trillian

package module
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 22, 2018 License: Apache-2.0 Imports: 20 Imported by: 497

README ¶

Trillian: General Transparency

Build Status Go Report Card GoDoc Slack Status

Overview

Trillian is an implementation of the concepts described in the Verifiable Data Structures white paper, which in turn is an extension and generalisation of the ideas which underpin Certificate Transparency.

Trillian implements a Merkle tree whose contents are served from a data storage layer, to allow scalability to extremely large trees. On top of this Merkle tree, Trillian provides two modes:

  • An append-only Log mode, analogous to the original Certificate Transparency logs. In this mode, the Merkle tree is effectively filled up from the left, giving a dense Merkle tree.
  • A Map mode that allows transparent storage of arbitrary key:value pairs. In this mode, the key's hash is used to designate a particular leaf of a deep Merkle tree, giving a sparse Merkle tree. (A Trillian Map is an unordered map; it does not allow enumeration of the Map's keys.)

Note that Trillian requires particular applications to provide their own personalities on top of the core transparent data store functionality; example code for a certificate transparency log and for a log-derived map are included to help with this.

The code for the CT personality has now been moved to a separate repository and can be obtained from certificate-transparency-go.

Support

Using the Code

WARNING: The Trillian codebase is still under development but is now being used in production by several organizations. We will try to avoid any further incompatible code and schema changes but cannot guarantee that they will never be necessary.

To build and test Trillian you need:

  • Go 1.9 or later.

To run many of the tests (and production deployment) you need:

Use the standard Go tools to install other dependencies.

go get github.com/google/trillian
cd $GOPATH/src/github.com/google/trillian
go get -t -u -v ./...

To build and run tests, use:

go test ./...

Note that go seems to sometimes fail to fetch or update all dependencies (as of v1.10.2), so you may need to manually fetch missing ones, or update all Go source with:

go get -u -v all

The repository also includes multi-process integration tests, described in the Integration Tests section below.

MySQL Setup

To run Trillian's integration tests you need to have an instance of MySQL running and configured to:

  • listen on the standard MySQL port 3306 (so mysql --host=127.0.0.1 --port=3306 connects OK)
  • not require a password for the root user

You can then set up the expected tables in a test database like so:

./scripts/resetdb.sh
Warning: about to destroy and reset database 'test'
Are you sure? y
> Resetting DB...
> Reset Complete
Integration Tests

Trillian includes an integration test suite to confirm basic end-to-end functionality, which can be run with:

./integration/integration_test.sh

This runs several multi-process tests:

  • A test that starts a Trillian server in Map mode, sets various key:value pairs and checks they can be retrieved.
  • A test that starts a Trillian server in Log mode, together with a signer, logs many leaves, and checks they are integrated correctly.
  • A test that starts a set of Trillian servers in Log mode, plus a signer and a set of Certificate Transparency personality servers, then runs tests that exercise all of the RFC6962 entrypoints.

Working on the Code

Developers who want to make changes to the Trillian codebase need some additional dependencies and tools, described in the following sections. The Travis configuration for the codebase is also useful reference for the required tools and scripts, as it may be more up-to-date than this document.

Rebuilding Generated Code

Some of the Trillian Go code is autogenerated from other files:

  • gRPC message structures are originally provided as protocol buffer message definitions.
  • Some unit tests use mock implementations of interfaces; these are created from the real implementations by GoMock.
  • Some enums have string-conversion methods (satisfying the fmt.Stringer interface) created using the stringer tool (go get golang.org/x/tools/cmd/stringer).

Re-generating mock or protobuffer files is only needed if you're changing the original files; if you do, you'll need to install the prerequisites:

and run the following:

go generate -x ./...  # hunts for //go:generate comments and runs them
Updating Vendor Code

The Trillian codebase includes a couple of external projects under the vendor/ subdirectory, to ensure that builds use a fixed version (typically because the upstream repository does not guarantee back-compatibility between the tip master branch and the current stable release). These external codebases are included as Git subtrees.

To update the code in one of these subtrees, perform steps like:

# Add master repo for upstream code as a Git remote.
git remote add vendor-xyzzy https://github.com/orgname/xyzzy
# Pull the updated code for the desired version tag from the remote, dropping history.
# Trailing / in prefix is needed.
git subtree pull --squash --prefix=vendor/github.com/orgname/xyzzy/ vendor-xyzzy vX.Y.Z

If new vendor/ subtree is required, perform steps similar to:

# Add master repo for upstream code as a Git remote.
git remote add vendor-xyzzy https://github.com/orgname/xyzzy
# Pull the desired version of the code in, dropping history.
# Trailing / in --prefix is needed.
git subtree add --squash --prefix=vendor/github.com/orgname/xyzzy/ vendor-xyzzy vX.Y.Z
Running Codebase Checks

The scripts/presubmit.sh script runs various tools and tests over the codebase.

# Install gometalinter and all linters
go get -u github.com/alecthomas/gometalinter
gometalinter --install

# Run code generation, build, test and linters
./scripts/presubmit.sh

# Or just run the linters alone:
gometalinter --config=gometalinter.json ./...

Design

Design Overview

Trillian is primarily implemented as a gRPC service; this service receives get/set requests over gRPC and retrieves the corresponding Merkle tree data from a separate storage layer (currently using MySQL), ensuring that the cryptographic properties of the tree are preserved along the way.

The Trillian service is multi-tenanted – a single Trillian installation can support multiple Merkle trees in parallel, distinguished by their TreeId – and operates in one of two modes:

  • Log mode: an append-only collection of items.
  • Map mode: a collection of key:value pairs.

In either case, Trillian's key transparency property is that cryptographic proofs of inclusion/consistency are available for data items added to the service.

Personalities

The Trillian service expects to be paired with additional code that is specific to the particular application of the transparent store; this is known as a personality.

The primary purpose of a personality is to implement admission criteria for the store, so that only particular types of data are added to the store. For example, a certificate transparency log only accepts data items that are valid certificates; a "CT Log" personality would police this, so that the Trillian service can process all incoming data blindly.

A personality may also perform canonicalization on incoming data, to convert equivalent formulations of the same underlying data to a single canonical format, avoiding needless duplication. (For example, keys in JSON dictionaries could be sorted, or Unicode string data could be normalised.)

The per-application personality is also responsible for providing an externally-visible interface, typically over HTTP[S].

Note that a personality may need to implement its own data store, separate from Trillian. In particular, if the personality does not completely trust Trillian, it needs to store the various things that Trillian signs in order to be able to detect problems (and so the personality effectively also acts as a monitor for Trillian).

Map Mode

Trillian in Map mode can be thought of as providing a key:value store, together with cryptographic transparency guarantees for that data.

When running in Map mode, Trillian provides a straightforward gRPC API with the following available operations:

  • GetSignedMapRoot returns information about the current root of the Merkle tree representing the Map, including a revision (see below), hash value, timestamp and signature.
  • GetLeaves returns leaf information for a specified set of key values, optionally as of a particular revision. The returned leaf information also includes inclusion proof data.
  • SetLeaves requests inclusion of specified key:value pairs into the Map; these will appear as the next revision of the Map.

(Documentation may be out-of-date; please check the protocol buffer message definitions for the definitive current map API.)

Each SetLeaves request includes a batch of updates to the Map; once all of these updates have been applied, the Map has a new revision, with a new tree head for that revision. To allow historical queries, the API allows queries of the Map as of a particular revision.

TODO: add description of per-personality Mappers

TODO: add description of distribution: how many instances run, how distributed, how synchronized (master election), mention use of transactions as a fallback (in case of errors in master election).

Map components

Log Mode

When running in Log mode, Trillian provides a gRPC API whose operations are similar to those available for Certificate Transparency logs (cf. RFC 6962). These include:

  • GetLatestSignedLogRoot returns information about the current root of the Merkle tree for the log, including the tree size, hash value, timestamp and signature.
  • GetLeavesByHash, GetLeavesByIndex and GetLeavesByRange return leaf information for particular leaves, specified either by their hash value or index in the log.
  • QueueLeaves requests inclusion of specified items into the log.
  • GetInclusionProof, GetInclusionProofByHash and GetConsistencyProof return inclusion and consistency proof data.

In Log mode, Trillian includes an additional Signer component; this component periodically processes pending queued items and adds them to the Merkle tree, creating a new signed tree head as a result.

Log components

TODO: add description of distribution: how many instances run, how distributed etc.

Logged Map

As it currently stands, it is not possible to reliably monitor or audit a Trillian Map instance; key:value pairs can be modified and subsequently reset without anyone noticing.

A future plan to deal with this is to create a Logged Map, which combines a Trillian Map with a Trillian Log so that all published revisions of the Map have their signed tree head data appended to the corresponding Map.

Use Cases

Certificate Transparency Log

The most obvious application for Trillian in Log mode is to provide a certificate transparency (RFC 6962) Log. To do this, the CT Log personality needs to include all of the certificate-specific processing – in particular, checking that an item that has been suggested for inclusion is indeed a valid certificate that chains to an accepted root.

Verifiable Log-Derived Map

One useful application for Trillian in Map mode is to provide a verifiable log-derived map (VLDM), as described in the Verifiable Data Structures white paper (which uses the term 'log-backed map'). To do this, a VLDM personality would monitor the additions of entries to a Log, potentially external, and would write some kind of corresponding key:value data to a Trillian Map.

Clients of the VLDM are then able to verify that the entries in the Map they are shown are also seen by anyone auditing the Log for correct operation, which in turn allows the client to trust the key/value pairs returned by the Map.

A concrete example of this might be a VLDM that monitors a certificate transparency Log and builds a corresponding Map from domain names to the set of certificates associated with that domain.

The following table summarizes properties of data structures laid in the Verifiable Data Structures white paper. “Efficiently” means that a client can and should perform this validation themselves. “Full audit” means that to validate correctly, a client would need to download the entire dataset, and is something that in practice we expect a small number of dedicated auditors to perform, rather than being done by each client.

Verifiable Log Verifiable Map Verifiable Log-Derived Map
Prove inclusion of value Yes, efficiently Yes, efficiently Yes, efficiently
Prove non-inclusion of value Impractical Yes, efficiently Yes, efficiently
Retrieve provable value for key Impractical Yes, efficiently Yes, efficiently
Retrieve provable current value for key Impractical No Yes, efficiently
Prove append-only Yes, efficiently No Yes, efficiently [1].
Enumerate all entries Yes, by full audit Yes, by full audit Yes, by full audit
Prove correct operation Yes, efficiently No Yes, by full audit
Enable detection of split-view Yes, efficiently Yes, efficiently Yes, efficiently
  • [1] -- although full audit is required to verify complete correct operation

Documentation ¶

Overview ¶

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Package trillian is a generated protocol buffer package.

It is generated from these files:

trillian_log_api.proto
trillian_map_api.proto
trillian_admin_api.proto
trillian.proto

It has these top-level messages:

ChargeTo
QueueLeafRequest
QueueLeafResponse
AddSequencedLeafRequest
AddSequencedLeafResponse
GetInclusionProofRequest
GetInclusionProofResponse
GetInclusionProofByHashRequest
GetInclusionProofByHashResponse
GetConsistencyProofRequest
GetConsistencyProofResponse
GetLatestSignedLogRootRequest
GetLatestSignedLogRootResponse
GetSequencedLeafCountRequest
GetSequencedLeafCountResponse
GetEntryAndProofRequest
GetEntryAndProofResponse
InitLogRequest
InitLogResponse
QueueLeavesRequest
QueueLeavesResponse
AddSequencedLeavesRequest
AddSequencedLeavesResponse
GetLeavesByIndexRequest
GetLeavesByIndexResponse
GetLeavesByRangeRequest
GetLeavesByRangeResponse
GetLeavesByHashRequest
GetLeavesByHashResponse
QueuedLogLeaf
LogLeaf
Proof
MapLeaf
MapLeafInclusion
GetMapLeavesRequest
GetMapLeavesByRevisionRequest
GetMapLeavesResponse
SetMapLeavesRequest
SetMapLeavesResponse
GetSignedMapRootRequest
GetSignedMapRootByRevisionRequest
GetSignedMapRootResponse
InitMapRequest
InitMapResponse
ListTreesRequest
ListTreesResponse
GetTreeRequest
CreateTreeRequest
UpdateTreeRequest
DeleteTreeRequest
UndeleteTreeRequest
Tree
SignedEntryTimestamp
SignedLogRoot
SignedMapRoot

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index ¶

Constants ¶

This section is empty.

Variables ¶

View Source
var HashStrategy_name = map[int32]string{
	0: "UNKNOWN_HASH_STRATEGY",
	1: "RFC6962_SHA256",
	2: "TEST_MAP_HASHER",
	3: "OBJECT_RFC6962_SHA256",
	4: "CONIKS_SHA512_256",
}
View Source
var HashStrategy_value = map[string]int32{
	"UNKNOWN_HASH_STRATEGY": 0,
	"RFC6962_SHA256":        1,
	"TEST_MAP_HASHER":       2,
	"OBJECT_RFC6962_SHA256": 3,
	"CONIKS_SHA512_256":     4,
}
View Source
var LogRootFormat_name = map[int32]string{
	0: "LOG_ROOT_FORMAT_UNKNOWN",
	1: "LOG_ROOT_FORMAT_V1",
}
View Source
var LogRootFormat_value = map[string]int32{
	"LOG_ROOT_FORMAT_UNKNOWN": 0,
	"LOG_ROOT_FORMAT_V1":      1,
}
View Source
var MapRootFormat_name = map[int32]string{
	0: "MAP_ROOT_FORMAT_UNKNOWN",
	1: "MAP_ROOT_FORMAT_V1",
}
View Source
var MapRootFormat_value = map[string]int32{
	"MAP_ROOT_FORMAT_UNKNOWN": 0,
	"MAP_ROOT_FORMAT_V1":      1,
}
View Source
var TreeState_name = map[int32]string{
	0: "UNKNOWN_TREE_STATE",
	1: "ACTIVE",
	2: "FROZEN",
	3: "DEPRECATED_SOFT_DELETED",
	4: "DEPRECATED_HARD_DELETED",
	5: "DRAINING",
}
View Source
var TreeState_value = map[string]int32{
	"UNKNOWN_TREE_STATE":      0,
	"ACTIVE":                  1,
	"FROZEN":                  2,
	"DEPRECATED_SOFT_DELETED": 3,
	"DEPRECATED_HARD_DELETED": 4,
	"DRAINING":                5,
}
View Source
var TreeType_name = map[int32]string{
	0: "UNKNOWN_TREE_TYPE",
	1: "LOG",
	2: "MAP",
	3: "PREORDERED_LOG",
}
View Source
var TreeType_value = map[string]int32{
	"UNKNOWN_TREE_TYPE": 0,
	"LOG":               1,
	"MAP":               2,
	"PREORDERED_LOG":    3,
}

Functions ¶

func RegisterTrillianAdminHandler ¶

func RegisterTrillianAdminHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianAdminHandler registers the http handlers for service TrillianAdmin to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianAdminHandlerClient ¶ added in v1.0.5

func RegisterTrillianAdminHandlerClient(ctx context.Context, mux *runtime.ServeMux, client TrillianAdminClient) error

RegisterTrillianAdminHandler registers the http handlers for service TrillianAdmin to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "TrillianAdminClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "TrillianAdminClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "TrillianAdminClient" to call the correct interceptors.

func RegisterTrillianAdminHandlerFromEndpoint ¶

func RegisterTrillianAdminHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianAdminHandlerFromEndpoint is same as RegisterTrillianAdminHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianAdminServer ¶

func RegisterTrillianAdminServer(s *grpc.Server, srv TrillianAdminServer)

func RegisterTrillianLogHandler ¶

func RegisterTrillianLogHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianLogHandler registers the http handlers for service TrillianLog to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianLogHandlerClient ¶ added in v1.0.5

func RegisterTrillianLogHandlerClient(ctx context.Context, mux *runtime.ServeMux, client TrillianLogClient) error

RegisterTrillianLogHandler registers the http handlers for service TrillianLog to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "TrillianLogClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "TrillianLogClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "TrillianLogClient" to call the correct interceptors.

func RegisterTrillianLogHandlerFromEndpoint ¶

func RegisterTrillianLogHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianLogHandlerFromEndpoint is same as RegisterTrillianLogHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianLogServer ¶

func RegisterTrillianLogServer(s *grpc.Server, srv TrillianLogServer)

func RegisterTrillianMapHandler ¶

func RegisterTrillianMapHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianMapHandler registers the http handlers for service TrillianMap to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianMapHandlerClient ¶ added in v1.0.5

func RegisterTrillianMapHandlerClient(ctx context.Context, mux *runtime.ServeMux, client TrillianMapClient) error

RegisterTrillianMapHandler registers the http handlers for service TrillianMap to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "TrillianMapClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "TrillianMapClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "TrillianMapClient" to call the correct interceptors.

func RegisterTrillianMapHandlerFromEndpoint ¶

func RegisterTrillianMapHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianMapHandlerFromEndpoint is same as RegisterTrillianMapHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianMapServer ¶

func RegisterTrillianMapServer(s *grpc.Server, srv TrillianMapServer)

Types ¶

type AddSequencedLeafRequest ¶ added in v1.0.7

type AddSequencedLeafRequest struct {
	LogId    int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaf     *LogLeaf  `protobuf:"bytes,2,opt,name=leaf" json:"leaf,omitempty"`
	ChargeTo *ChargeTo `protobuf:"bytes,3,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*AddSequencedLeafRequest) Descriptor ¶ added in v1.0.7

func (*AddSequencedLeafRequest) Descriptor() ([]byte, []int)

func (*AddSequencedLeafRequest) GetChargeTo ¶ added in v1.2.0

func (m *AddSequencedLeafRequest) GetChargeTo() *ChargeTo

func (*AddSequencedLeafRequest) GetLeaf ¶ added in v1.0.7

func (m *AddSequencedLeafRequest) GetLeaf() *LogLeaf

func (*AddSequencedLeafRequest) GetLogId ¶ added in v1.0.7

func (m *AddSequencedLeafRequest) GetLogId() int64

func (*AddSequencedLeafRequest) ProtoMessage ¶ added in v1.0.7

func (*AddSequencedLeafRequest) ProtoMessage()

func (*AddSequencedLeafRequest) Reset ¶ added in v1.0.7

func (m *AddSequencedLeafRequest) Reset()

func (*AddSequencedLeafRequest) String ¶ added in v1.0.7

func (m *AddSequencedLeafRequest) String() string

type AddSequencedLeafResponse ¶ added in v1.0.7

type AddSequencedLeafResponse struct {
	Result *QueuedLogLeaf `protobuf:"bytes,2,opt,name=result" json:"result,omitempty"`
}

func (*AddSequencedLeafResponse) Descriptor ¶ added in v1.0.7

func (*AddSequencedLeafResponse) Descriptor() ([]byte, []int)

func (*AddSequencedLeafResponse) GetResult ¶ added in v1.0.7

func (m *AddSequencedLeafResponse) GetResult() *QueuedLogLeaf

func (*AddSequencedLeafResponse) ProtoMessage ¶ added in v1.0.7

func (*AddSequencedLeafResponse) ProtoMessage()

func (*AddSequencedLeafResponse) Reset ¶ added in v1.0.7

func (m *AddSequencedLeafResponse) Reset()

func (*AddSequencedLeafResponse) String ¶ added in v1.0.7

func (m *AddSequencedLeafResponse) String() string

type AddSequencedLeavesRequest ¶ added in v1.0.7

type AddSequencedLeavesRequest struct {
	LogId    int64      `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaves   []*LogLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	ChargeTo *ChargeTo  `protobuf:"bytes,4,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*AddSequencedLeavesRequest) Descriptor ¶ added in v1.0.7

func (*AddSequencedLeavesRequest) Descriptor() ([]byte, []int)

func (*AddSequencedLeavesRequest) GetChargeTo ¶ added in v1.2.0

func (m *AddSequencedLeavesRequest) GetChargeTo() *ChargeTo

func (*AddSequencedLeavesRequest) GetLeaves ¶ added in v1.0.7

func (m *AddSequencedLeavesRequest) GetLeaves() []*LogLeaf

func (*AddSequencedLeavesRequest) GetLogId ¶ added in v1.0.7

func (m *AddSequencedLeavesRequest) GetLogId() int64

func (*AddSequencedLeavesRequest) ProtoMessage ¶ added in v1.0.7

func (*AddSequencedLeavesRequest) ProtoMessage()

func (*AddSequencedLeavesRequest) Reset ¶ added in v1.0.7

func (m *AddSequencedLeavesRequest) Reset()

func (*AddSequencedLeavesRequest) String ¶ added in v1.0.7

func (m *AddSequencedLeavesRequest) String() string

type AddSequencedLeavesResponse ¶ added in v1.0.7

type AddSequencedLeavesResponse struct {
	// Same number and order as in the corresponding request.
	Results []*QueuedLogLeaf `protobuf:"bytes,2,rep,name=results" json:"results,omitempty"`
}

func (*AddSequencedLeavesResponse) Descriptor ¶ added in v1.0.7

func (*AddSequencedLeavesResponse) Descriptor() ([]byte, []int)

func (*AddSequencedLeavesResponse) GetResults ¶ added in v1.0.7

func (m *AddSequencedLeavesResponse) GetResults() []*QueuedLogLeaf

func (*AddSequencedLeavesResponse) ProtoMessage ¶ added in v1.0.7

func (*AddSequencedLeavesResponse) ProtoMessage()

func (*AddSequencedLeavesResponse) Reset ¶ added in v1.0.7

func (m *AddSequencedLeavesResponse) Reset()

func (*AddSequencedLeavesResponse) String ¶ added in v1.0.7

func (m *AddSequencedLeavesResponse) String() string

type ChargeTo ¶ added in v1.2.0

type ChargeTo struct {
	// user is a list of personality-defined strings.
	// Trillian will treat them as /User/%{user}/... keys when checking and
	// charging quota.
	// If one or more of the specified users has insufficient quota, the
	// request will be denied.
	//
	// As an example, a Certificate Transparency frontend might set the following
	// user strings when sending a QueueLeaves request to the Trillian log:
	//   - The requesting IP address.
	//     This would limit the number of requests per IP.
	//   - The "intermediate-<hash>" for each of the intermediate certificates in
	//     the submitted chain.
	//     This would have the effect of limiting the rate of submissions under
	//     a given intermediate/root.
	User []string `protobuf:"bytes,1,rep,name=user" json:"user,omitempty"`
}

ChargeTo describes the user(s) associated with the request whose quota should be checked and charged.

func (*ChargeTo) Descriptor ¶ added in v1.2.0

func (*ChargeTo) Descriptor() ([]byte, []int)

func (*ChargeTo) GetUser ¶ added in v1.2.0

func (m *ChargeTo) GetUser() []string

func (*ChargeTo) ProtoMessage ¶ added in v1.2.0

func (*ChargeTo) ProtoMessage()

func (*ChargeTo) Reset ¶ added in v1.2.0

func (m *ChargeTo) Reset()

func (*ChargeTo) String ¶ added in v1.2.0

func (m *ChargeTo) String() string

type CreateTreeRequest ¶

type CreateTreeRequest struct {
	// Tree to be created. See Tree and CreateTree for more details.
	Tree *Tree `protobuf:"bytes,1,opt,name=tree" json:"tree,omitempty"`
	// Describes how the tree's private key should be generated.
	// Only needs to be set if tree.private_key is not set.
	KeySpec *keyspb.Specification `protobuf:"bytes,2,opt,name=key_spec,json=keySpec" json:"key_spec,omitempty"`
}

CreateTree request.

func (*CreateTreeRequest) Descriptor ¶

func (*CreateTreeRequest) Descriptor() ([]byte, []int)

func (*CreateTreeRequest) GetKeySpec ¶

func (m *CreateTreeRequest) GetKeySpec() *keyspb.Specification

func (*CreateTreeRequest) GetTree ¶

func (m *CreateTreeRequest) GetTree() *Tree

func (*CreateTreeRequest) ProtoMessage ¶

func (*CreateTreeRequest) ProtoMessage()

func (*CreateTreeRequest) Reset ¶

func (m *CreateTreeRequest) Reset()

func (*CreateTreeRequest) String ¶

func (m *CreateTreeRequest) String() string

type DeleteTreeRequest ¶

type DeleteTreeRequest struct {
	// ID of the tree to delete.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

DeleteTree request.

func (*DeleteTreeRequest) Descriptor ¶

func (*DeleteTreeRequest) Descriptor() ([]byte, []int)

func (*DeleteTreeRequest) GetTreeId ¶

func (m *DeleteTreeRequest) GetTreeId() int64

func (*DeleteTreeRequest) ProtoMessage ¶

func (*DeleteTreeRequest) ProtoMessage()

func (*DeleteTreeRequest) Reset ¶

func (m *DeleteTreeRequest) Reset()

func (*DeleteTreeRequest) String ¶

func (m *DeleteTreeRequest) String() string

type GetConsistencyProofRequest ¶

type GetConsistencyProofRequest struct {
	LogId          int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	FirstTreeSize  int64     `protobuf:"varint,2,opt,name=first_tree_size,json=firstTreeSize" json:"first_tree_size,omitempty"`
	SecondTreeSize int64     `protobuf:"varint,3,opt,name=second_tree_size,json=secondTreeSize" json:"second_tree_size,omitempty"`
	ChargeTo       *ChargeTo `protobuf:"bytes,4,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetConsistencyProofRequest) Descriptor ¶

func (*GetConsistencyProofRequest) Descriptor() ([]byte, []int)

func (*GetConsistencyProofRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetConsistencyProofRequest) GetChargeTo() *ChargeTo

func (*GetConsistencyProofRequest) GetFirstTreeSize ¶

func (m *GetConsistencyProofRequest) GetFirstTreeSize() int64

func (*GetConsistencyProofRequest) GetLogId ¶

func (m *GetConsistencyProofRequest) GetLogId() int64

func (*GetConsistencyProofRequest) GetSecondTreeSize ¶

func (m *GetConsistencyProofRequest) GetSecondTreeSize() int64

func (*GetConsistencyProofRequest) ProtoMessage ¶

func (*GetConsistencyProofRequest) ProtoMessage()

func (*GetConsistencyProofRequest) Reset ¶

func (m *GetConsistencyProofRequest) Reset()

func (*GetConsistencyProofRequest) String ¶

func (m *GetConsistencyProofRequest) String() string

type GetConsistencyProofResponse ¶

type GetConsistencyProofResponse struct {
	Proof         *Proof         `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,3,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetConsistencyProofResponse) Descriptor ¶

func (*GetConsistencyProofResponse) Descriptor() ([]byte, []int)

func (*GetConsistencyProofResponse) GetProof ¶

func (m *GetConsistencyProofResponse) GetProof() *Proof

func (*GetConsistencyProofResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetConsistencyProofResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetConsistencyProofResponse) ProtoMessage ¶

func (*GetConsistencyProofResponse) ProtoMessage()

func (*GetConsistencyProofResponse) Reset ¶

func (m *GetConsistencyProofResponse) Reset()

func (*GetConsistencyProofResponse) String ¶

func (m *GetConsistencyProofResponse) String() string

type GetEntryAndProofRequest ¶

type GetEntryAndProofRequest struct {
	LogId     int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex int64     `protobuf:"varint,2,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	TreeSize  int64     `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	ChargeTo  *ChargeTo `protobuf:"bytes,4,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetEntryAndProofRequest) Descriptor ¶

func (*GetEntryAndProofRequest) Descriptor() ([]byte, []int)

func (*GetEntryAndProofRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetEntryAndProofRequest) GetChargeTo() *ChargeTo

func (*GetEntryAndProofRequest) GetLeafIndex ¶

func (m *GetEntryAndProofRequest) GetLeafIndex() int64

func (*GetEntryAndProofRequest) GetLogId ¶

func (m *GetEntryAndProofRequest) GetLogId() int64

func (*GetEntryAndProofRequest) GetTreeSize ¶

func (m *GetEntryAndProofRequest) GetTreeSize() int64

func (*GetEntryAndProofRequest) ProtoMessage ¶

func (*GetEntryAndProofRequest) ProtoMessage()

func (*GetEntryAndProofRequest) Reset ¶

func (m *GetEntryAndProofRequest) Reset()

func (*GetEntryAndProofRequest) String ¶

func (m *GetEntryAndProofRequest) String() string

type GetEntryAndProofResponse ¶

type GetEntryAndProofResponse struct {
	Proof         *Proof         `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
	Leaf          *LogLeaf       `protobuf:"bytes,3,opt,name=leaf" json:"leaf,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,4,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetEntryAndProofResponse) Descriptor ¶

func (*GetEntryAndProofResponse) Descriptor() ([]byte, []int)

func (*GetEntryAndProofResponse) GetLeaf ¶

func (m *GetEntryAndProofResponse) GetLeaf() *LogLeaf

func (*GetEntryAndProofResponse) GetProof ¶

func (m *GetEntryAndProofResponse) GetProof() *Proof

func (*GetEntryAndProofResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetEntryAndProofResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetEntryAndProofResponse) ProtoMessage ¶

func (*GetEntryAndProofResponse) ProtoMessage()

func (*GetEntryAndProofResponse) Reset ¶

func (m *GetEntryAndProofResponse) Reset()

func (*GetEntryAndProofResponse) String ¶

func (m *GetEntryAndProofResponse) String() string

type GetInclusionProofByHashRequest ¶

type GetInclusionProofByHashRequest struct {
	LogId           int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafHash        []byte    `protobuf:"bytes,2,opt,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	TreeSize        int64     `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	OrderBySequence bool      `protobuf:"varint,4,opt,name=order_by_sequence,json=orderBySequence" json:"order_by_sequence,omitempty"`
	ChargeTo        *ChargeTo `protobuf:"bytes,5,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetInclusionProofByHashRequest) Descriptor ¶

func (*GetInclusionProofByHashRequest) Descriptor() ([]byte, []int)

func (*GetInclusionProofByHashRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetInclusionProofByHashRequest) GetChargeTo() *ChargeTo

func (*GetInclusionProofByHashRequest) GetLeafHash ¶

func (m *GetInclusionProofByHashRequest) GetLeafHash() []byte

func (*GetInclusionProofByHashRequest) GetLogId ¶

func (m *GetInclusionProofByHashRequest) GetLogId() int64

func (*GetInclusionProofByHashRequest) GetOrderBySequence ¶

func (m *GetInclusionProofByHashRequest) GetOrderBySequence() bool

func (*GetInclusionProofByHashRequest) GetTreeSize ¶

func (m *GetInclusionProofByHashRequest) GetTreeSize() int64

func (*GetInclusionProofByHashRequest) ProtoMessage ¶

func (*GetInclusionProofByHashRequest) ProtoMessage()

func (*GetInclusionProofByHashRequest) Reset ¶

func (m *GetInclusionProofByHashRequest) Reset()

func (*GetInclusionProofByHashRequest) String ¶

type GetInclusionProofByHashResponse ¶

type GetInclusionProofByHashResponse struct {
	// Logs can potentially contain leaves with duplicate hashes so it's possible
	// for this to return multiple proofs.
	// TODO(gbelvin) only return one proof.
	Proof         []*Proof       `protobuf:"bytes,2,rep,name=proof" json:"proof,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,3,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetInclusionProofByHashResponse) Descriptor ¶

func (*GetInclusionProofByHashResponse) Descriptor() ([]byte, []int)

func (*GetInclusionProofByHashResponse) GetProof ¶

func (m *GetInclusionProofByHashResponse) GetProof() []*Proof

func (*GetInclusionProofByHashResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetInclusionProofByHashResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetInclusionProofByHashResponse) ProtoMessage ¶

func (*GetInclusionProofByHashResponse) ProtoMessage()

func (*GetInclusionProofByHashResponse) Reset ¶

func (*GetInclusionProofByHashResponse) String ¶

type GetInclusionProofRequest ¶

type GetInclusionProofRequest struct {
	LogId     int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex int64     `protobuf:"varint,2,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	TreeSize  int64     `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	ChargeTo  *ChargeTo `protobuf:"bytes,4,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetInclusionProofRequest) Descriptor ¶

func (*GetInclusionProofRequest) Descriptor() ([]byte, []int)

func (*GetInclusionProofRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetInclusionProofRequest) GetChargeTo() *ChargeTo

func (*GetInclusionProofRequest) GetLeafIndex ¶

func (m *GetInclusionProofRequest) GetLeafIndex() int64

func (*GetInclusionProofRequest) GetLogId ¶

func (m *GetInclusionProofRequest) GetLogId() int64

func (*GetInclusionProofRequest) GetTreeSize ¶

func (m *GetInclusionProofRequest) GetTreeSize() int64

func (*GetInclusionProofRequest) ProtoMessage ¶

func (*GetInclusionProofRequest) ProtoMessage()

func (*GetInclusionProofRequest) Reset ¶

func (m *GetInclusionProofRequest) Reset()

func (*GetInclusionProofRequest) String ¶

func (m *GetInclusionProofRequest) String() string

type GetInclusionProofResponse ¶

type GetInclusionProofResponse struct {
	Proof         *Proof         `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,3,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetInclusionProofResponse) Descriptor ¶

func (*GetInclusionProofResponse) Descriptor() ([]byte, []int)

func (*GetInclusionProofResponse) GetProof ¶

func (m *GetInclusionProofResponse) GetProof() *Proof

func (*GetInclusionProofResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetInclusionProofResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetInclusionProofResponse) ProtoMessage ¶

func (*GetInclusionProofResponse) ProtoMessage()

func (*GetInclusionProofResponse) Reset ¶

func (m *GetInclusionProofResponse) Reset()

func (*GetInclusionProofResponse) String ¶

func (m *GetInclusionProofResponse) String() string

type GetLatestSignedLogRootRequest ¶

type GetLatestSignedLogRootRequest struct {
	LogId    int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	ChargeTo *ChargeTo `protobuf:"bytes,2,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetLatestSignedLogRootRequest) Descriptor ¶

func (*GetLatestSignedLogRootRequest) Descriptor() ([]byte, []int)

func (*GetLatestSignedLogRootRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetLatestSignedLogRootRequest) GetChargeTo() *ChargeTo

func (*GetLatestSignedLogRootRequest) GetLogId ¶

func (m *GetLatestSignedLogRootRequest) GetLogId() int64

func (*GetLatestSignedLogRootRequest) ProtoMessage ¶

func (*GetLatestSignedLogRootRequest) ProtoMessage()

func (*GetLatestSignedLogRootRequest) Reset ¶

func (m *GetLatestSignedLogRootRequest) Reset()

func (*GetLatestSignedLogRootRequest) String ¶

type GetLatestSignedLogRootResponse ¶

type GetLatestSignedLogRootResponse struct {
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,2,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetLatestSignedLogRootResponse) Descriptor ¶

func (*GetLatestSignedLogRootResponse) Descriptor() ([]byte, []int)

func (*GetLatestSignedLogRootResponse) GetSignedLogRoot ¶

func (m *GetLatestSignedLogRootResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetLatestSignedLogRootResponse) ProtoMessage ¶

func (*GetLatestSignedLogRootResponse) ProtoMessage()

func (*GetLatestSignedLogRootResponse) Reset ¶

func (m *GetLatestSignedLogRootResponse) Reset()

func (*GetLatestSignedLogRootResponse) String ¶

type GetLeavesByHashRequest ¶

type GetLeavesByHashRequest struct {
	LogId           int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafHash        [][]byte  `protobuf:"bytes,2,rep,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	OrderBySequence bool      `protobuf:"varint,3,opt,name=order_by_sequence,json=orderBySequence" json:"order_by_sequence,omitempty"`
	ChargeTo        *ChargeTo `protobuf:"bytes,5,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetLeavesByHashRequest) Descriptor ¶

func (*GetLeavesByHashRequest) Descriptor() ([]byte, []int)

func (*GetLeavesByHashRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetLeavesByHashRequest) GetChargeTo() *ChargeTo

func (*GetLeavesByHashRequest) GetLeafHash ¶

func (m *GetLeavesByHashRequest) GetLeafHash() [][]byte

func (*GetLeavesByHashRequest) GetLogId ¶

func (m *GetLeavesByHashRequest) GetLogId() int64

func (*GetLeavesByHashRequest) GetOrderBySequence ¶

func (m *GetLeavesByHashRequest) GetOrderBySequence() bool

func (*GetLeavesByHashRequest) ProtoMessage ¶

func (*GetLeavesByHashRequest) ProtoMessage()

func (*GetLeavesByHashRequest) Reset ¶

func (m *GetLeavesByHashRequest) Reset()

func (*GetLeavesByHashRequest) String ¶

func (m *GetLeavesByHashRequest) String() string

type GetLeavesByHashResponse ¶

type GetLeavesByHashResponse struct {
	// TODO(gbelvin) reply with error codes. Reuse QueuedLogLeaf?
	Leaves        []*LogLeaf     `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,3,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetLeavesByHashResponse) Descriptor ¶

func (*GetLeavesByHashResponse) Descriptor() ([]byte, []int)

func (*GetLeavesByHashResponse) GetLeaves ¶

func (m *GetLeavesByHashResponse) GetLeaves() []*LogLeaf

func (*GetLeavesByHashResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetLeavesByHashResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetLeavesByHashResponse) ProtoMessage ¶

func (*GetLeavesByHashResponse) ProtoMessage()

func (*GetLeavesByHashResponse) Reset ¶

func (m *GetLeavesByHashResponse) Reset()

func (*GetLeavesByHashResponse) String ¶

func (m *GetLeavesByHashResponse) String() string

type GetLeavesByIndexRequest ¶

type GetLeavesByIndexRequest struct {
	LogId     int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex []int64   `protobuf:"varint,2,rep,packed,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	ChargeTo  *ChargeTo `protobuf:"bytes,5,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetLeavesByIndexRequest) Descriptor ¶

func (*GetLeavesByIndexRequest) Descriptor() ([]byte, []int)

func (*GetLeavesByIndexRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetLeavesByIndexRequest) GetChargeTo() *ChargeTo

func (*GetLeavesByIndexRequest) GetLeafIndex ¶

func (m *GetLeavesByIndexRequest) GetLeafIndex() []int64

func (*GetLeavesByIndexRequest) GetLogId ¶

func (m *GetLeavesByIndexRequest) GetLogId() int64

func (*GetLeavesByIndexRequest) ProtoMessage ¶

func (*GetLeavesByIndexRequest) ProtoMessage()

func (*GetLeavesByIndexRequest) Reset ¶

func (m *GetLeavesByIndexRequest) Reset()

func (*GetLeavesByIndexRequest) String ¶

func (m *GetLeavesByIndexRequest) String() string

type GetLeavesByIndexResponse ¶

type GetLeavesByIndexResponse struct {
	// TODO(gbelvin) reply with error codes. Reuse QueuedLogLeaf?
	Leaves        []*LogLeaf     `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,3,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetLeavesByIndexResponse) Descriptor ¶

func (*GetLeavesByIndexResponse) Descriptor() ([]byte, []int)

func (*GetLeavesByIndexResponse) GetLeaves ¶

func (m *GetLeavesByIndexResponse) GetLeaves() []*LogLeaf

func (*GetLeavesByIndexResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetLeavesByIndexResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetLeavesByIndexResponse) ProtoMessage ¶

func (*GetLeavesByIndexResponse) ProtoMessage()

func (*GetLeavesByIndexResponse) Reset ¶

func (m *GetLeavesByIndexResponse) Reset()

func (*GetLeavesByIndexResponse) String ¶

func (m *GetLeavesByIndexResponse) String() string

type GetLeavesByRangeRequest ¶ added in v1.0.6

type GetLeavesByRangeRequest struct {
	LogId      int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	StartIndex int64     `protobuf:"varint,2,opt,name=start_index,json=startIndex" json:"start_index,omitempty"`
	Count      int64     `protobuf:"varint,3,opt,name=count" json:"count,omitempty"`
	ChargeTo   *ChargeTo `protobuf:"bytes,4,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetLeavesByRangeRequest) Descriptor ¶ added in v1.0.6

func (*GetLeavesByRangeRequest) Descriptor() ([]byte, []int)

func (*GetLeavesByRangeRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetLeavesByRangeRequest) GetChargeTo() *ChargeTo

func (*GetLeavesByRangeRequest) GetCount ¶ added in v1.0.6

func (m *GetLeavesByRangeRequest) GetCount() int64

func (*GetLeavesByRangeRequest) GetLogId ¶ added in v1.0.6

func (m *GetLeavesByRangeRequest) GetLogId() int64

func (*GetLeavesByRangeRequest) GetStartIndex ¶ added in v1.0.6

func (m *GetLeavesByRangeRequest) GetStartIndex() int64

func (*GetLeavesByRangeRequest) ProtoMessage ¶ added in v1.0.6

func (*GetLeavesByRangeRequest) ProtoMessage()

func (*GetLeavesByRangeRequest) Reset ¶ added in v1.0.6

func (m *GetLeavesByRangeRequest) Reset()

func (*GetLeavesByRangeRequest) String ¶ added in v1.0.6

func (m *GetLeavesByRangeRequest) String() string

type GetLeavesByRangeResponse ¶ added in v1.0.6

type GetLeavesByRangeResponse struct {
	// Returned log leaves starting from the `start_index` of the request, in
	// order. There may be fewer than `request.count` leaves returned, if the
	// requested range extended beyond the size of the tree or if the server opted
	// to return fewer leaves than requested.
	Leaves        []*LogLeaf     `protobuf:"bytes,1,rep,name=leaves" json:"leaves,omitempty"`
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,2,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetLeavesByRangeResponse) Descriptor ¶ added in v1.0.6

func (*GetLeavesByRangeResponse) Descriptor() ([]byte, []int)

func (*GetLeavesByRangeResponse) GetLeaves ¶ added in v1.0.6

func (m *GetLeavesByRangeResponse) GetLeaves() []*LogLeaf

func (*GetLeavesByRangeResponse) GetSignedLogRoot ¶ added in v1.1.0

func (m *GetLeavesByRangeResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetLeavesByRangeResponse) ProtoMessage ¶ added in v1.0.6

func (*GetLeavesByRangeResponse) ProtoMessage()

func (*GetLeavesByRangeResponse) Reset ¶ added in v1.0.6

func (m *GetLeavesByRangeResponse) Reset()

func (*GetLeavesByRangeResponse) String ¶ added in v1.0.6

func (m *GetLeavesByRangeResponse) String() string

type GetMapLeavesByRevisionRequest ¶ added in v1.0.5

type GetMapLeavesByRevisionRequest struct {
	MapId int64    `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Index [][]byte `protobuf:"bytes,2,rep,name=index,proto3" json:"index,omitempty"`
	// revision >= 0.
	Revision int64 `protobuf:"varint,3,opt,name=revision" json:"revision,omitempty"`
}

This message replaces the current implementation of GetMapLeavesRequest with the difference that revision must be >=0.

func (*GetMapLeavesByRevisionRequest) Descriptor ¶ added in v1.0.5

func (*GetMapLeavesByRevisionRequest) Descriptor() ([]byte, []int)

func (*GetMapLeavesByRevisionRequest) GetIndex ¶ added in v1.0.5

func (m *GetMapLeavesByRevisionRequest) GetIndex() [][]byte

func (*GetMapLeavesByRevisionRequest) GetMapId ¶ added in v1.0.5

func (m *GetMapLeavesByRevisionRequest) GetMapId() int64

func (*GetMapLeavesByRevisionRequest) GetRevision ¶ added in v1.0.5

func (m *GetMapLeavesByRevisionRequest) GetRevision() int64

func (*GetMapLeavesByRevisionRequest) ProtoMessage ¶ added in v1.0.5

func (*GetMapLeavesByRevisionRequest) ProtoMessage()

func (*GetMapLeavesByRevisionRequest) Reset ¶ added in v1.0.5

func (m *GetMapLeavesByRevisionRequest) Reset()

func (*GetMapLeavesByRevisionRequest) String ¶ added in v1.0.5

type GetMapLeavesRequest ¶

type GetMapLeavesRequest struct {
	MapId int64    `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Index [][]byte `protobuf:"bytes,2,rep,name=index,proto3" json:"index,omitempty"`
}

func (*GetMapLeavesRequest) Descriptor ¶

func (*GetMapLeavesRequest) Descriptor() ([]byte, []int)

func (*GetMapLeavesRequest) GetIndex ¶

func (m *GetMapLeavesRequest) GetIndex() [][]byte

func (*GetMapLeavesRequest) GetMapId ¶

func (m *GetMapLeavesRequest) GetMapId() int64

func (*GetMapLeavesRequest) ProtoMessage ¶

func (*GetMapLeavesRequest) ProtoMessage()

func (*GetMapLeavesRequest) Reset ¶

func (m *GetMapLeavesRequest) Reset()

func (*GetMapLeavesRequest) String ¶

func (m *GetMapLeavesRequest) String() string

type GetMapLeavesResponse ¶

type GetMapLeavesResponse struct {
	MapLeafInclusion []*MapLeafInclusion `protobuf:"bytes,2,rep,name=map_leaf_inclusion,json=mapLeafInclusion" json:"map_leaf_inclusion,omitempty"`
	MapRoot          *SignedMapRoot      `protobuf:"bytes,3,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*GetMapLeavesResponse) Descriptor ¶

func (*GetMapLeavesResponse) Descriptor() ([]byte, []int)

func (*GetMapLeavesResponse) GetMapLeafInclusion ¶

func (m *GetMapLeavesResponse) GetMapLeafInclusion() []*MapLeafInclusion

func (*GetMapLeavesResponse) GetMapRoot ¶

func (m *GetMapLeavesResponse) GetMapRoot() *SignedMapRoot

func (*GetMapLeavesResponse) ProtoMessage ¶

func (*GetMapLeavesResponse) ProtoMessage()

func (*GetMapLeavesResponse) Reset ¶

func (m *GetMapLeavesResponse) Reset()

func (*GetMapLeavesResponse) String ¶

func (m *GetMapLeavesResponse) String() string

type GetSequencedLeafCountRequest ¶

type GetSequencedLeafCountRequest struct {
	LogId    int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	ChargeTo *ChargeTo `protobuf:"bytes,2,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*GetSequencedLeafCountRequest) Descriptor ¶

func (*GetSequencedLeafCountRequest) Descriptor() ([]byte, []int)

func (*GetSequencedLeafCountRequest) GetChargeTo ¶ added in v1.2.0

func (m *GetSequencedLeafCountRequest) GetChargeTo() *ChargeTo

func (*GetSequencedLeafCountRequest) GetLogId ¶

func (m *GetSequencedLeafCountRequest) GetLogId() int64

func (*GetSequencedLeafCountRequest) ProtoMessage ¶

func (*GetSequencedLeafCountRequest) ProtoMessage()

func (*GetSequencedLeafCountRequest) Reset ¶

func (m *GetSequencedLeafCountRequest) Reset()

func (*GetSequencedLeafCountRequest) String ¶

type GetSequencedLeafCountResponse ¶

type GetSequencedLeafCountResponse struct {
	LeafCount int64 `protobuf:"varint,2,opt,name=leaf_count,json=leafCount" json:"leaf_count,omitempty"`
}

func (*GetSequencedLeafCountResponse) Descriptor ¶

func (*GetSequencedLeafCountResponse) Descriptor() ([]byte, []int)

func (*GetSequencedLeafCountResponse) GetLeafCount ¶

func (m *GetSequencedLeafCountResponse) GetLeafCount() int64

func (*GetSequencedLeafCountResponse) ProtoMessage ¶

func (*GetSequencedLeafCountResponse) ProtoMessage()

func (*GetSequencedLeafCountResponse) Reset ¶

func (m *GetSequencedLeafCountResponse) Reset()

func (*GetSequencedLeafCountResponse) String ¶

type GetSignedMapRootByRevisionRequest ¶

type GetSignedMapRootByRevisionRequest struct {
	MapId    int64 `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Revision int64 `protobuf:"varint,2,opt,name=revision" json:"revision,omitempty"`
}

func (*GetSignedMapRootByRevisionRequest) Descriptor ¶

func (*GetSignedMapRootByRevisionRequest) Descriptor() ([]byte, []int)

func (*GetSignedMapRootByRevisionRequest) GetMapId ¶

func (*GetSignedMapRootByRevisionRequest) GetRevision ¶

func (m *GetSignedMapRootByRevisionRequest) GetRevision() int64

func (*GetSignedMapRootByRevisionRequest) ProtoMessage ¶

func (*GetSignedMapRootByRevisionRequest) ProtoMessage()

func (*GetSignedMapRootByRevisionRequest) Reset ¶

func (*GetSignedMapRootByRevisionRequest) String ¶

type GetSignedMapRootRequest ¶

type GetSignedMapRootRequest struct {
	MapId int64 `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
}

func (*GetSignedMapRootRequest) Descriptor ¶

func (*GetSignedMapRootRequest) Descriptor() ([]byte, []int)

func (*GetSignedMapRootRequest) GetMapId ¶

func (m *GetSignedMapRootRequest) GetMapId() int64

func (*GetSignedMapRootRequest) ProtoMessage ¶

func (*GetSignedMapRootRequest) ProtoMessage()

func (*GetSignedMapRootRequest) Reset ¶

func (m *GetSignedMapRootRequest) Reset()

func (*GetSignedMapRootRequest) String ¶

func (m *GetSignedMapRootRequest) String() string

type GetSignedMapRootResponse ¶

type GetSignedMapRootResponse struct {
	MapRoot *SignedMapRoot `protobuf:"bytes,2,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*GetSignedMapRootResponse) Descriptor ¶

func (*GetSignedMapRootResponse) Descriptor() ([]byte, []int)

func (*GetSignedMapRootResponse) GetMapRoot ¶

func (m *GetSignedMapRootResponse) GetMapRoot() *SignedMapRoot

func (*GetSignedMapRootResponse) ProtoMessage ¶

func (*GetSignedMapRootResponse) ProtoMessage()

func (*GetSignedMapRootResponse) Reset ¶

func (m *GetSignedMapRootResponse) Reset()

func (*GetSignedMapRootResponse) String ¶

func (m *GetSignedMapRootResponse) String() string

type GetTreeRequest ¶

type GetTreeRequest struct {
	// ID of the tree to retrieve.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

GetTree request.

func (*GetTreeRequest) Descriptor ¶

func (*GetTreeRequest) Descriptor() ([]byte, []int)

func (*GetTreeRequest) GetTreeId ¶

func (m *GetTreeRequest) GetTreeId() int64

func (*GetTreeRequest) ProtoMessage ¶

func (*GetTreeRequest) ProtoMessage()

func (*GetTreeRequest) Reset ¶

func (m *GetTreeRequest) Reset()

func (*GetTreeRequest) String ¶

func (m *GetTreeRequest) String() string

type HashStrategy ¶

type HashStrategy int32

Defines the way empty / node / leaf hashes are constructed incorporating preimage protection, which can be application specific.

const (
	// Hash strategy cannot be determined. Included to enable detection of
	// mismatched proto versions being used. Represents an invalid value.
	HashStrategy_UNKNOWN_HASH_STRATEGY HashStrategy = 0
	// Certificate Transparency strategy: leaf hash prefix = 0x00, node prefix =
	// 0x01, empty hash is digest([]byte{}), as defined in the specification.
	HashStrategy_RFC6962_SHA256 HashStrategy = 1
	// Sparse Merkle Tree strategy:  leaf hash prefix = 0x00, node prefix = 0x01,
	// empty branch is recursively computed from empty leaf nodes.
	// NOT secure in a multi tree environment. For testing only.
	HashStrategy_TEST_MAP_HASHER HashStrategy = 2
	// Append-only log strategy where leaf nodes are defined as the ObjectHash.
	// All other properties are equal to RFC6962_SHA256.
	HashStrategy_OBJECT_RFC6962_SHA256 HashStrategy = 3
	// The CONIKS sparse tree hasher with SHA512_256 as the hash algorithm.
	HashStrategy_CONIKS_SHA512_256 HashStrategy = 4
)

func (HashStrategy) EnumDescriptor ¶

func (HashStrategy) EnumDescriptor() ([]byte, []int)

func (HashStrategy) String ¶

func (x HashStrategy) String() string

type InitLogRequest ¶ added in v1.0.7

type InitLogRequest struct {
	LogId    int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	ChargeTo *ChargeTo `protobuf:"bytes,2,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*InitLogRequest) Descriptor ¶ added in v1.0.7

func (*InitLogRequest) Descriptor() ([]byte, []int)

func (*InitLogRequest) GetChargeTo ¶ added in v1.2.0

func (m *InitLogRequest) GetChargeTo() *ChargeTo

func (*InitLogRequest) GetLogId ¶ added in v1.0.7

func (m *InitLogRequest) GetLogId() int64

func (*InitLogRequest) ProtoMessage ¶ added in v1.0.7

func (*InitLogRequest) ProtoMessage()

func (*InitLogRequest) Reset ¶ added in v1.0.7

func (m *InitLogRequest) Reset()

func (*InitLogRequest) String ¶ added in v1.0.7

func (m *InitLogRequest) String() string

type InitLogResponse ¶ added in v1.0.7

type InitLogResponse struct {
	Created *SignedLogRoot `protobuf:"bytes,1,opt,name=created" json:"created,omitempty"`
}

func (*InitLogResponse) Descriptor ¶ added in v1.0.7

func (*InitLogResponse) Descriptor() ([]byte, []int)

func (*InitLogResponse) GetCreated ¶ added in v1.0.7

func (m *InitLogResponse) GetCreated() *SignedLogRoot

func (*InitLogResponse) ProtoMessage ¶ added in v1.0.7

func (*InitLogResponse) ProtoMessage()

func (*InitLogResponse) Reset ¶ added in v1.0.7

func (m *InitLogResponse) Reset()

func (*InitLogResponse) String ¶ added in v1.0.7

func (m *InitLogResponse) String() string

type InitMapRequest ¶ added in v1.0.7

type InitMapRequest struct {
	MapId int64 `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
}

func (*InitMapRequest) Descriptor ¶ added in v1.0.7

func (*InitMapRequest) Descriptor() ([]byte, []int)

func (*InitMapRequest) GetMapId ¶ added in v1.0.7

func (m *InitMapRequest) GetMapId() int64

func (*InitMapRequest) ProtoMessage ¶ added in v1.0.7

func (*InitMapRequest) ProtoMessage()

func (*InitMapRequest) Reset ¶ added in v1.0.7

func (m *InitMapRequest) Reset()

func (*InitMapRequest) String ¶ added in v1.0.7

func (m *InitMapRequest) String() string

type InitMapResponse ¶ added in v1.0.7

type InitMapResponse struct {
	Created *SignedMapRoot `protobuf:"bytes,1,opt,name=created" json:"created,omitempty"`
}

func (*InitMapResponse) Descriptor ¶ added in v1.0.7

func (*InitMapResponse) Descriptor() ([]byte, []int)

func (*InitMapResponse) GetCreated ¶ added in v1.0.7

func (m *InitMapResponse) GetCreated() *SignedMapRoot

func (*InitMapResponse) ProtoMessage ¶ added in v1.0.7

func (*InitMapResponse) ProtoMessage()

func (*InitMapResponse) Reset ¶ added in v1.0.7

func (m *InitMapResponse) Reset()

func (*InitMapResponse) String ¶ added in v1.0.7

func (m *InitMapResponse) String() string

type ListTreesRequest ¶

type ListTreesRequest struct {
	// If true, deleted trees are included in the response.
	ShowDeleted bool `protobuf:"varint,1,opt,name=show_deleted,json=showDeleted" json:"show_deleted,omitempty"`
}

ListTrees request. No filters or pagination options are provided.

func (*ListTreesRequest) Descriptor ¶

func (*ListTreesRequest) Descriptor() ([]byte, []int)

func (*ListTreesRequest) GetShowDeleted ¶ added in v1.0.2

func (m *ListTreesRequest) GetShowDeleted() bool

func (*ListTreesRequest) ProtoMessage ¶

func (*ListTreesRequest) ProtoMessage()

func (*ListTreesRequest) Reset ¶

func (m *ListTreesRequest) Reset()

func (*ListTreesRequest) String ¶

func (m *ListTreesRequest) String() string

type ListTreesResponse ¶

type ListTreesResponse struct {
	// Trees matching the list request filters.
	Tree []*Tree `protobuf:"bytes,1,rep,name=tree" json:"tree,omitempty"`
}

ListTrees response. No pagination is provided, all trees the requester has access to are returned.

func (*ListTreesResponse) Descriptor ¶

func (*ListTreesResponse) Descriptor() ([]byte, []int)

func (*ListTreesResponse) GetTree ¶

func (m *ListTreesResponse) GetTree() []*Tree

func (*ListTreesResponse) ProtoMessage ¶

func (*ListTreesResponse) ProtoMessage()

func (*ListTreesResponse) Reset ¶

func (m *ListTreesResponse) Reset()

func (*ListTreesResponse) String ¶

func (m *ListTreesResponse) String() string

type LogLeaf ¶

type LogLeaf struct {
	// Output only. The hash over `leaf_data`.
	MerkleLeafHash []byte `protobuf:"bytes,1,opt,name=merkle_leaf_hash,json=merkleLeafHash,proto3" json:"merkle_leaf_hash,omitempty"`
	// Required. The arbitrary data associated with this log entry. Validity of
	// this field is governed by the call site (personality).
	LeafValue []byte `protobuf:"bytes,2,opt,name=leaf_value,json=leafValue,proto3" json:"leaf_value,omitempty"`
	// The arbitrary metadata, e.g., a timestamp.
	ExtraData []byte `protobuf:"bytes,3,opt,name=extra_data,json=extraData,proto3" json:"extra_data,omitempty"`
	// Output only in `LOG` mode. Required in `PREORDERED_LOG` mode.
	// The index of the leaf in the Merkle tree, i.e., the position of the
	// corresponding entry in the log. For normal logs this value will be
	// assigned by the LogSigner.
	LeafIndex int64 `protobuf:"varint,4,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	// The hash over the identity of this leaf. If empty, assumed to be the same
	// as `merkle_leaf_hash`. It is a mechanism for the personality to provide a
	// hint to Trillian that two leaves should be considered "duplicates" even
	// though their `leaf_value`s differ.
	//
	// E.g., in a CT personality multiple `add-chain` calls for an identical
	// certificate would produce differing `leaf_data` bytes (due to the
	// presence of SCT elements), with just this information Trillian would be
	// unable to determine that. Within the context of the CT personality, these
	// entries are dupes, so it sets `leaf_identity_hash` to `H(cert)`, which
	// allows Trillian to detect the duplicates.
	//
	// Continuing the CT example, for a CT mirror personality (which must allow
	// dupes since the source log could contain them), the part of the
	// personality which fetches and submits the entries might set
	// `leaf_identity_hash` to `H(leaf_index||cert)`.
	// TODO(pavelkalinnikov): Consider instead using `H(cert)` and allowing
	// identity hash dupes in `PREORDERED_LOG` mode, for it can later be
	// upgraded to `LOG` which will need to correctly detect duplicates with
	// older entries when new ones get queued.
	LeafIdentityHash []byte `protobuf:"bytes,5,opt,name=leaf_identity_hash,json=leafIdentityHash,proto3" json:"leaf_identity_hash,omitempty"`
	// Output only. The time at which this leaf was passed to `QueueLeaves`.
	// This value will be determined and set by the LogServer. Equals zero if
	// the entry was submitted without queuing.
	QueueTimestamp *google_protobuf1.Timestamp `protobuf:"bytes,6,opt,name=queue_timestamp,json=queueTimestamp" json:"queue_timestamp,omitempty"`
	// Output only. The time at which this leaf was integrated into the tree.
	// This value will be determined and set by the LogSigner.
	IntegrateTimestamp *google_protobuf1.Timestamp `protobuf:"bytes,7,opt,name=integrate_timestamp,json=integrateTimestamp" json:"integrate_timestamp,omitempty"`
}

A leaf of the log's Merkle tree, corresponds to a single log entry. Each leaf has a unique `leaf_index` in the scope of this tree.

func (*LogLeaf) Descriptor ¶

func (*LogLeaf) Descriptor() ([]byte, []int)

func (*LogLeaf) GetExtraData ¶

func (m *LogLeaf) GetExtraData() []byte

func (*LogLeaf) GetIntegrateTimestamp ¶ added in v1.0.5

func (m *LogLeaf) GetIntegrateTimestamp() *google_protobuf1.Timestamp

func (*LogLeaf) GetLeafIdentityHash ¶

func (m *LogLeaf) GetLeafIdentityHash() []byte

func (*LogLeaf) GetLeafIndex ¶

func (m *LogLeaf) GetLeafIndex() int64

func (*LogLeaf) GetLeafValue ¶

func (m *LogLeaf) GetLeafValue() []byte

func (*LogLeaf) GetMerkleLeafHash ¶

func (m *LogLeaf) GetMerkleLeafHash() []byte

func (*LogLeaf) GetQueueTimestamp ¶ added in v1.0.5

func (m *LogLeaf) GetQueueTimestamp() *google_protobuf1.Timestamp

func (*LogLeaf) ProtoMessage ¶

func (*LogLeaf) ProtoMessage()

func (*LogLeaf) Reset ¶

func (m *LogLeaf) Reset()

func (*LogLeaf) String ¶

func (m *LogLeaf) String() string

type LogRootFormat ¶ added in v1.1.0

type LogRootFormat int32

LogRootFormat specifies the fields that are covered by the SignedLogRoot signature, as well as their ordering and formats.

const (
	LogRootFormat_LOG_ROOT_FORMAT_UNKNOWN LogRootFormat = 0
	LogRootFormat_LOG_ROOT_FORMAT_V1      LogRootFormat = 1
)

func (LogRootFormat) EnumDescriptor ¶ added in v1.1.0

func (LogRootFormat) EnumDescriptor() ([]byte, []int)

func (LogRootFormat) String ¶ added in v1.1.0

func (x LogRootFormat) String() string

type MapLeaf ¶

type MapLeaf struct {
	// index is the location of this leaf.
	// All indexes for a given Map must contain a constant number of bits.
	// These are not numeric indices. Note that this is typically derived using a
	// hash and thus the length of all indices in the map will match the number
	// of bits in the hash function. Map entries do not have a well defined
	// ordering and it's not possible to sequentially iterate over them.
	Index []byte `protobuf:"bytes,1,opt,name=index,proto3" json:"index,omitempty"`
	// leaf_hash is the tree hash of leaf_value.  This does not need to be set
	// on SetMapLeavesRequest; the server will fill it in.
	LeafHash []byte `protobuf:"bytes,2,opt,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	// leaf_value is the data the tree commits to.
	LeafValue []byte `protobuf:"bytes,3,opt,name=leaf_value,json=leafValue,proto3" json:"leaf_value,omitempty"`
	// extra_data holds related contextual data, but is not covered by any hash.
	ExtraData []byte `protobuf:"bytes,4,opt,name=extra_data,json=extraData,proto3" json:"extra_data,omitempty"`
}

MapLeaf represents the data behind Map leaves.

func (*MapLeaf) Descriptor ¶

func (*MapLeaf) Descriptor() ([]byte, []int)

func (*MapLeaf) GetExtraData ¶

func (m *MapLeaf) GetExtraData() []byte

func (*MapLeaf) GetIndex ¶

func (m *MapLeaf) GetIndex() []byte

func (*MapLeaf) GetLeafHash ¶

func (m *MapLeaf) GetLeafHash() []byte

func (*MapLeaf) GetLeafValue ¶

func (m *MapLeaf) GetLeafValue() []byte

func (*MapLeaf) ProtoMessage ¶

func (*MapLeaf) ProtoMessage()

func (*MapLeaf) Reset ¶

func (m *MapLeaf) Reset()

func (*MapLeaf) String ¶

func (m *MapLeaf) String() string

type MapLeafInclusion ¶

type MapLeafInclusion struct {
	Leaf      *MapLeaf `protobuf:"bytes,1,opt,name=leaf" json:"leaf,omitempty"`
	Inclusion [][]byte `protobuf:"bytes,2,rep,name=inclusion,proto3" json:"inclusion,omitempty"`
}

func (*MapLeafInclusion) Descriptor ¶

func (*MapLeafInclusion) Descriptor() ([]byte, []int)

func (*MapLeafInclusion) GetInclusion ¶

func (m *MapLeafInclusion) GetInclusion() [][]byte

func (*MapLeafInclusion) GetLeaf ¶

func (m *MapLeafInclusion) GetLeaf() *MapLeaf

func (*MapLeafInclusion) ProtoMessage ¶

func (*MapLeafInclusion) ProtoMessage()

func (*MapLeafInclusion) Reset ¶

func (m *MapLeafInclusion) Reset()

func (*MapLeafInclusion) String ¶

func (m *MapLeafInclusion) String() string

type MapRootFormat ¶ added in v1.1.0

type MapRootFormat int32

MapRootFormat specifies the fields that are covered by the SignedMapRoot signature, as well as their ordering and formats.

const (
	MapRootFormat_MAP_ROOT_FORMAT_UNKNOWN MapRootFormat = 0
	MapRootFormat_MAP_ROOT_FORMAT_V1      MapRootFormat = 1
)

func (MapRootFormat) EnumDescriptor ¶ added in v1.1.0

func (MapRootFormat) EnumDescriptor() ([]byte, []int)

func (MapRootFormat) String ¶ added in v1.1.0

func (x MapRootFormat) String() string

type Proof ¶

type Proof struct {
	LeafIndex int64    `protobuf:"varint,1,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	Hashes    [][]byte `protobuf:"bytes,3,rep,name=hashes,proto3" json:"hashes,omitempty"`
}

A consistency or inclusion proof for a Merkle tree. Output only.

func (*Proof) Descriptor ¶

func (*Proof) Descriptor() ([]byte, []int)

func (*Proof) GetHashes ¶

func (m *Proof) GetHashes() [][]byte

func (*Proof) GetLeafIndex ¶

func (m *Proof) GetLeafIndex() int64

func (*Proof) ProtoMessage ¶

func (*Proof) ProtoMessage()

func (*Proof) Reset ¶

func (m *Proof) Reset()

func (*Proof) String ¶

func (m *Proof) String() string

type QueueLeafRequest ¶

type QueueLeafRequest struct {
	LogId    int64     `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaf     *LogLeaf  `protobuf:"bytes,2,opt,name=leaf" json:"leaf,omitempty"`
	ChargeTo *ChargeTo `protobuf:"bytes,3,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*QueueLeafRequest) Descriptor ¶

func (*QueueLeafRequest) Descriptor() ([]byte, []int)

func (*QueueLeafRequest) GetChargeTo ¶ added in v1.2.0

func (m *QueueLeafRequest) GetChargeTo() *ChargeTo

func (*QueueLeafRequest) GetLeaf ¶

func (m *QueueLeafRequest) GetLeaf() *LogLeaf

func (*QueueLeafRequest) GetLogId ¶

func (m *QueueLeafRequest) GetLogId() int64

func (*QueueLeafRequest) ProtoMessage ¶

func (*QueueLeafRequest) ProtoMessage()

func (*QueueLeafRequest) Reset ¶

func (m *QueueLeafRequest) Reset()

func (*QueueLeafRequest) String ¶

func (m *QueueLeafRequest) String() string

type QueueLeafResponse ¶

type QueueLeafResponse struct {
	QueuedLeaf *QueuedLogLeaf `protobuf:"bytes,2,opt,name=queued_leaf,json=queuedLeaf" json:"queued_leaf,omitempty"`
}

func (*QueueLeafResponse) Descriptor ¶

func (*QueueLeafResponse) Descriptor() ([]byte, []int)

func (*QueueLeafResponse) GetQueuedLeaf ¶

func (m *QueueLeafResponse) GetQueuedLeaf() *QueuedLogLeaf

func (*QueueLeafResponse) ProtoMessage ¶

func (*QueueLeafResponse) ProtoMessage()

func (*QueueLeafResponse) Reset ¶

func (m *QueueLeafResponse) Reset()

func (*QueueLeafResponse) String ¶

func (m *QueueLeafResponse) String() string

type QueueLeavesRequest ¶

type QueueLeavesRequest struct {
	LogId    int64      `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaves   []*LogLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	ChargeTo *ChargeTo  `protobuf:"bytes,3,opt,name=charge_to,json=chargeTo" json:"charge_to,omitempty"`
}

func (*QueueLeavesRequest) Descriptor ¶

func (*QueueLeavesRequest) Descriptor() ([]byte, []int)

func (*QueueLeavesRequest) GetChargeTo ¶ added in v1.2.0

func (m *QueueLeavesRequest) GetChargeTo() *ChargeTo

func (*QueueLeavesRequest) GetLeaves ¶

func (m *QueueLeavesRequest) GetLeaves() []*LogLeaf

func (*QueueLeavesRequest) GetLogId ¶

func (m *QueueLeavesRequest) GetLogId() int64

func (*QueueLeavesRequest) ProtoMessage ¶

func (*QueueLeavesRequest) ProtoMessage()

func (*QueueLeavesRequest) Reset ¶

func (m *QueueLeavesRequest) Reset()

func (*QueueLeavesRequest) String ¶

func (m *QueueLeavesRequest) String() string

type QueueLeavesResponse ¶

type QueueLeavesResponse struct {
	// Same number and order as in the corresponding request.
	QueuedLeaves []*QueuedLogLeaf `protobuf:"bytes,2,rep,name=queued_leaves,json=queuedLeaves" json:"queued_leaves,omitempty"`
}

func (*QueueLeavesResponse) Descriptor ¶

func (*QueueLeavesResponse) Descriptor() ([]byte, []int)

func (*QueueLeavesResponse) GetQueuedLeaves ¶

func (m *QueueLeavesResponse) GetQueuedLeaves() []*QueuedLogLeaf

func (*QueueLeavesResponse) ProtoMessage ¶

func (*QueueLeavesResponse) ProtoMessage()

func (*QueueLeavesResponse) Reset ¶

func (m *QueueLeavesResponse) Reset()

func (*QueueLeavesResponse) String ¶

func (m *QueueLeavesResponse) String() string

type QueuedLogLeaf ¶

type QueuedLogLeaf struct {
	// The leaf as it was stored by Trillian. Empty unless `status.code` is:
	//  - `google.rpc.OK`: the `leaf` data is the same as in the request.
	//  - `google.rpc.ALREADY_EXISTS` or 'google.rpc.FAILED_PRECONDITION`: the
	//    `leaf` is the conflicting one already in the log.
	Leaf *LogLeaf `protobuf:"bytes,1,opt,name=leaf" json:"leaf,omitempty"`
	// The status of adding the leaf.
	//  - `google.rpc.OK`: successfully added.
	//  - `google.rpc.ALREADY_EXISTS`: the leaf is a duplicate of an already
	//    existing one. Either `leaf_identity_hash` is the same in the `LOG`
	//    mode, or `leaf_index` in the `PREORDERED_LOG`.
	//  - `google.rpc.FAILED_PRECONDITION`: A conflicting entry is already
	//    present in the log, e.g., same `leaf_index` but different `leaf_data`.
	Status *google_rpc.Status `protobuf:"bytes,2,opt,name=status" json:"status,omitempty"`
}

A result of submitting an entry to the log. Output only. TODO(pavelkalinnikov): Consider renaming it to AddLogLeafResult or the like.

func (*QueuedLogLeaf) Descriptor ¶

func (*QueuedLogLeaf) Descriptor() ([]byte, []int)

func (*QueuedLogLeaf) GetLeaf ¶

func (m *QueuedLogLeaf) GetLeaf() *LogLeaf

func (*QueuedLogLeaf) GetStatus ¶

func (m *QueuedLogLeaf) GetStatus() *google_rpc.Status

func (*QueuedLogLeaf) ProtoMessage ¶

func (*QueuedLogLeaf) ProtoMessage()

func (*QueuedLogLeaf) Reset ¶

func (m *QueuedLogLeaf) Reset()

func (*QueuedLogLeaf) String ¶

func (m *QueuedLogLeaf) String() string

type SetMapLeavesRequest ¶

type SetMapLeavesRequest struct {
	MapId    int64      `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Leaves   []*MapLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	Metadata []byte     `protobuf:"bytes,5,opt,name=metadata,proto3" json:"metadata,omitempty"`
}

func (*SetMapLeavesRequest) Descriptor ¶

func (*SetMapLeavesRequest) Descriptor() ([]byte, []int)

func (*SetMapLeavesRequest) GetLeaves ¶

func (m *SetMapLeavesRequest) GetLeaves() []*MapLeaf

func (*SetMapLeavesRequest) GetMapId ¶

func (m *SetMapLeavesRequest) GetMapId() int64

func (*SetMapLeavesRequest) GetMetadata ¶ added in v1.0.2

func (m *SetMapLeavesRequest) GetMetadata() []byte

func (*SetMapLeavesRequest) ProtoMessage ¶

func (*SetMapLeavesRequest) ProtoMessage()

func (*SetMapLeavesRequest) Reset ¶

func (m *SetMapLeavesRequest) Reset()

func (*SetMapLeavesRequest) String ¶

func (m *SetMapLeavesRequest) String() string

type SetMapLeavesResponse ¶

type SetMapLeavesResponse struct {
	MapRoot *SignedMapRoot `protobuf:"bytes,2,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*SetMapLeavesResponse) Descriptor ¶

func (*SetMapLeavesResponse) Descriptor() ([]byte, []int)

func (*SetMapLeavesResponse) GetMapRoot ¶

func (m *SetMapLeavesResponse) GetMapRoot() *SignedMapRoot

func (*SetMapLeavesResponse) ProtoMessage ¶

func (*SetMapLeavesResponse) ProtoMessage()

func (*SetMapLeavesResponse) Reset ¶

func (m *SetMapLeavesResponse) Reset()

func (*SetMapLeavesResponse) String ¶

func (m *SetMapLeavesResponse) String() string

type SignedEntryTimestamp ¶

type SignedEntryTimestamp struct {
	TimestampNanos int64                  `protobuf:"varint,1,opt,name=timestamp_nanos,json=timestampNanos" json:"timestamp_nanos,omitempty"`
	LogId          int64                  `protobuf:"varint,2,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Signature      *sigpb.DigitallySigned `protobuf:"bytes,3,opt,name=signature" json:"signature,omitempty"`
}

func (*SignedEntryTimestamp) Descriptor ¶

func (*SignedEntryTimestamp) Descriptor() ([]byte, []int)

func (*SignedEntryTimestamp) GetLogId ¶

func (m *SignedEntryTimestamp) GetLogId() int64

func (*SignedEntryTimestamp) GetSignature ¶

func (m *SignedEntryTimestamp) GetSignature() *sigpb.DigitallySigned

func (*SignedEntryTimestamp) GetTimestampNanos ¶

func (m *SignedEntryTimestamp) GetTimestampNanos() int64

func (*SignedEntryTimestamp) ProtoMessage ¶

func (*SignedEntryTimestamp) ProtoMessage()

func (*SignedEntryTimestamp) Reset ¶

func (m *SignedEntryTimestamp) Reset()

func (*SignedEntryTimestamp) String ¶

func (m *SignedEntryTimestamp) String() string

type SignedLogRoot ¶

type SignedLogRoot struct {
	// Deprecated: TimestampNanos moved to LogRoot.
	TimestampNanos int64 `protobuf:"varint,1,opt,name=timestamp_nanos,json=timestampNanos" json:"timestamp_nanos,omitempty"`
	// Deprecated: RootHash moved to LogRoot.
	RootHash []byte `protobuf:"bytes,2,opt,name=root_hash,json=rootHash,proto3" json:"root_hash,omitempty"`
	// Deprecated: TreeSize moved to LogRoot.
	TreeSize int64 `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	// Deprecated: TreeRevision moved to LogRoot.
	TreeRevision int64 `protobuf:"varint,6,opt,name=tree_revision,json=treeRevision" json:"tree_revision,omitempty"`
	// key_hint is a hint to identify the public key for signature verification.
	// key_hint is not authenticated and may be incorrect or missing, in which
	// case all known public keys may be used to verify the signature.
	// When directly communicating with a Trillian gRPC server, the key_hint will
	// typically contain the LogID encoded as a big-endian 64-bit integer;
	// however, in other contexts the key_hint is likely to have different
	// contents (e.g. it could be a GUID, a URL + TreeID, or it could be
	// derived from the public key itself).
	KeyHint []byte `protobuf:"bytes,7,opt,name=key_hint,json=keyHint,proto3" json:"key_hint,omitempty"`
	// log_root holds the TLS-serialization of the following structure (described
	// in RFC5246 notation): Clients should validate log_root_signature with
	// VerifySignedLogRoot before deserializing log_root.
	// enum { v1(1), (65535)} Version;
	// struct {
	//   uint64 tree_size;
	//   opaque root_hash<0..128>;
	//   uint64 timestamp_nanos;
	//   uint64 revision;
	//   opaque metadata<0..65535>;
	// } LogRootV1;
	// struct {
	//   Version version;
	//   select(version) {
	//     case v1: LogRootV1;
	//   }
	// } LogRoot;
	LogRoot []byte `protobuf:"bytes,8,opt,name=log_root,json=logRoot,proto3" json:"log_root,omitempty"`
	// log_root_signature is the raw signature over log_root.
	LogRootSignature []byte `protobuf:"bytes,9,opt,name=log_root_signature,json=logRootSignature,proto3" json:"log_root_signature,omitempty"`
}

SignedLogRoot represents a commitment by a Log to a particular tree.

func (*SignedLogRoot) Descriptor ¶

func (*SignedLogRoot) Descriptor() ([]byte, []int)

func (*SignedLogRoot) GetKeyHint ¶ added in v1.1.0

func (m *SignedLogRoot) GetKeyHint() []byte

func (*SignedLogRoot) GetLogRoot ¶ added in v1.1.0

func (m *SignedLogRoot) GetLogRoot() []byte

func (*SignedLogRoot) GetLogRootSignature ¶ added in v1.1.0

func (m *SignedLogRoot) GetLogRootSignature() []byte

func (*SignedLogRoot) GetRootHash ¶

func (m *SignedLogRoot) GetRootHash() []byte

func (*SignedLogRoot) GetTimestampNanos ¶

func (m *SignedLogRoot) GetTimestampNanos() int64

func (*SignedLogRoot) GetTreeRevision ¶

func (m *SignedLogRoot) GetTreeRevision() int64

func (*SignedLogRoot) GetTreeSize ¶

func (m *SignedLogRoot) GetTreeSize() int64

func (*SignedLogRoot) ProtoMessage ¶

func (*SignedLogRoot) ProtoMessage()

func (*SignedLogRoot) Reset ¶

func (m *SignedLogRoot) Reset()

func (*SignedLogRoot) String ¶

func (m *SignedLogRoot) String() string

type SignedMapRoot ¶

type SignedMapRoot struct {
	// map_root holds the TLS-serialization of the following structure (described
	// in RFC5246 notation): Clients should validate signature with
	// VerifySignedMapRoot before deserializing map_root.
	// enum { v1(1), (65535)} Version;
	// struct {
	//   opaque root_hash<0..128>;
	//   uint64 timestamp_nanos;
	//   uint64 revision;
	//   opaque metadata<0..65535>;
	// } MapRootV1;
	// struct {
	//   Version version;
	//   select(version) {
	//     case v1: MapRootV1;
	//   }
	// } MapRoot;
	MapRoot []byte `protobuf:"bytes,9,opt,name=map_root,json=mapRoot,proto3" json:"map_root,omitempty"`
	// Signature is the raw signature over MapRoot.
	Signature []byte `protobuf:"bytes,4,opt,name=signature,proto3" json:"signature,omitempty"`
}

SignedMapRoot represents a commitment by a Map to a particular tree.

func (*SignedMapRoot) Descriptor ¶

func (*SignedMapRoot) Descriptor() ([]byte, []int)

func (*SignedMapRoot) GetMapRoot ¶ added in v1.1.0

func (m *SignedMapRoot) GetMapRoot() []byte

func (*SignedMapRoot) GetSignature ¶

func (m *SignedMapRoot) GetSignature() []byte

func (*SignedMapRoot) ProtoMessage ¶

func (*SignedMapRoot) ProtoMessage()

func (*SignedMapRoot) Reset ¶

func (m *SignedMapRoot) Reset()

func (*SignedMapRoot) String ¶

func (m *SignedMapRoot) String() string

type Tree ¶

type Tree struct {
	// ID of the tree.
	// Readonly.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
	// State of the tree.
	// Trees are ACTIVE after creation. At any point the tree may transition
	// between ACTIVE, DRAINING and FROZEN states.
	TreeState TreeState `protobuf:"varint,2,opt,name=tree_state,json=treeState,enum=trillian.TreeState" json:"tree_state,omitempty"`
	// Type of the tree.
	// Readonly after Tree creation. Exception: Can be switched from
	// PREORDERED_LOG to LOG if the Tree is and remains in the FROZEN state.
	TreeType TreeType `protobuf:"varint,3,opt,name=tree_type,json=treeType,enum=trillian.TreeType" json:"tree_type,omitempty"`
	// Hash strategy to be used by the tree.
	// Readonly.
	HashStrategy HashStrategy `protobuf:"varint,4,opt,name=hash_strategy,json=hashStrategy,enum=trillian.HashStrategy" json:"hash_strategy,omitempty"`
	// Hash algorithm to be used by the tree.
	// Readonly.
	HashAlgorithm sigpb.DigitallySigned_HashAlgorithm `` /* 135-byte string literal not displayed */
	// Signature algorithm to be used by the tree.
	// Readonly.
	SignatureAlgorithm sigpb.DigitallySigned_SignatureAlgorithm `` /* 155-byte string literal not displayed */
	// Display name of the tree.
	// Optional.
	DisplayName string `protobuf:"bytes,8,opt,name=display_name,json=displayName" json:"display_name,omitempty"`
	// Description of the tree,
	// Optional.
	Description string `protobuf:"bytes,9,opt,name=description" json:"description,omitempty"`
	// Identifies the private key used for signing tree heads and entry
	// timestamps.
	// This can be any type of message to accommodate different key management
	// systems, e.g. PEM files, HSMs, etc.
	// Private keys are write-only: they're never returned by RPCs.
	// The private_key message can be changed after a tree is created, but the
	// underlying key must remain the same - this is to enable migrating a key
	// from one provider to another.
	PrivateKey *google_protobuf2.Any `protobuf:"bytes,12,opt,name=private_key,json=privateKey" json:"private_key,omitempty"`
	// Storage-specific settings.
	// Varies according to the storage implementation backing Trillian.
	StorageSettings *google_protobuf2.Any `protobuf:"bytes,13,opt,name=storage_settings,json=storageSettings" json:"storage_settings,omitempty"`
	// The public key used for verifying tree heads and entry timestamps.
	// Readonly.
	PublicKey *keyspb.PublicKey `protobuf:"bytes,14,opt,name=public_key,json=publicKey" json:"public_key,omitempty"`
	// Interval after which a new signed root is produced even if there have been
	// no submission.  If zero, this behavior is disabled.
	MaxRootDuration *google_protobuf3.Duration `protobuf:"bytes,15,opt,name=max_root_duration,json=maxRootDuration" json:"max_root_duration,omitempty"`
	// Time of tree creation.
	// Readonly.
	CreateTime *google_protobuf1.Timestamp `protobuf:"bytes,16,opt,name=create_time,json=createTime" json:"create_time,omitempty"`
	// Time of last tree update.
	// Readonly (automatically assigned on updates).
	UpdateTime *google_protobuf1.Timestamp `protobuf:"bytes,17,opt,name=update_time,json=updateTime" json:"update_time,omitempty"`
	// If true, the tree has been deleted.
	// Deleted trees may be undeleted during a certain time window, after which
	// they're permanently deleted (and unrecoverable).
	// Readonly.
	Deleted bool `protobuf:"varint,19,opt,name=deleted" json:"deleted,omitempty"`
	// Time of tree deletion, if any.
	// Readonly.
	DeleteTime *google_protobuf1.Timestamp `protobuf:"bytes,20,opt,name=delete_time,json=deleteTime" json:"delete_time,omitempty"`
}

Represents a tree, which may be either a verifiable log or map. Readonly attributes are assigned at tree creation, after which they may not be modified.

Note: Many APIs within the rest of the code require these objects to be provided. For safety they should be obtained via Admin API calls and not created dynamically.

func (*Tree) Descriptor ¶

func (*Tree) Descriptor() ([]byte, []int)

func (*Tree) GetCreateTime ¶

func (m *Tree) GetCreateTime() *google_protobuf1.Timestamp

func (*Tree) GetDeleteTime ¶

func (m *Tree) GetDeleteTime() *google_protobuf1.Timestamp

func (*Tree) GetDeleted ¶

func (m *Tree) GetDeleted() bool

func (*Tree) GetDescription ¶

func (m *Tree) GetDescription() string

func (*Tree) GetDisplayName ¶

func (m *Tree) GetDisplayName() string

func (*Tree) GetHashAlgorithm ¶

func (m *Tree) GetHashAlgorithm() sigpb.DigitallySigned_HashAlgorithm

func (*Tree) GetHashStrategy ¶

func (m *Tree) GetHashStrategy() HashStrategy

func (*Tree) GetMaxRootDuration ¶

func (m *Tree) GetMaxRootDuration() *google_protobuf3.Duration

func (*Tree) GetPrivateKey ¶

func (m *Tree) GetPrivateKey() *google_protobuf2.Any

func (*Tree) GetPublicKey ¶

func (m *Tree) GetPublicKey() *keyspb.PublicKey

func (*Tree) GetSignatureAlgorithm ¶

func (m *Tree) GetSignatureAlgorithm() sigpb.DigitallySigned_SignatureAlgorithm

func (*Tree) GetStorageSettings ¶

func (m *Tree) GetStorageSettings() *google_protobuf2.Any

func (*Tree) GetTreeId ¶

func (m *Tree) GetTreeId() int64

func (*Tree) GetTreeState ¶

func (m *Tree) GetTreeState() TreeState

func (*Tree) GetTreeType ¶

func (m *Tree) GetTreeType() TreeType

func (*Tree) GetUpdateTime ¶

func (m *Tree) GetUpdateTime() *google_protobuf1.Timestamp

func (*Tree) ProtoMessage ¶

func (*Tree) ProtoMessage()

func (*Tree) Reset ¶

func (m *Tree) Reset()

func (*Tree) String ¶

func (m *Tree) String() string

type TreeState ¶

type TreeState int32

State of the tree.

const (
	// Tree state cannot be determined. Included to enable detection of
	// mismatched proto versions being used. Represents an invalid value.
	TreeState_UNKNOWN_TREE_STATE TreeState = 0
	// Active trees are able to respond to both read and write requests.
	TreeState_ACTIVE TreeState = 1
	// Frozen trees are only able to respond to read requests, writing to a frozen
	// tree is forbidden. Trees should not be frozen when there are entries
	// in the queue that have not yet been integrated. See the DRAINING
	// state for this case.
	TreeState_FROZEN TreeState = 2
	// Deprecated: now tracked in Tree.deleted.
	TreeState_DEPRECATED_SOFT_DELETED TreeState = 3
	// Deprecated: now tracked in Tree.deleted.
	TreeState_DEPRECATED_HARD_DELETED TreeState = 4
	// A tree that is draining will continue to integrate queued entries.
	// No new entries should be accepted.
	TreeState_DRAINING TreeState = 5
)

func (TreeState) EnumDescriptor ¶

func (TreeState) EnumDescriptor() ([]byte, []int)

func (TreeState) String ¶

func (x TreeState) String() string

type TreeType ¶

type TreeType int32

Type of the tree.

const (
	// Tree type cannot be determined. Included to enable detection of mismatched
	// proto versions being used. Represents an invalid value.
	TreeType_UNKNOWN_TREE_TYPE TreeType = 0
	// Tree represents a verifiable log.
	TreeType_LOG TreeType = 1
	// Tree represents a verifiable map.
	TreeType_MAP TreeType = 2
	// Tree represents a verifiable pre-ordered log, i.e., a log whose entries are
	// placed according to sequence numbers assigned outside of Trillian.
	TreeType_PREORDERED_LOG TreeType = 3
)

func (TreeType) EnumDescriptor ¶

func (TreeType) EnumDescriptor() ([]byte, []int)

func (TreeType) String ¶

func (x TreeType) String() string

type TrillianAdminClient ¶

type TrillianAdminClient interface {
	// Lists all trees the requester has access to.
	ListTrees(ctx context.Context, in *ListTreesRequest, opts ...grpc.CallOption) (*ListTreesResponse, error)
	// Retrieves a tree by ID.
	GetTree(ctx context.Context, in *GetTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Creates a new tree.
	// System-generated fields are not required and will be ignored if present,
	// e.g.: tree_id, create_time and update_time.
	// Returns the created tree, with all system-generated fields assigned.
	CreateTree(ctx context.Context, in *CreateTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Updates a tree.
	// See Tree for details. Readonly fields cannot be updated.
	UpdateTree(ctx context.Context, in *UpdateTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Soft-deletes a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	DeleteTree(ctx context.Context, in *DeleteTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Undeletes a soft-deleted a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	UndeleteTree(ctx context.Context, in *UndeleteTreeRequest, opts ...grpc.CallOption) (*Tree, error)
}

func NewTrillianAdminClient ¶

func NewTrillianAdminClient(cc *grpc.ClientConn) TrillianAdminClient

type TrillianAdminServer ¶

type TrillianAdminServer interface {
	// Lists all trees the requester has access to.
	ListTrees(context.Context, *ListTreesRequest) (*ListTreesResponse, error)
	// Retrieves a tree by ID.
	GetTree(context.Context, *GetTreeRequest) (*Tree, error)
	// Creates a new tree.
	// System-generated fields are not required and will be ignored if present,
	// e.g.: tree_id, create_time and update_time.
	// Returns the created tree, with all system-generated fields assigned.
	CreateTree(context.Context, *CreateTreeRequest) (*Tree, error)
	// Updates a tree.
	// See Tree for details. Readonly fields cannot be updated.
	UpdateTree(context.Context, *UpdateTreeRequest) (*Tree, error)
	// Soft-deletes a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	DeleteTree(context.Context, *DeleteTreeRequest) (*Tree, error)
	// Undeletes a soft-deleted a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	UndeleteTree(context.Context, *UndeleteTreeRequest) (*Tree, error)
}

type TrillianLogClient ¶

type TrillianLogClient interface {
	// Adds a single leaf to the queue.
	QueueLeaf(ctx context.Context, in *QueueLeafRequest, opts ...grpc.CallOption) (*QueueLeafResponse, error)
	// Adds a single leaf with an assigned sequence number.
	// Warning: This RPC is under development, don't use it.
	AddSequencedLeaf(ctx context.Context, in *AddSequencedLeafRequest, opts ...grpc.CallOption) (*AddSequencedLeafResponse, error)
	// Returns inclusion proof for a leaf with a given index in a given tree.
	GetInclusionProof(ctx context.Context, in *GetInclusionProofRequest, opts ...grpc.CallOption) (*GetInclusionProofResponse, error)
	// Returns inclusion proof for a leaf with a given identity hash in a given
	// tree.
	GetInclusionProofByHash(ctx context.Context, in *GetInclusionProofByHashRequest, opts ...grpc.CallOption) (*GetInclusionProofByHashResponse, error)
	// Returns consistency proof between two versions of a given tree.
	GetConsistencyProof(ctx context.Context, in *GetConsistencyProofRequest, opts ...grpc.CallOption) (*GetConsistencyProofResponse, error)
	// Returns the latest signed log root for a given tree. Corresponds to the
	// ReadOnlyLogTreeTX.LatestSignedLogRoot storage interface.
	GetLatestSignedLogRoot(ctx context.Context, in *GetLatestSignedLogRootRequest, opts ...grpc.CallOption) (*GetLatestSignedLogRootResponse, error)
	// Returns the total number of leaves that have been integrated into the
	// given tree. Corresponds to the ReadOnlyLogTreeTX.GetSequencedLeafCount
	// storage interface.
	// DO NOT USE - FOR DEBUGGING/TEST ONLY
	GetSequencedLeafCount(ctx context.Context, in *GetSequencedLeafCountRequest, opts ...grpc.CallOption) (*GetSequencedLeafCountResponse, error)
	// Returns log entry and the corresponding inclusion proof for a given leaf
	// index in a given tree. If the requested tree is unavailable but the leaf is in scope
	// for the current tree, return a proof in that tree instead.
	GetEntryAndProof(ctx context.Context, in *GetEntryAndProofRequest, opts ...grpc.CallOption) (*GetEntryAndProofResponse, error)
	InitLog(ctx context.Context, in *InitLogRequest, opts ...grpc.CallOption) (*InitLogResponse, error)
	// Adds a batch of leaves to the queue.
	QueueLeaves(ctx context.Context, in *QueueLeavesRequest, opts ...grpc.CallOption) (*QueueLeavesResponse, error)
	// Stores leaves from the provided batch and associates them with the log
	// positions according to the `LeafIndex` field. The indices must be
	// contiguous.
	//
	// Warning: This RPC is under development, don't use it.
	AddSequencedLeaves(ctx context.Context, in *AddSequencedLeavesRequest, opts ...grpc.CallOption) (*AddSequencedLeavesResponse, error)
	// Returns a batch of leaves located in the provided positions.
	GetLeavesByIndex(ctx context.Context, in *GetLeavesByIndexRequest, opts ...grpc.CallOption) (*GetLeavesByIndexResponse, error)
	// Returns a batch of leaves in a sequential range.
	GetLeavesByRange(ctx context.Context, in *GetLeavesByRangeRequest, opts ...grpc.CallOption) (*GetLeavesByRangeResponse, error)
	// Returns a batch of leaves by their `merkle_leaf_hash` values.
	GetLeavesByHash(ctx context.Context, in *GetLeavesByHashRequest, opts ...grpc.CallOption) (*GetLeavesByHashResponse, error)
}

func NewTrillianLogClient ¶

func NewTrillianLogClient(cc *grpc.ClientConn) TrillianLogClient

type TrillianLogServer ¶

type TrillianLogServer interface {
	// Adds a single leaf to the queue.
	QueueLeaf(context.Context, *QueueLeafRequest) (*QueueLeafResponse, error)
	// Adds a single leaf with an assigned sequence number.
	// Warning: This RPC is under development, don't use it.
	AddSequencedLeaf(context.Context, *AddSequencedLeafRequest) (*AddSequencedLeafResponse, error)
	// Returns inclusion proof for a leaf with a given index in a given tree.
	GetInclusionProof(context.Context, *GetInclusionProofRequest) (*GetInclusionProofResponse, error)
	// Returns inclusion proof for a leaf with a given identity hash in a given
	// tree.
	GetInclusionProofByHash(context.Context, *GetInclusionProofByHashRequest) (*GetInclusionProofByHashResponse, error)
	// Returns consistency proof between two versions of a given tree.
	GetConsistencyProof(context.Context, *GetConsistencyProofRequest) (*GetConsistencyProofResponse, error)
	// Returns the latest signed log root for a given tree. Corresponds to the
	// ReadOnlyLogTreeTX.LatestSignedLogRoot storage interface.
	GetLatestSignedLogRoot(context.Context, *GetLatestSignedLogRootRequest) (*GetLatestSignedLogRootResponse, error)
	// Returns the total number of leaves that have been integrated into the
	// given tree. Corresponds to the ReadOnlyLogTreeTX.GetSequencedLeafCount
	// storage interface.
	// DO NOT USE - FOR DEBUGGING/TEST ONLY
	GetSequencedLeafCount(context.Context, *GetSequencedLeafCountRequest) (*GetSequencedLeafCountResponse, error)
	// Returns log entry and the corresponding inclusion proof for a given leaf
	// index in a given tree. If the requested tree is unavailable but the leaf is in scope
	// for the current tree, return a proof in that tree instead.
	GetEntryAndProof(context.Context, *GetEntryAndProofRequest) (*GetEntryAndProofResponse, error)
	InitLog(context.Context, *InitLogRequest) (*InitLogResponse, error)
	// Adds a batch of leaves to the queue.
	QueueLeaves(context.Context, *QueueLeavesRequest) (*QueueLeavesResponse, error)
	// Stores leaves from the provided batch and associates them with the log
	// positions according to the `LeafIndex` field. The indices must be
	// contiguous.
	//
	// Warning: This RPC is under development, don't use it.
	AddSequencedLeaves(context.Context, *AddSequencedLeavesRequest) (*AddSequencedLeavesResponse, error)
	// Returns a batch of leaves located in the provided positions.
	GetLeavesByIndex(context.Context, *GetLeavesByIndexRequest) (*GetLeavesByIndexResponse, error)
	// Returns a batch of leaves in a sequential range.
	GetLeavesByRange(context.Context, *GetLeavesByRangeRequest) (*GetLeavesByRangeResponse, error)
	// Returns a batch of leaves by their `merkle_leaf_hash` values.
	GetLeavesByHash(context.Context, *GetLeavesByHashRequest) (*GetLeavesByHashResponse, error)
}

