loglist

package
v1.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 13, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package loglist allows parsing and searching of the master CT Log list.

Index

Constants

View Source
const (
	// LogListURL has the master URL for Google Chrome's log list.
	LogListURL = "https://www.gstatic.com/ct/log_list/log_list.json"
	// LogListSignatureURL has the URL for the signature over Google Chrome's log list.
	LogListSignatureURL = "https://www.gstatic.com/ct/log_list/log_list.sig"
	// AllLogListURL has the URL for the list of all known logs (which isn't signed).
	AllLogListURL = "https://www.gstatic.com/ct/log_list/all_logs_list.json"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Log

type Log struct {
	Description       string `json:"description"`
	Key               []byte `json:"key"`
	MaximumMergeDelay int    `json:"maximum_merge_delay"` // seconds
	OperatedBy        []int  `json:"operated_by"`         // List of log operators
	URL               string `json:"url"`
	FinalSTH          *STH   `json:"final_sth,omitempty"`
	DisqualifiedAt    int    `json:"disqualified_at,omitempty"`
	DNSAPIEndpoint    string `json:"dns_api_endpoint,omitempty"` // DNS API endpoint for the log
}

Log describes a log.

func (*Log) GoogleOperated added in v1.1.0

func (l *Log) GoogleOperated() bool

GoogleOperated returns whether Log is operated by Google. Rough logic.

type LogList

type LogList struct {
	Logs      []Log      `json:"logs"`
	Operators []Operator `json:"operators"`
}

LogList holds a collection of logs and their operators

func NewFromJSON added in v1.0.13

func NewFromJSON(llData []byte) (*LogList, error)

NewFromJSON creates a LogList from JSON encoded data.

func NewFromSignedJSON added in v1.0.13

func NewFromSignedJSON(llData, rawSig []byte, pubKey crypto.PublicKey) (*LogList, error)

NewFromSignedJSON creates a LogList from JSON encoded data, checking a signature along the way. The signature data should be provided as the raw signature data.

func (*LogList) ActiveLogs added in v1.1.0

func (ll *LogList) ActiveLogs() LogList

ActiveLogs creates a new LogList containing only non-disqualified non-frozen logs from the original.

func (*LogList) CheckBranch added in v1.1.0

func (ll *LogList) CheckBranch(branch *LogList) []string

CheckBranch checks edited version of LogList against a master one for edit restrictions: consistency across operators, matching functionality of mutual logs. Returns slice of warnings if any.

func (*LogList) Compatible added in v1.1.0

func (ll *LogList) Compatible(cert *x509.Certificate, certRoot *x509.Certificate, roots LogRoots) LogList

Compatible creates a new LogList containing only the logs of original LogList that are compatible with the provided cert, according to the passed in collection of per-log roots. Logs that are missing from the collection are treated as always compatible and included, even if an empty cert root is passed in. Cert-root when provided is expected to be CA-cert.

func (*LogList) FindLogByKey

func (ll *LogList) FindLogByKey(key []byte) *Log

FindLogByKey finds the log with the given DER-encoded key.

func (*LogList) FindLogByKeyHash

func (ll *LogList) FindLogByKeyHash(keyhash [sha256.Size]byte) *Log

FindLogByKeyHash finds the log with the given key hash.

func (*LogList) FindLogByKeyHashPrefix added in v1.0.20

func (ll *LogList) FindLogByKeyHashPrefix(prefix string) []*Log

FindLogByKeyHashPrefix finds all logs whose key hash starts with the prefix.

func (*LogList) FindLogByName

func (ll *LogList) FindLogByName(name string) []*Log

FindLogByName returns all logs whose names contain the given string.

func (*LogList) FindLogByURL

func (ll *LogList) FindLogByURL(url string) *Log

FindLogByURL finds the log with the given URL.

func (*LogList) FuzzyFindLog

func (ll *LogList) FuzzyFindLog(input string) []*Log

FuzzyFindLog tries to find logs that match the given unspecified input, whose format is unspecified. This generally returns a single log, but if text input that matches multiple log descriptions is provided, then multiple logs may be returned.

func (*LogList) OperatorIDSet added in v1.1.0

func (ll *LogList) OperatorIDSet() map[int]string

OperatorIDSet is a helper op, creates set of operators for LogList.

type LogRoots added in v1.1.0

type LogRoots map[string]*x509util.PEMCertPool

LogRoots maps Log-URLs (stated at LogList) to the pools of their accepted root-certificates.

type Operator

type Operator struct {
	ID   int    `json:"id"`
	Name string `json:"name"`
}

Operator describes a log operator

type STH

type STH struct {
	TreeSize          int    `json:"tree_size"`
	Timestamp         int    `json:"timestamp"`
	SHA256RootHash    []byte `json:"sha256_root_hash"`
	TreeHeadSignature []byte `json:"tree_head_signature"`
}

STH describes a signed tree head from a log.

Directories

Path Synopsis
The findlog binary attempts to provide information about a log based on ID or name.
The findlog binary attempts to provide information about a log based on ID or name.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL