dt

package module

v0.0.0-...-a6a622b Latest Latest Go to latest Published: Jun 30, 2023 License: MIT Imports: 18 Imported by: 0

Documentation ¶

Index ¶

Constants
func StartWorker(ctx context.Context, dm *DomainMap, config WorkerConfig) (chan<- WorkerTransaction, <-chan struct{})
type DomainMap
- func NewDomainMap(signer crypto.Signer) *DomainMap
type DomainProof
type DomainTree
- func NewDomainTree(domain string) (*DomainTree, error)
type DomainTreeEntry
type DomainTreeRoot
type LogRevision
type MapHead
type SignedMapHead
type SourceTree
- func NewSourceTree() *SourceTree
type WorkerConfig
type WorkerTransaction

Constants ¶

const Version = 1

Version is the Domain Transparency version

Variables ¶

This section is empty.

Functions ¶

func StartWorker ¶

func StartWorker(ctx context.Context, dm *DomainMap, config WorkerConfig) (chan<- WorkerTransaction, <-chan struct{})

StartWorker starts a new worker for this domain tree. There may only be one running worker per domain tree at any time and there should be no manual modifications while a worker is running. To ensure that a worker has exited after cancelling the context, wait for the <-chan struct{} to be closed.

Types ¶

type DomainMap ¶

type DomainMap struct {
	// contains filtered or unexported fields
}

A DomainMap maps domains to CT certificates.

func NewDomainMap ¶

func NewDomainMap(signer crypto.Signer) *DomainMap

NewDomainMap creates a new DomainMap. The domain map starts with unsigned an empty SMH.

func (*DomainMap) AddDomainTree ¶

func (dm *DomainMap) AddDomainTree(tree *DomainTree) error

AddDomainTree adds a new domain tree to this domain map. This means only that the tree can be found through dm.GetDomainTree(). In order to get this domain tree included in the sparse merkle tree, call dm.UpdateDomainTreeRoot().

func (*DomainMap) CheckAndPublishSMH ¶

func (dm *DomainMap) CheckAndPublishSMH(root []byte, mapSize uint64, sourceRevisions []LogRevision) error

CheckAndPublishSMH checks the specified rootand publishes a new SMH.

func (*DomainMap) EntryToDomainTreeIndex ¶

func (dm *DomainMap) EntryToDomainTreeIndex(entry DomainTreeEntry, domain string) (uint64, error)

EntryToDomainTreeIndex returns the index of a DomainTreeEntry in the domain tree for the specified domain (after domain name normalization).

Returns an error if the domain tree does not exist or if the specified certificate could not be found in the domain tree. has no such certificate.

func (*DomainMap) GetDomainTree ¶

func (dm *DomainMap) GetDomainTree(domain string) (*DomainTree, error)

GetDomainTree returns the domain tree associated with the specified domain, after domain name normalization.

func (*DomainMap) GetDomainTreeRoot ¶

func (dm *DomainMap) GetDomainTreeRoot(root []byte, domain string) (*DomainTreeRoot, error)

GetDomainTreeRoot returns the STH for the specified domain tree at the specified map head, after domain name normalization.

func (*DomainMap) GetLatestSMH ¶

func (dm *DomainMap) GetLatestSMH() *SignedMapHead

GetLatestSMH returns the latest SMH, or nil if the tree is empty.

func (*DomainMap) GetProofForDomain ¶

func (dm *DomainMap) GetProofForDomain(root []byte, domain string) (DomainProof, error)

GetProofForDomain returns a (non-)containment proof for the specified domain.

func (*DomainMap) GetSMH ¶

func (dm *DomainMap) GetSMH(treeSize uint64) *SignedMapHead

GetSMH returns the specified SMH, or nil if the specified SMH does not exist.

func (*DomainMap) GetSourceTree ¶

func (dm *DomainMap) GetSourceTree() *SourceTree

GetSourceTree returns this map's SourceTree

func (*DomainMap) HasDomain ¶

func (dm *DomainMap) HasDomain(root []byte, domain string) (bool, error)

HasDomain checks if this map has the specified key.

func (*DomainMap) PublicKey ¶

func (dm *DomainMap) PublicKey() crypto.PublicKey

PublicKey returns this map's public key.

func (*DomainMap) UpdateDomainTreeRoot ¶

func (dm *DomainMap) UpdateDomainTreeRoot(root []byte, domain string, treeSize uint64) ([]byte, error)

UpdateDomainTreeRoot updates the DomainTreeRoot for the specified domain and returns the new map root.

type DomainProof ¶

type DomainProof struct {
	Proof    [][]byte
	LeafHash []byte
}

A DomainProof proves the (non-)containment of a node.

type DomainTree ¶

type DomainTree struct {
	DomainName string
	// contains filtered or unexported fields
}

A DomainTree stores certificates for a given domain, similarly to a CT log.

func NewDomainTree ¶

func NewDomainTree(domain string) (*DomainTree, error)

NewDomainTree creates a new domain tree

func (*DomainTree) AddEntry ¶

func (dtree *DomainTree) AddEntry(entry DomainTreeEntry) uint64

AddEntry adds an entry to the tree and returns its current leaf count.

func (*DomainTree) EntryToDomainTreeIndex ¶

func (dtree *DomainTree) EntryToDomainTreeIndex(entry DomainTreeEntry) (uint64, error)

EntryToDomainTreeIndex returns the index of a DomainTreeEntry in this domain tree.