type TrillianMapClient ¶

type TrillianMapClient interface {
	// GetLeaves returns an inclusion proof for each index requested.
	// For indexes that do not exist, the inclusion proof will use nil for the empty leaf value.
	GetLeaves(ctx context.Context, in *GetMapLeavesRequest, opts ...grpc.CallOption) (*GetMapLeavesResponse, error)
	GetLeavesByRevision(ctx context.Context, in *GetMapLeavesByRevisionRequest, opts ...grpc.CallOption) (*GetMapLeavesResponse, error)
	// SetLeaves sets the values for the provided leaves, and returns the new map root if successful.
	// Note that if a SetLeaves request fails for a server-side reason (i.e. not an invalid request),
	// the API user is required to retry the request before performing a different SetLeaves request.
	SetLeaves(ctx context.Context, in *SetMapLeavesRequest, opts ...grpc.CallOption) (*SetMapLeavesResponse, error)
	GetSignedMapRoot(ctx context.Context, in *GetSignedMapRootRequest, opts ...grpc.CallOption) (*GetSignedMapRootResponse, error)
	GetSignedMapRootByRevision(ctx context.Context, in *GetSignedMapRootByRevisionRequest, opts ...grpc.CallOption) (*GetSignedMapRootResponse, error)
	InitMap(ctx context.Context, in *InitMapRequest, opts ...grpc.CallOption) (*InitMapResponse, error)
}

func NewTrillianMapClient ¶

func NewTrillianMapClient(cc *grpc.ClientConn) TrillianMapClient

type TrillianMapServer ¶

type TrillianMapServer interface {
	// GetLeaves returns an inclusion proof for each index requested.
	// For indexes that do not exist, the inclusion proof will use nil for the empty leaf value.
	GetLeaves(context.Context, *GetMapLeavesRequest) (*GetMapLeavesResponse, error)
	GetLeavesByRevision(context.Context, *GetMapLeavesByRevisionRequest) (*GetMapLeavesResponse, error)
	// SetLeaves sets the values for the provided leaves, and returns the new map root if successful.
	// Note that if a SetLeaves request fails for a server-side reason (i.e. not an invalid request),
	// the API user is required to retry the request before performing a different SetLeaves request.
	SetLeaves(context.Context, *SetMapLeavesRequest) (*SetMapLeavesResponse, error)
	GetSignedMapRoot(context.Context, *GetSignedMapRootRequest) (*GetSignedMapRootResponse, error)
	GetSignedMapRootByRevision(context.Context, *GetSignedMapRootByRevisionRequest) (*GetSignedMapRootResponse, error)
	InitMap(context.Context, *InitMapRequest) (*InitMapResponse, error)
}

type UndeleteTreeRequest ¶ added in v1.0.2

type UndeleteTreeRequest struct {
	// ID of the tree to undelete.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

UndeleteTree request.

func (*UndeleteTreeRequest) Descriptor ¶ added in v1.0.2

func (*UndeleteTreeRequest) Descriptor() ([]byte, []int)

func (*UndeleteTreeRequest) GetTreeId ¶ added in v1.0.2

func (m *UndeleteTreeRequest) GetTreeId() int64

func (*UndeleteTreeRequest) ProtoMessage ¶ added in v1.0.2

func (*UndeleteTreeRequest) ProtoMessage()

func (*UndeleteTreeRequest) Reset ¶ added in v1.0.2

func (m *UndeleteTreeRequest) Reset()

func (*UndeleteTreeRequest) String ¶ added in v1.0.2

func (m *UndeleteTreeRequest) String() string

type UpdateTreeRequest ¶

type UpdateTreeRequest struct {
	// Tree to be updated.
	Tree *Tree `protobuf:"bytes,1,opt,name=tree" json:"tree,omitempty"`
	// Fields modified by the update request.
	// For example: "tree_state", "display_name", "description".
	UpdateMask *google_protobuf4.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask" json:"update_mask,omitempty"`
}

UpdateTree request.

func (*UpdateTreeRequest) Descriptor ¶

func (*UpdateTreeRequest) Descriptor() ([]byte, []int)

func (*UpdateTreeRequest) GetTree ¶

func (m *UpdateTreeRequest) GetTree() *Tree

func (*UpdateTreeRequest) GetUpdateMask ¶

func (m *UpdateTreeRequest) GetUpdateMask() *google_protobuf4.FieldMask

func (*UpdateTreeRequest) ProtoMessage ¶

func (*UpdateTreeRequest) ProtoMessage()

func (*UpdateTreeRequest) Reset ¶

func (m *UpdateTreeRequest) Reset()

func (*UpdateTreeRequest) String ¶

func (m *UpdateTreeRequest) String() string

Directories ¶

Path Synopsis
Package client verifies responses from the Trillian log.
Package client verifies responses from the Trillian log.
backoff
Package backoff allows retrying an operation with backoff.
Package backoff allows retrying an operation with backoff.
cmd
createtree
Package main contains the implementation and entry point for the createtree command.
Package main contains the implementation and entry point for the createtree command.
deletetree
Package main contains the implementation and entry point for the deletetree command.
Package main contains the implementation and entry point for the deletetree command.
updatetree
Package main contains the implementation and entry point for the updatetree command.
Package main contains the implementation and entry point for the updatetree command.
Package crypto provides signing functionality for Trillian.
Package crypto provides signing functionality for Trillian.
keys
Package keys provides access to public and private keys for signing and verification of signatures.
Package keys provides access to public and private keys for signing and verification of signatures.
keys/der/proto
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
keys/pem/proto
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
keys/pkcs11
Package pkcs11 provides access to private keys using a PKCS#11 interface.
Package pkcs11 provides access to private keys using a PKCS#11 interface.
keys/pkcs11/proto
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
keys/testonly
Package testonly contains code and data that should only be used by tests.
Package testonly contains code and data that should only be used by tests.
docs
storage/commit_log
The commit_log binary runs a simulation of the design for a commit-log based signer, with a simulated Kafka-like interface and a simulated master election package (which can be triggered to incorrectly report multiple masters), and with the core algorithm in the signer code.
The commit_log binary runs a simulation of the design for a commit-log based signer, with a simulated Kafka-like interface and a simulated master election package (which can be triggered to incorrectly report multiple masters), and with the core algorithm in the signer code.
storage/commit_log/signer
Package signer is a sample implementation of a commit-log based signer.
Package signer is a sample implementation of a commit-log based signer.
storage/commit_log/simelection
Package simelection simulates a master election.
Package simelection simulates a master election.
storage/commit_log/simkafka
Package simkafka is a toy simulation of a Kafka commit log.
Package simkafka is a toy simulation of a Kafka commit log.
examples
ct/ctmapper
Package ctmapper maps from a verifiable log to verifiable map.
Package ctmapper maps from a verifiable log to verifiable map.
ct/ctmapper/ctmapperpb
Package ctmapperpb is a generated protocol buffer package.
Package ctmapperpb is a generated protocol buffer package.
ct/ctmapper/lookup
The lookup binary looks up a specific ID in a map.
The lookup binary looks up a specific ID in a map.
ct/ctmapper/mapper
The mapper binary performs log->map mapping.
The mapper binary performs log->map mapping.
vmap/trillian_map_client
The trillian_map_client binary performs a trivial map operation.
The trillian_map_client binary performs a trivial map operation.
Package extension provides an extension mechanism for Trillian code to access fork-specific functionality.
Package extension provides an extension mechanism for Trillian code to access fork-specific functionality.
Package integration contains some integration tests which are intended to serve as a way of checking that various top-level binaries work as intended, as well as providing a simple example of how to run and use the various servers.
Package integration contains some integration tests which are intended to serve as a way of checking that various top-level binaries work as intended, as well as providing a simple example of how to run and use the various servers.
admin
Package admin contains integration tests for the Admin server.
Package admin contains integration tests for the Admin server.
quota
Package quota contains quota-related integration tests.
Package quota contains quota-related integration tests.
Package log includes code that is specific to Trillian's log mode, particularly code for running sequencing operations.
Package log includes code that is specific to Trillian's log mode, particularly code for running sequencing operations.
Package merkle provides Merkle tree manipulation functions.
Package merkle provides Merkle tree manipulation functions.
coniks
Package coniks provides hashing for maps.
Package coniks provides hashing for maps.
maphasher
Package maphasher provides hashing for maps.
Package maphasher provides hashing for maps.
objhasher
Package objhasher provides generic object hashing functionality.
Package objhasher provides generic object hashing functionality.
rfc6962
Package rfc6962 provides hashing functionality according to RFC6962.
Package rfc6962 provides hashing functionality according to RFC6962.
Package monitoring provides monitoring functionality.
Package monitoring provides monitoring functionality.
prometheus
Package prometheus provides a Prometheus-based implementation of the MetricFactory abstraction.
Package prometheus provides a Prometheus-based implementation of the MetricFactory abstraction.
prometheus/etcdiscover
The etcdiscover binary monitors etcd to track the set of instances that support a gRPC service, and updates a file so that Prometheus can track those instances.
The etcdiscover binary monitors etcd to track the set of instances that support a gRPC service, and updates a file so that Prometheus can track those instances.
Package quota defines Trillian's Quota Management service.
Package quota defines Trillian's Quota Management service.
cacheqm
Package cacheqm contains a caching quota.Manager implementation.
Package cacheqm contains a caching quota.Manager implementation.
etcd/etcdqm
Package etcdqm contains an etcd-based quota.Manager implementation.
Package etcdqm contains an etcd-based quota.Manager implementation.
etcd/quotaapi
Package quotaapi provides a Quota admin server implementation.
Package quotaapi provides a Quota admin server implementation.
etcd/quotapb
Package quotapb contains definitions for quota API protos and RPC service.
Package quotapb contains definitions for quota API protos and RPC service.
etcd/storage
Package storage contains storage classes for etcd-based quotas.
Package storage contains storage classes for etcd-based quotas.
etcd/storagepb
Package storagepb is a generated protocol buffer package.
Package storagepb is a generated protocol buffer package.
mysqlqm
Package mysqlqm defines a MySQL-based quota.Manager implementation.
Package mysqlqm defines a MySQL-based quota.Manager implementation.
Package server holds code for core Trillian servers.
Package server holds code for core Trillian servers.
admin
Package admin contains the TrillianAdminServer implementation.
Package admin contains the TrillianAdminServer implementation.
errors
Package errors contains utilities to translate TrillianErrors to gRPC errors.
Package errors contains utilities to translate TrillianErrors to gRPC errors.
interceptor
Package interceptor defines gRPC interceptors for Trillian.
Package interceptor defines gRPC interceptors for Trillian.
trillian_log_server
The trillian_log_server binary runs the Trillian log server, and also provides an admin server.
The trillian_log_server binary runs the Trillian log server, and also provides an admin server.
trillian_log_signer
The trillian_log_signer binary runs the log signing code.
The trillian_log_signer binary runs the log signing code.
Package storage provides general interfaces to Trillian storage layers.
Package storage provides general interfaces to Trillian storage layers.
cache
Package cache provides subtree caching functionality.
Package cache provides subtree caching functionality.
cloudspanner/spannerpb
Package spannerpb is a generated protocol buffer package.
Package spannerpb is a generated protocol buffer package.
memory
Package memory provides a simple in-process implementation of the tree- and log-storage interfaces.
Package memory provides a simple in-process implementation of the tree- and log-storage interfaces.
mysql
Package mysql provides a MySQL-based storage layer implementation.
Package mysql provides a MySQL-based storage layer implementation.
storagepb
Package storagepb is a generated protocol buffer package.
Package storagepb is a generated protocol buffer package.
testdb
Package testdb creates new databases for tests.
Package testdb creates new databases for tests.
testonly
Package testonly holds test-specific code for Trillian storage layers.
Package testonly holds test-specific code for Trillian storage layers.
tools/dump_tree
The dump_tree program uses the in memory storage implementation to create a sequenced log tree of a particular size using known leaf data and then dumps out the resulting SubTree protos for examination and debugging.
The dump_tree program uses the in memory storage implementation to create a sequenced log tree of a particular size using known leaf data and then dumps out the resulting SubTree protos for examination and debugging.
tools/hasher
The hasher program provides a simple CLI for producing Merkle tree hashes.
The hasher program provides a simple CLI for producing Merkle tree hashes.
tools/log_client
The log_client binary retrieves leaves from a log.
The log_client binary retrieves leaves from a log.
Package testonly contains code and data that should only be used by tests.
Package testonly contains code and data that should only be used by tests.
hammer/maphammer
maphammer is a stress/load test for a Trillian Map.
maphammer is a stress/load test for a Trillian Map.
hammer/mapreplay
mapreplay replays a log of Trillian Map requests.
mapreplay replays a log of Trillian Map requests.
integration
Package integration provides test-only code for performing integrated tests of Trillian functionality.
Package integration provides test-only code for performing integrated tests of Trillian functionality.
matchers
Package matchers contains additional gomock matchers.
Package matchers contains additional gomock matchers.
tmock
Package tmock is a generated GoMock package.
Package tmock is a generated GoMock package.
Package trees contains utility method for retrieving trees and acquiring objects (hashers, signers) associated with them.
Package trees contains utility method for retrieving trees and acquiring objects (hashers, signers) associated with them.
Package types defines serialization and parsing functions for SignedLogRoot and SignedMapRoot fields.
Package types defines serialization and parsing functions for SignedLogRoot and SignedMapRoot fields.
Package util holds various utility functions used throughout the Trillian codebase.
Package util holds various utility functions used throughout the Trillian codebase.
election
Package election provides implementation of master election and tracking, as well as interface for plugging in a custom underlying mechanism.
Package election provides implementation of master election and tracking, as well as interface for plugging in a custom underlying mechanism.
election/stub
Package stub contains a MasterElection implementation for testing.
Package stub contains a MasterElection implementation for testing.
etcd
Package etcd holds an etcd-specific implementation of the util.MasterElection interface.
Package etcd holds an etcd-specific implementation of the util.MasterElection interface.
flagsaver
Package flagsaver provides a simple way to save and restore flag values.
Package flagsaver provides a simple way to save and restore flag values.
proxy
Package proxy forwards Trillian Log Server requests to another server.
Package proxy forwards Trillian Log Server requests to another server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL