionAtIndex(ctx context.Context, data []byte, index int64, sth *types.LogRootV1) error

GetAndVerifyInclusionAtIndex ensures that the given leaf data has been included in the log at a particular index.

func (*LogClient) GetByIndex 

func (c *LogClient) GetByIndex(ctx context.Context, index int64) (*trillian.LogLeaf, error)

GetByIndex returns a single leaf at the requested index.

func (*LogClient) GetRoot 

func (c *LogClient) GetRoot() *types.LogRootV1

GetRoot returns a copy of the latest trusted root.

func (*LogClient) ListByIndex 

func (c *LogClient) ListByIndex(ctx context.Context, start, count int64) ([]*trillian.LogLeaf, error)

ListByIndex returns the requested leaves by index.

func (*LogClient) QueueLeaf 

func (c *LogClient) QueueLeaf(ctx context.Context, data []byte) error

QueueLeaf adds a leaf to a Trillian log without blocking. AlreadyExists is considered a success case by this function.

func (*LogClient) UpdateRoot 

func (c *LogClient) UpdateRoot(ctx context.Context) (*types.LogRootV1, error)

UpdateRoot retrieves the current SignedLogRoot, verifying it against roots this client has seen in the past, and updating the currently trusted root if the new root verifies, and is newer than the currently trusted root.

func (*LogClient) VerifyInclusion 

func (c *LogClient) VerifyInclusion(ctx context.Context, data []byte) error

VerifyInclusion ensures that the given leaf data has been included in the log.

func (*LogClient) WaitForInclusion 

func (c *LogClient) WaitForInclusion(ctx context.Context, data []byte) error

WaitForInclusion blocks until the requested data has been verified with an inclusion proof.

It will continuously update the root to the latest one available until the data is found, or an error is returned.

It is best to call this method with a context that will timeout to avoid waiting forever.

func (*LogClient) WaitForRootUpdate 

func (c *LogClient) WaitForRootUpdate(ctx context.Context) (*types.LogRootV1, error)

WaitForRootUpdate repeatedly fetches the latest root until there is an update, which it then applies, or until ctx times out.

type LogVerifier 

type LogVerifier struct {
	// Hasher is the hash strategy used to compute nodes in the Merkle tree.
	Hasher hashers.LogHasher
	// PubKey verifies the signature on the digest of LogRoot.
	PubKey crypto.PublicKey
	// SigHash computes the digest of LogRoot for signing.
	SigHash crypto.Hash
	// contains filtered or unexported fields
}

LogVerifier allows verification of output from Trillian Logs, both regular and pre-ordered; it is safe for concurrent use (as its contents are fixed after construction).

func NewLogVerifier 

func NewLogVerifier(hasher hashers.LogHasher, pubKey crypto.PublicKey, sigHash crypto.Hash) *LogVerifier

NewLogVerifier returns an object that can verify output from Trillian Logs.

func NewLogVerifierFromTree 

func NewLogVerifierFromTree(config *trillian.Tree) (*LogVerifier, error)

NewLogVerifierFromTree creates a new LogVerifier using the algorithms specified by a Trillian Tree object.

func (*LogVerifier) BuildLeaf 

func (c *LogVerifier) BuildLeaf(data []byte) *trillian.LogLeaf

BuildLeaf runs the leaf hasher over data and builds a leaf. TODO(pavelkalinnikov): This can be misleading as it creates a partially filled LogLeaf. Consider returning a pair instead, or leafHash only.

func (*LogVerifier) VerifyInclusionAtIndex 

func (c *LogVerifier) VerifyInclusionAtIndex(trusted *types.LogRootV1, data []byte, leafIndex int64, proof [][]byte) error

VerifyInclusionAtIndex verifies that the inclusion proof for data at leafIndex matches the given trusted root.

func (*LogVerifier) VerifyInclusionByHash 

func (c *LogVerifier) VerifyInclusionByHash(trusted *types.LogRootV1, leafHash []byte, proof *trillian.Proof) error

VerifyInclusionByHash verifies that the inclusion proof for the given Merkle leafHash matches the given trusted root.

func (*LogVerifier) VerifyRoot 

func (c *LogVerifier) VerifyRoot(trusted *types.LogRootV1, newRoot *trillian.SignedLogRoot, consistency [][]byte) (*types.LogRootV1, error)

VerifyRoot verifies that newRoot is a valid append-only operation from trusted. If trusted.TreeSize is zero, a consistency proof is not needed.

type MapClient 

type MapClient struct {
	*MapVerifier
	MapID int64
	Conn  trillian.TrillianMapClient
}

MapClient represents a client for a given Trillian Map instance.

func NewMapClientFromTree 

func NewMapClientFromTree(client trillian.TrillianMapClient, config *trillian.Tree) (*MapClient, error)

NewMapClientFromTree returns a verifying Map client for the specified tree.

func (*MapClient) GetAndVerifyLatestMapRoot 

func (c *MapClient) GetAndVerifyLatestMapRoot(ctx context.Context) (*types.MapRootV1, error)

GetAndVerifyLatestMapRoot verifies and returns the latest map root.

func (*MapClient) GetAndVerifyMapLeaves 

func (c *MapClient) GetAndVerifyMapLeaves(ctx context.Context, indexes [][]byte) ([]*trillian.MapLeaf, *types.MapRootV1, error)

GetAndVerifyMapLeaves verifies and returns the requested map leaves. indexes may not contain duplicates.

func (*MapClient) GetAndVerifyMapLeavesByRevision 

func (c *MapClient) GetAndVerifyMapLeavesByRevision(ctx context.Context, revision int64, indexes [][]byte) ([]*trillian.MapLeaf, *types.MapRootV1, error)

GetAndVerifyMapLeavesByRevision verifies and returns the requested map leaves at a specific revision. indexes may not contain duplicates.

func (*MapClient) GetAndVerifyMapRootByRevision 

func (c *MapClient) GetAndVerifyMapRootByRevision(ctx context.Context, revision int64) (*types.MapRootV1, error)

GetAndVerifyMapRootByRevision verifies and returns the map root with the given revision.

type MapVerifier 

type MapVerifier struct {
	*maps.RootVerifier
	MapID int64
	// RootVerifier verifies and unpacks the SMR.
	// Hasher is the hash strategy used to compute nodes in the Merkle tree.
	Hasher hashers.MapHasher
}

MapVerifier allows verification of output from Trillian Maps; it is safe for concurrent use (as its contents are fixed after construction).

func NewMapVerifier 

func NewMapVerifier(config *trillian.Tree, rootVerifier *maps.RootVerifier) (*MapVerifier, error)

NewMapVerifier creates a new MapVerifier using the information from a Trillian Tree object.

func NewMapVerifierFromTree 

func NewMapVerifierFromTree(config *trillian.Tree) (*MapVerifier, error)

NewMapVerifierFromTree creates a new MapVerifier using the information from a Trillian Tree object.

func (*MapVerifier) VerifyMapLeafInclusion 

func (m *MapVerifier) VerifyMapLeafInclusion(smr *trillian.SignedMapRoot, leafProof *trillian.MapLeafInclusion) error

VerifyMapLeafInclusion verifies a MapLeafInclusion object against a signed map root.

func (*MapVerifier) VerifyMapLeafInclusionHash 

func (m *MapVerifier) VerifyMapLeafInclusionHash(rootHash []byte, leafProof *trillian.MapLeafInclusion) error

VerifyMapLeafInclusionHash verifies a MapLeafInclusion object against a root hash.

func (*MapVerifier) VerifyMapLeavesResponse 

func (m *MapVerifier) VerifyMapLeavesResponse(indexes [][]byte, revision int64, resp *trillian.GetMapLeavesResponse) ([]*trillian.MapLeaf, *types.MapRootV1, error)

VerifyMapLeavesResponse verifies the responses of GetMapLeaves and GetMapLeavesByRevision. To accept any map revision, pass -1 as revision.

Source Files

admin.go log_client.go log_verifier.go map_client.go map_verifier.go

Directories

PathSynopsis
client/backoffPackage backoff allows retrying an operation with backoff.
client/rpcflags
client/timeoutPackage timeout enforces a maximum timeout on all outgoing rpcs.
Version
v1.3.4
Published
Oct 23, 2019
Platform
js/wasm
Imports
21 packages
Last checked
6 hours ago

Tools for package owners.