Returns an error if the specified entry could not be found in this domain tree.

func (DomainTree) GetAuditProof ¶

func (t DomainTree) GetAuditProof(treeSize, leafIndex uint64) ([][]byte, error)

GetAuditProof returns a proof of containment for the specified index, for the given tree size.

func (DomainTree) GetConsistencyProof ¶

func (t DomainTree) GetConsistencyProof(firstSize, secondSize uint64) [][]byte

GetConsistencyProof returns a consistency proof between two trees identified by their sizes.

func (*DomainTree) GetEntries ¶

func (dtree *DomainTree) GetEntries(start, end uint64) ([]DomainTreeEntry, error)

GetEntries returns the entries in the specified interval, inclusive.

func (*DomainTree) GetEntryAndProof ¶

func (dtree *DomainTree) GetEntryAndProof(treeSize, leafIndex uint64) (DomainTreeEntry, [][]byte, error)

GetEntryAndProof returns the specified entry and its proof.

func (*DomainTree) GetRoot ¶

func (dtree *DomainTree) GetRoot(treeSize uint64) (*DomainTreeRoot, error)

GetRoot retrieves the DomainTreeRoot with the specified size.

type DomainTreeEntry ¶

type DomainTreeEntry struct {
	LogIndex         uint64
	CertificateIndex uint64
}

A DomainTreeEntry points to a certificate in a CT log. The LogIndex refers to the index of the CT log in the domain map's source tree.

type DomainTreeRoot ¶

type DomainTreeRoot struct {
	DomainTreeSize     uint64
	DomainTreeRootHash ct.SHA256Hash
}

A DomainTreeRoot stores information about a domain tree.

type LogRevision ¶

type LogRevision struct {
	TreeSize uint64        `json:"tree_size"`
	RootHash ct.SHA256Hash `json:"root_hash"`
}

LogRevision is used in MapHead to identify a source log revision

type MapHead ¶

type MapHead struct {
	Version   ct.Version `json:"-" tls:"maxval:255"`
	Timestamp uint64     `json:"timestamp"`
	MapSize   uint64     `json:"map_size"`

	MapRootHash        ct.SHA256Hash `json:"map_root_hash"`
	SourceTreeRootHash ct.SHA256Hash `json:"source_tree_root_hash"`

	SourceLogRevisions []LogRevision `json:"source_log_revisions" tls:"minlen:40,maxlen:16777215"` // 40 = size(LogRevision), 16777215=2^24-1 (419k elements)
}

MapHead is the structure which is signed to produce the SignedMapHead.

type SignedMapHead ¶

type SignedMapHead struct {
	MapHead
	MapHeadSignature []byte `json:"map_head_signature"`
}

An SignedMapHead (SMH) certifies the root of a domain map.

type SourceTree ¶

type SourceTree struct {
	// contains filtered or unexported fields
}

A SourceTree lists the source logs tracked by a DomainMap.

func NewSourceTree ¶

func NewSourceTree() *SourceTree

NewSourceTree creates a new source tree

func (*SourceTree) AddEntry ¶

func (st *SourceTree) AddEntry(entry logid.LogID) uint64

AddEntry adds an entry to the tree and returns its current leaf count.

func (SourceTree) GetAuditProof ¶

func (t SourceTree) GetAuditProof(treeSize, leafIndex uint64) ([][]byte, error)

GetAuditProof returns a proof of containment for the specified index, for the given tree size.

func (SourceTree) GetConsistencyProof ¶

func (t SourceTree) GetConsistencyProof(firstSize, secondSize uint64) [][]byte

GetConsistencyProof returns a consistency proof between two trees identified by their sizes.

func (*SourceTree) GetEntries ¶

func (st *SourceTree) GetEntries(start, end uint64) ([]logid.LogID, error)

GetEntries returns the entries in the specified interval, inclusive.

func (*SourceTree) GetEntryAndProof ¶

func (st *SourceTree) GetEntryAndProof(treeSize, leafIndex uint64) (logid.LogID, [][]byte, error)

GetEntryAndProof returns the specified entry and its proof.

func (SourceTree) GetRoot ¶

func (t SourceTree) GetRoot(treeSize uint64) ([]byte, error)

GetRoot returns the tree root at the specified size

type WorkerConfig ¶

type WorkerConfig struct {
	BufferSize   int
	UpdatePeriod time.Duration
	MMD          time.Duration // This value should be slightly less than the actual MMD
}

type WorkerTransaction ¶

type WorkerTransaction struct {
	LogIndex               uint64
	LogID                  logid.LogID
	LogRevision            LogRevision
	NewCertificatesIndices map[string][]uint64
}

A WorkerTransaction specified the actions to be taken by the worker.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
run-server
track-domain
mapclient
mapstore
server
util

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL