trillian

package module
v1.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2017 License: Apache-2.0 Imports: 19 Imported by: 0

README ¶

Trillian: General Transparency

Build Status Go Report Card GoDoc

Overview

Trillian is an implementation of the concepts described in the Verifiable Data Structures white paper, which in turn is an extension and generalisation of the ideas which underpin Certificate Transparency.

Trillian implements a Merkle tree whose contents are served from a data storage layer, to allow scalability to extremely large trees. On top of this Merkle tree, Trillian provides two modes:

  • An append-only Log mode, analogous to the original Certificate Transparency logs. In this mode, the Merkle tree is effectively filled up from the left, giving a dense Merkle tree.
  • A Map mode that allows transparent storage of arbitrary key:value pairs. In this mode, the key's hash is used to designate a particular leaf of a deep Merkle tree, giving a sparse Merkle tree. (A Trillian Map is an unordered map; it does not allow enumeration of the Map's keys.)

Note that Trillian requires particular applications to provide their own personalities on top of the core transparent data store functionality; example code for a certificate transparency log and for a log-derived map are included to help with this.

Using the Code

WARNING: The Trillian codebase is still under development, and is not yet suitable for production use. Everything here is subject to change without notice – including APIs, database schemas, and code layout.

To build and test Trillian you need:

  • Go 1.9 or later.

To run integration tests (and production deployment) you need:

Use the standard Go tools to install other dependencies.

go get github.com/google/trillian
cd $GOPATH/src/github.com/google/trillian
go get -t -u -v ./...

To build and run tests, use:

go test ./...

The repository also includes multi-process integration tests, described in the Integration Tests section below.

MySQL Setup

To run Trillian's integration tests you need to have an instance of MySQL running and configured to:

  • listen on the standard MySQL port 3306 (so mysql --host=127.0.0.1 --port=3306 connects OK)
  • not require a password for the root user

You can then set up the expected tables in a test database like so:

./scripts/resetdb.sh
Warning: about to destroy and reset database 'test'
Are you sure? y
> Resetting DB...
> Reset Complete
Integration Tests

Trillian includes an integration test suite to confirm basic end-to-end functionality, which can be run with:

./integration/integration_test.sh

This runs several multi-process tests:

  • A test that starts a Trillian server in Map mode, sets various key:value pairs and checks they can be retrieved.
  • A test that starts a Trillian server in Log mode, together with a signer, logs many leaves, and checks they are integrated correctly.
  • A test that starts a set of Trillian servers in Log mode, plus a signer and a set of Certificate Transparency personality servers, then runs tests that exercise all of the RFC6962 entrypoints.

Working on the Code

Developers who want to make changes to the Trillian codebase need some additional dependencies and tools, described in the following sections. The Travis configuration for the codebase is also useful reference for the required tools and scripts, as it may be more up-to-date than this document.

Rebuilding Generated Code

Some of the Trillian Go code is autogenerated from other files:

  • gRPC message structures are originally provided as protocol buffer message definitions.
  • Some unit tests use mock implementations of interfaces; these are created from the real implementations by GoMock.
  • Some enums have string-conversion methods (satisfying the fmt.Stringer interface) created using the stringer tool (go get golang.org/x/tools/cmd/stringer).

Re-generating mock or protobuffer files is only needed if you're changing the original files; if you do, you'll need to install the prerequisites:

and run the following:

go generate -x ./...  # hunts for //go:generate comments and runs them
Updating Vendor Code

The Trillian codebase includes a couple of external projects under the vendor/ subdirectory, to ensure that builds use a fixed version (typically because the upstream repository does not guarantee back-compatibility between the tip master branch and the current stable release). These external codebases are included as Git subtrees.

To update the code in one of these subtrees, perform steps like:

# Add master repo for upstream code as a Git remote.
git remote add vendor-xyzzy https://github.com/orgname/xyzzy
# Pull the updated code for the desired version tag from the remote, dropping history.
# Trailing / in prefix is needed.
git subtree pull --squash --prefix=vendor/github.com/orgname/xyzzy/ vendor-xyzzy vX.Y.Z

If new vendor/ subtree is required, perform steps similar to:

# Add master repo for upstream code as a Git remote.
git remote add vendor-xyzzy https://github.com/orgname/xyzzy
# Pull the desired version of the code in, dropping history.
# Trailing / in --prefix is needed.
git subtree add --squash --prefix=vendor/github.com/orgname/xyzzy/ vendor-xyzzy vX.Y.Z
Running Codebase Checks

The scripts/presubmit.sh script runs various tools and tests over the codebase.

# Install gometalinter and all linters
go get -u github.com/alecthomas/gometalinter
gometalinter --install

# Run code generation, build, test and linters
./scripts/presubmit.sh

# Or just run the linters alone:
gometalinter --config=gometalinter.json ./...

Design

Design Overview

Trillian is primarily implemented as a gRPC service; this service receives get/set requests over gRPC and retrieves the corresponding Merkle tree data from a separate storage layer (currently using MySQL), ensuring that the cryptographic properties of the tree are preserved along the way.

The Trillian service is multi-tenanted – a single Trillian installation can support multiple Merkle trees in parallel, distinguished by their TreeId – and operates in one of two modes:

  • Log mode: an append-only collection of items.
  • Map mode: a collection of key:value pairs.

In either case, Trillian's key transparency property is that cryptographic proofs of inclusion/consistency are available for data items added to the service.

Personalities

The Trillian service expects to be paired with additional code that is specific to the particular application of the transparent store; this is known as a personality.

The primary purpose of a personality is to implement admission criteria for the store, so that only particular types of data are added to the store. For example, a certificate transparency log only accepts data items that are valid certificates; a "CT Log" personality would police this, so that the Trillian service can process all incoming data blindly.

A personality may also perform canonicalization on incoming data, to convert equivalent formulations of the same underlying data to a single canonical format, avoiding needless duplication. (For example, keys in JSON dictionaries could be sorted, or Unicode string data could be normalised.)

The per-application personality is also responsible for providing an externally-visible interface, typically over HTTP[S].

Note that a personality may need to implement its own data store, separate from Trillian. In particular, if the personality does not completely trust Trillian, it needs to store the various things that Trillian signs in order to be able to detect problems (and so the personality effectively also acts as a monitor for Trillian).

Map Mode

Trillian in Map mode can be thought of as providing a key:value store, together with cryptographic transparency guarantees for that data.

When running in Map mode, Trillian provides a straightforward gRPC API with the following available operations:

  • GetSignedMapRoot returns information about the current root of the Merkle tree representing the Map, including a revision (see below), hash value, timestamp and signature.
  • GetLeaves returns leaf information for a specified set of key values, optionally as of a particular revision. The returned leaf information also includes inclusion proof data.
  • SetLeaves requests inclusion of specified key:value pairs into the Map; these will appear as the next revision of the Map.

(Documentation may be out-of-date; please check the protocol buffer message definitions for the definitive current map API.)

Each SetLeaves request includes a batch of updates to the Map; once all of these updates have been applied, the Map has a new revision, with a new tree head for that revision. To allow historical queries, the API allows queries of the Map as of a particular revision.

TODO: add description of per-personality Mappers

TODO: add description of distribution: how many instances run, how distributed, how synchronized (master election), mention use of transactions as a fallback (in case of errors in master election).

Map components

Log Mode

When running in Log mode, Trillian provides a gRPC API whose operations are similar to those available for Certificate Transparency logs (cf. RFC 6962). These include:

  • GetLatestSignedLogRoot returns information about the current root of the Merkle tree for the log, including the tree size, hash value, timestamp and signature.
  • GetLeavesByHash and GetLeavesByIndex return leaf information for particular leaves, specified either by their hash value or index in the log.
  • QueueLeaves requests inclusion of specified items into the log.
  • GetInclusionProof, GetInclusionProofByHash and GetConsistencyProof return inclusion and consistency proof data.

In Log mode, Trillian includes an additional Signer component; this component periodically processes pending queued items and adds them to the Merkle tree, creating a new signed tree head as a result.

Log components

TODO: add description of distribution: how many instances run, how distributed etc.

Logged Map

As it currently stands, it is not possible to reliably monitor or audit a Trillian Map instance; key:value pairs can be modified and subsequently reset without anyone noticing.

A future plan to deal with this is to create a Logged Map, which combines a Trillian Map with a Trillian Log so that all published revisions of the Map have their signed tree head data appended to the corresponding Map.

Use Cases

Certificate Transparency Log

The most obvious application for Trillian in Log mode is to provide a certificate transparency (RFC 6962) Log. To do this, the CT Log personality needs to include all of the certificate-specific processing – in particular, checking that an item that has been suggested for inclusion is indeed a valid certificate that chains to an accepted root.

Verifiable Log-Derived Map

One useful application for Trillian in Map mode is to provide a verifiable log-derived map (VLDM), as described in the Verifiable Data Structures white paper (which uses the term 'log-backed map'). To do this, a VLDM personality would monitor the additions of entries to a Log, potentially external, and would write some kind of corresponding key:value data to a Trillian Map.

Clients of the VLDM are then able to verify that the entries in the Map they are shown are also seen by anyone auditing the Log for correct operation, which in turn allows the client to trust the key/value pairs returned by the Map.

A concrete example of this might be a VLDM that monitors a certificate transparency Log and builds a corresponding Map from domain names to the set of certificates associated with that domain.

The following table summarizes properties of data structures laid in the Verifiable Data Structures white paper. “Efficiently” means that a client can and should perform this validation themselves. “Full audit” means that to validate correctly, a client would need to download the entire dataset, and is something that in practice we expect a small number of dedicated auditors to perform, rather than being done by each client.

Verifiable Log Verifiable Map Verifiable Log-Derived Map
Prove inclusion of value Yes, efficiently Yes, efficiently Yes, efficiently
Prove non-inclusion of value Impractical Yes, efficiently Yes, efficiently
Retrieve provable value for key Impractical Yes, efficiently Yes, efficiently
Retrieve provable current value for key Impractical No Yes, efficiently
Prove append-only Yes, efficiently No Yes, efficiently [1].
Enumerate all entries Yes, by full audit Yes, by full audit Yes, by full audit
Prove correct operation Yes, efficiently No Yes, by full audit
Enable detection of split-view Yes, efficiently Yes, efficiently Yes, efficiently
  • [1] -- although full audit is required to verify complete correct operation

Documentation ¶

Overview ¶

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Package trillian is a generated protocol buffer package.

It is generated from these files: 

trillian_log_api.proto
trillian_map_api.proto
trillian_admin_api.proto
trillian.proto

It has these top-level messages: 

LogLeaf
Proof
QueuedLogLeaf
QueueLeavesRequest
QueueLeafRequest
QueueLeafResponse
QueueLeavesResponse
GetInclusionProofRequest
GetInclusionProofResponse
GetInclusionProofByHashRequest
GetInclusionProofByHashResponse
GetConsistencyProofRequest
GetConsistencyProofResponse
GetLeavesByHashRequest
GetLeavesByHashResponse
GetLeavesByIndexRequest
GetLeavesByIndexResponse
GetSequencedLeafCountRequest
GetSequencedLeafCountResponse
GetLatestSignedLogRootRequest
GetLatestSignedLogRootResponse
GetEntryAndProofRequest
GetEntryAndProofResponse
MapLeaf
MapLeafInclusion
GetMapLeavesRequest
GetMapLeavesResponse
SetMapLeavesRequest
SetMapLeavesResponse
GetSignedMapRootRequest
GetSignedMapRootByRevisionRequest
GetSignedMapRootResponse
ListTreesRequest
ListTreesResponse
GetTreeRequest
CreateTreeRequest
UpdateTreeRequest
DeleteTreeRequest
UndeleteTreeRequest
Tree
SignedEntryTimestamp
SignedLogRoot
SignedMapRoot

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Package trillian is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index ¶

Constants ¶

This section is empty.

Variables ¶

View Source 
var HashStrategy_name = map[int32]string{
	0: "UNKNOWN_HASH_STRATEGY",
	1: "RFC6962_SHA256",
	2: "TEST_MAP_HASHER",
	3: "OBJECT_RFC6962_SHA256",
	4: "CONIKS_SHA512_256",
}
View Source 
var HashStrategy_value = map[string]int32{
	"UNKNOWN_HASH_STRATEGY": 0,
	"RFC6962_SHA256":        1,
	"TEST_MAP_HASHER":       2,
	"OBJECT_RFC6962_SHA256": 3,
	"CONIKS_SHA512_256":     4,
}
View Source 
var TreeState_name = map[int32]string{
	0: "UNKNOWN_TREE_STATE",
	1: "ACTIVE",
	2: "FROZEN",
	3: "DEPRECATED_SOFT_DELETED",
	4: "DEPRECATED_HARD_DELETED",
}
View Source 
var TreeState_value = map[string]int32{
	"UNKNOWN_TREE_STATE":      0,
	"ACTIVE":                  1,
	"FROZEN":                  2,
	"DEPRECATED_SOFT_DELETED": 3,
	"DEPRECATED_HARD_DELETED": 4,
}
View Source 
var TreeType_name = map[int32]string{
	0: "UNKNOWN_TREE_TYPE",
	1: "LOG",
	2: "MAP",
}
View Source 
var TreeType_value = map[string]int32{
	"UNKNOWN_TREE_TYPE": 0,
	"LOG":               1,
	"MAP":               2,
}

Functions ¶

func RegisterTrillianAdminHandler ¶ 

func RegisterTrillianAdminHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianAdminHandler registers the http handlers for service TrillianAdmin to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianAdminHandlerFromEndpoint ¶ 

func RegisterTrillianAdminHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianAdminHandlerFromEndpoint is same as RegisterTrillianAdminHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianAdminServer ¶ 

func RegisterTrillianAdminServer(s *grpc.Server, srv TrillianAdminServer)

func RegisterTrillianLogHandler ¶ 

func RegisterTrillianLogHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianLogHandler registers the http handlers for service TrillianLog to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianLogHandlerFromEndpoint ¶ 

func RegisterTrillianLogHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianLogHandlerFromEndpoint is same as RegisterTrillianLogHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianLogServer ¶ 

func RegisterTrillianLogServer(s *grpc.Server, srv TrillianLogServer)

func RegisterTrillianMapHandler ¶ 

func RegisterTrillianMapHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterTrillianMapHandler registers the http handlers for service TrillianMap to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterTrillianMapHandlerFromEndpoint ¶ 

func RegisterTrillianMapHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterTrillianMapHandlerFromEndpoint is same as RegisterTrillianMapHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterTrillianMapServer ¶ 

func RegisterTrillianMapServer(s *grpc.Server, srv TrillianMapServer)

Types ¶

type CreateTreeRequest ¶ 

type CreateTreeRequest struct {
	// Tree to be created. See Tree and CreateTree for more details.
	Tree *Tree `protobuf:"bytes,1,opt,name=tree" json:"tree,omitempty"`
	// Describes how the tree's private key should be generated.
	// Only needs to be set if tree.private_key is not set.
	KeySpec *keyspb.Specification `protobuf:"bytes,2,opt,name=key_spec,json=keySpec" json:"key_spec,omitempty"`
}

CreateTree request.

func (*CreateTreeRequest) Descriptor ¶ 

func (*CreateTreeRequest) Descriptor() ([]byte, []int)

func (*CreateTreeRequest) GetKeySpec ¶ 

func (m *CreateTreeRequest) GetKeySpec() *keyspb.Specification

func (*CreateTreeRequest) GetTree ¶ 

func (m *CreateTreeRequest) GetTree() *Tree

func (*CreateTreeRequest) ProtoMessage ¶ 

func (*CreateTreeRequest) ProtoMessage()

func (*CreateTreeRequest) Reset ¶ 

func (m *CreateTreeRequest) Reset()

func (*CreateTreeRequest) String ¶ 

func (m *CreateTreeRequest) String() string

type DeleteTreeRequest ¶ 

type DeleteTreeRequest struct {
	// ID of the tree to delete.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

DeleteTree request.

func (*DeleteTreeRequest) Descriptor ¶ 

func (*DeleteTreeRequest) Descriptor() ([]byte, []int)

func (*DeleteTreeRequest) GetTreeId ¶ 

func (m *DeleteTreeRequest) GetTreeId() int64

func (*DeleteTreeRequest) ProtoMessage ¶ 

func (*DeleteTreeRequest) ProtoMessage()

func (*DeleteTreeRequest) Reset ¶ 

func (m *DeleteTreeRequest) Reset()

func (*DeleteTreeRequest) String ¶ 

func (m *DeleteTreeRequest) String() string

type GetConsistencyProofRequest ¶ 

type GetConsistencyProofRequest struct {
	LogId          int64 `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	FirstTreeSize  int64 `protobuf:"varint,2,opt,name=first_tree_size,json=firstTreeSize" json:"first_tree_size,omitempty"`
	SecondTreeSize int64 `protobuf:"varint,3,opt,name=second_tree_size,json=secondTreeSize" json:"second_tree_size,omitempty"`
}

func (*GetConsistencyProofRequest) Descriptor ¶ 

func (*GetConsistencyProofRequest) Descriptor() ([]byte, []int)

func (*GetConsistencyProofRequest) GetFirstTreeSize ¶ 

func (m *GetConsistencyProofRequest) GetFirstTreeSize() int64

func (*GetConsistencyProofRequest) GetLogId ¶ 

func (m *GetConsistencyProofRequest) GetLogId() int64

func (*GetConsistencyProofRequest) GetSecondTreeSize ¶ 

func (m *GetConsistencyProofRequest) GetSecondTreeSize() int64

func (*GetConsistencyProofRequest) ProtoMessage ¶ 

func (*GetConsistencyProofRequest) ProtoMessage()

func (*GetConsistencyProofRequest) Reset ¶ 

func (m *GetConsistencyProofRequest) Reset()

func (*GetConsistencyProofRequest) String ¶ 

func (m *GetConsistencyProofRequest) String() string

type GetConsistencyProofResponse ¶ 

type GetConsistencyProofResponse struct {
	Proof *Proof `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
}

func (*GetConsistencyProofResponse) Descriptor ¶ 

func (*GetConsistencyProofResponse) Descriptor() ([]byte, []int)

func (*GetConsistencyProofResponse) GetProof ¶ 

func (m *GetConsistencyProofResponse) GetProof() *Proof

func (*GetConsistencyProofResponse) ProtoMessage ¶ 

func (*GetConsistencyProofResponse) ProtoMessage()

func (*GetConsistencyProofResponse) Reset ¶ 

func (m *GetConsistencyProofResponse) Reset()

func (*GetConsistencyProofResponse) String ¶ 

func (m *GetConsistencyProofResponse) String() string

type GetEntryAndProofRequest ¶ 

type GetEntryAndProofRequest struct {
	LogId     int64 `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex int64 `protobuf:"varint,2,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	TreeSize  int64 `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
}

func (*GetEntryAndProofRequest) Descriptor ¶ 

func (*GetEntryAndProofRequest) Descriptor() ([]byte, []int)

func (*GetEntryAndProofRequest) GetLeafIndex ¶ 

func (m *GetEntryAndProofRequest) GetLeafIndex() int64

func (*GetEntryAndProofRequest) GetLogId ¶ 

func (m *GetEntryAndProofRequest) GetLogId() int64

func (*GetEntryAndProofRequest) GetTreeSize ¶ 

func (m *GetEntryAndProofRequest) GetTreeSize() int64

func (*GetEntryAndProofRequest) ProtoMessage ¶ 

func (*GetEntryAndProofRequest) ProtoMessage()

func (*GetEntryAndProofRequest) Reset ¶ 

func (m *GetEntryAndProofRequest) Reset()

func (*GetEntryAndProofRequest) String ¶ 

func (m *GetEntryAndProofRequest) String() string

type GetEntryAndProofResponse ¶ 

type GetEntryAndProofResponse struct {
	Proof *Proof   `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
	Leaf  *LogLeaf `protobuf:"bytes,3,opt,name=leaf" json:"leaf,omitempty"`
}

func (*GetEntryAndProofResponse) Descriptor ¶ 

func (*GetEntryAndProofResponse) Descriptor() ([]byte, []int)

func (*GetEntryAndProofResponse) GetLeaf ¶ 

func (m *GetEntryAndProofResponse) GetLeaf() *LogLeaf

func (*GetEntryAndProofResponse) GetProof ¶ 

func (m *GetEntryAndProofResponse) GetProof() *Proof

func (*GetEntryAndProofResponse) ProtoMessage ¶ 

func (*GetEntryAndProofResponse) ProtoMessage()

func (*GetEntryAndProofResponse) Reset ¶ 

func (m *GetEntryAndProofResponse) Reset()

func (*GetEntryAndProofResponse) String ¶ 

func (m *GetEntryAndProofResponse) String() string

type GetInclusionProofByHashRequest ¶ 

type GetInclusionProofByHashRequest struct {
	LogId           int64  `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafHash        []byte `protobuf:"bytes,2,opt,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	TreeSize        int64  `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	OrderBySequence bool   `protobuf:"varint,4,opt,name=order_by_sequence,json=orderBySequence" json:"order_by_sequence,omitempty"`
}

func (*GetInclusionProofByHashRequest) Descriptor ¶ 

func (*GetInclusionProofByHashRequest) Descriptor() ([]byte, []int)

func (*GetInclusionProofByHashRequest) GetLeafHash ¶ 

func (m *GetInclusionProofByHashRequest) GetLeafHash() []byte

func (*GetInclusionProofByHashRequest) GetLogId ¶ 

func (m *GetInclusionProofByHashRequest) GetLogId() int64

func (*GetInclusionProofByHashRequest) GetOrderBySequence ¶ 

func (m *GetInclusionProofByHashRequest) GetOrderBySequence() bool

func (*GetInclusionProofByHashRequest) GetTreeSize ¶ 

func (m *GetInclusionProofByHashRequest) GetTreeSize() int64

func (*GetInclusionProofByHashRequest) ProtoMessage ¶ 

func (*GetInclusionProofByHashRequest) ProtoMessage()

func (*GetInclusionProofByHashRequest) Reset ¶ 

func (m *GetInclusionProofByHashRequest) Reset()

func (*GetInclusionProofByHashRequest) String ¶ 

func (m *GetInclusionProofByHashRequest) String() string

type GetInclusionProofByHashResponse ¶ 

type GetInclusionProofByHashResponse struct {
	// Logs can potentially contain leaves with duplicate hashes so it's possible
	// for this to return multiple proofs.
	// TODO(gbelvin) only return one proof.
	Proof []*Proof `protobuf:"bytes,2,rep,name=proof" json:"proof,omitempty"`
}

func (*GetInclusionProofByHashResponse) Descriptor ¶ 

func (*GetInclusionProofByHashResponse) Descriptor() ([]byte, []int)

func (*GetInclusionProofByHashResponse) GetProof ¶ 

func (m *GetInclusionProofByHashResponse) GetProof() []*Proof

func (*GetInclusionProofByHashResponse) ProtoMessage ¶ 

func (*GetInclusionProofByHashResponse) ProtoMessage()

func (*GetInclusionProofByHashResponse) Reset ¶ 

func (m *GetInclusionProofByHashResponse) Reset()

func (*GetInclusionProofByHashResponse) String ¶ 

func (m *GetInclusionProofByHashResponse) String() string

type GetInclusionProofRequest ¶ 

type GetInclusionProofRequest struct {
	LogId     int64 `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex int64 `protobuf:"varint,2,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	TreeSize  int64 `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
}

func (*GetInclusionProofRequest) Descriptor ¶ 

func (*GetInclusionProofRequest) Descriptor() ([]byte, []int)

func (*GetInclusionProofRequest) GetLeafIndex ¶ 

func (m *GetInclusionProofRequest) GetLeafIndex() int64

func (*GetInclusionProofRequest) GetLogId ¶ 

func (m *GetInclusionProofRequest) GetLogId() int64

func (*GetInclusionProofRequest) GetTreeSize ¶ 

func (m *GetInclusionProofRequest) GetTreeSize() int64

func (*GetInclusionProofRequest) ProtoMessage ¶ 

func (*GetInclusionProofRequest) ProtoMessage()

func (*GetInclusionProofRequest) Reset ¶ 

func (m *GetInclusionProofRequest) Reset()

func (*GetInclusionProofRequest) String ¶ 

func (m *GetInclusionProofRequest) String() string

type GetInclusionProofResponse ¶ 

type GetInclusionProofResponse struct {
	Proof *Proof `protobuf:"bytes,2,opt,name=proof" json:"proof,omitempty"`
}

func (*GetInclusionProofResponse) Descriptor ¶ 

func (*GetInclusionProofResponse) Descriptor() ([]byte, []int)

func (*GetInclusionProofResponse) GetProof ¶ 

func (m *GetInclusionProofResponse) GetProof() *Proof

func (*GetInclusionProofResponse) ProtoMessage ¶ 

func (*GetInclusionProofResponse) ProtoMessage()

func (*GetInclusionProofResponse) Reset ¶ 

func (m *GetInclusionProofResponse) Reset()

func (*GetInclusionProofResponse) String ¶ 

func (m *GetInclusionProofResponse) String() string

type GetLatestSignedLogRootRequest ¶ 

type GetLatestSignedLogRootRequest struct {
	LogId int64 `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
}

func (*GetLatestSignedLogRootRequest) Descriptor ¶ 

func (*GetLatestSignedLogRootRequest) Descriptor() ([]byte, []int)

func (*GetLatestSignedLogRootRequest) GetLogId ¶ 

func (m *GetLatestSignedLogRootRequest) GetLogId() int64

func (*GetLatestSignedLogRootRequest) ProtoMessage ¶ 

func (*GetLatestSignedLogRootRequest) ProtoMessage()

func (*GetLatestSignedLogRootRequest) Reset ¶ 

func (m *GetLatestSignedLogRootRequest) Reset()

func (*GetLatestSignedLogRootRequest) String ¶ 

func (m *GetLatestSignedLogRootRequest) String() string

type GetLatestSignedLogRootResponse ¶ 

type GetLatestSignedLogRootResponse struct {
	SignedLogRoot *SignedLogRoot `protobuf:"bytes,2,opt,name=signed_log_root,json=signedLogRoot" json:"signed_log_root,omitempty"`
}

func (*GetLatestSignedLogRootResponse) Descriptor ¶ 

func (*GetLatestSignedLogRootResponse) Descriptor() ([]byte, []int)

func (*GetLatestSignedLogRootResponse) GetSignedLogRoot ¶ 

func (m *GetLatestSignedLogRootResponse) GetSignedLogRoot() *SignedLogRoot

func (*GetLatestSignedLogRootResponse) ProtoMessage ¶ 

func (*GetLatestSignedLogRootResponse) ProtoMessage()

func (*GetLatestSignedLogRootResponse) Reset ¶ 

func (m *GetLatestSignedLogRootResponse) Reset()

func (*GetLatestSignedLogRootResponse) String ¶ 

func (m *GetLatestSignedLogRootResponse) String() string

type GetLeavesByHashRequest ¶ 

type GetLeavesByHashRequest struct {
	LogId           int64    `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafHash        [][]byte `protobuf:"bytes,2,rep,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	OrderBySequence bool     `protobuf:"varint,3,opt,name=order_by_sequence,json=orderBySequence" json:"order_by_sequence,omitempty"`
}

func (*GetLeavesByHashRequest) Descriptor ¶ 

func (*GetLeavesByHashRequest) Descriptor() ([]byte, []int)

func (*GetLeavesByHashRequest) GetLeafHash ¶ 

func (m *GetLeavesByHashRequest) GetLeafHash() [][]byte

func (*GetLeavesByHashRequest) GetLogId ¶ 

func (m *GetLeavesByHashRequest) GetLogId() int64

func (*GetLeavesByHashRequest) GetOrderBySequence ¶ 

func (m *GetLeavesByHashRequest) GetOrderBySequence() bool

func (*GetLeavesByHashRequest) ProtoMessage ¶ 

func (*GetLeavesByHashRequest) ProtoMessage()

func (*GetLeavesByHashRequest) Reset ¶ 

func (m *GetLeavesByHashRequest) Reset()

func (*GetLeavesByHashRequest) String ¶ 

func (m *GetLeavesByHashRequest) String() string

type GetLeavesByHashResponse ¶ 

type GetLeavesByHashResponse struct {
	// TODO(gbelvin) reply with error codes.
	Leaves []*LogLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
}

func (*GetLeavesByHashResponse) Descriptor ¶ 

func (*GetLeavesByHashResponse) Descriptor() ([]byte, []int)

func (*GetLeavesByHashResponse) GetLeaves ¶ 

func (m *GetLeavesByHashResponse) GetLeaves() []*LogLeaf

func (*GetLeavesByHashResponse) ProtoMessage ¶ 

func (*GetLeavesByHashResponse) ProtoMessage()

func (*GetLeavesByHashResponse) Reset ¶ 

func (m *GetLeavesByHashResponse) Reset()

func (*GetLeavesByHashResponse) String ¶ 

func (m *GetLeavesByHashResponse) String() string

type GetLeavesByIndexRequest ¶ 

type GetLeavesByIndexRequest struct {
	LogId     int64   `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	LeafIndex []int64 `protobuf:"varint,2,rep,packed,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
}

func (*GetLeavesByIndexRequest) Descriptor ¶ 

func (*GetLeavesByIndexRequest) Descriptor() ([]byte, []int)

func (*GetLeavesByIndexRequest) GetLeafIndex ¶ 

func (m *GetLeavesByIndexRequest) GetLeafIndex() []int64

func (*GetLeavesByIndexRequest) GetLogId ¶ 

func (m *GetLeavesByIndexRequest) GetLogId() int64

func (*GetLeavesByIndexRequest) ProtoMessage ¶ 

func (*GetLeavesByIndexRequest) ProtoMessage()

func (*GetLeavesByIndexRequest) Reset ¶ 

func (m *GetLeavesByIndexRequest) Reset()

func (*GetLeavesByIndexRequest) String ¶ 

func (m *GetLeavesByIndexRequest) String() string

type GetLeavesByIndexResponse ¶ 

type GetLeavesByIndexResponse struct {
	// TODO(gbelvin) reply with error codes.
	Leaves []*LogLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
}

func (*GetLeavesByIndexResponse) Descriptor ¶ 

func (*GetLeavesByIndexResponse) Descriptor() ([]byte, []int)

func (*GetLeavesByIndexResponse) GetLeaves ¶ 

func (m *GetLeavesByIndexResponse) GetLeaves() []*LogLeaf

func (*GetLeavesByIndexResponse) ProtoMessage ¶ 

func (*GetLeavesByIndexResponse) ProtoMessage()

func (*GetLeavesByIndexResponse) Reset ¶ 

func (m *GetLeavesByIndexResponse) Reset()

func (*GetLeavesByIndexResponse) String ¶ 

func (m *GetLeavesByIndexResponse) String() string

type GetMapLeavesRequest ¶ 

type GetMapLeavesRequest struct {
	MapId int64    `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Index [][]byte `protobuf:"bytes,2,rep,name=index,proto3" json:"index,omitempty"`
	// A negative revision indicates that the most recent published revision should be used.
	Revision int64 `protobuf:"varint,3,opt,name=revision" json:"revision,omitempty"`
}

func (*GetMapLeavesRequest) Descriptor ¶ 

func (*GetMapLeavesRequest) Descriptor() ([]byte, []int)

func (*GetMapLeavesRequest) GetIndex ¶ 

func (m *GetMapLeavesRequest) GetIndex() [][]byte

func (*GetMapLeavesRequest) GetMapId ¶ 

func (m *GetMapLeavesRequest) GetMapId() int64

func (*GetMapLeavesRequest) GetRevision ¶ 

func (m *GetMapLeavesRequest) GetRevision() int64

func (*GetMapLeavesRequest) ProtoMessage ¶ 

func (*GetMapLeavesRequest) ProtoMessage()

func (*GetMapLeavesRequest) Reset ¶ 

func (m *GetMapLeavesRequest) Reset()

func (*GetMapLeavesRequest) String ¶ 

func (m *GetMapLeavesRequest) String() string

type GetMapLeavesResponse ¶ 

type GetMapLeavesResponse struct {
	MapLeafInclusion []*MapLeafInclusion `protobuf:"bytes,2,rep,name=map_leaf_inclusion,json=mapLeafInclusion" json:"map_leaf_inclusion,omitempty"`
	MapRoot          *SignedMapRoot      `protobuf:"bytes,3,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*GetMapLeavesResponse) Descriptor ¶ 

func (*GetMapLeavesResponse) Descriptor() ([]byte, []int)

func (*GetMapLeavesResponse) GetMapLeafInclusion ¶ 

func (m *GetMapLeavesResponse) GetMapLeafInclusion() []*MapLeafInclusion

func (*GetMapLeavesResponse) GetMapRoot ¶ 

func (m *GetMapLeavesResponse) GetMapRoot() *SignedMapRoot

func (*GetMapLeavesResponse) ProtoMessage ¶ 

func (*GetMapLeavesResponse) ProtoMessage()

func (*GetMapLeavesResponse) Reset ¶ 

func (m *GetMapLeavesResponse) Reset()

func (*GetMapLeavesResponse) String ¶ 

func (m *GetMapLeavesResponse) String() string

type GetSequencedLeafCountRequest ¶ 

type GetSequencedLeafCountRequest struct {
	LogId int64 `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
}

func (*GetSequencedLeafCountRequest) Descriptor ¶ 

func (*GetSequencedLeafCountRequest) Descriptor() ([]byte, []int)

func (*GetSequencedLeafCountRequest) GetLogId ¶ 

func (m *GetSequencedLeafCountRequest) GetLogId() int64

func (*GetSequencedLeafCountRequest) ProtoMessage ¶ 

func (*GetSequencedLeafCountRequest) ProtoMessage()

func (*GetSequencedLeafCountRequest) Reset ¶ 

func (m *GetSequencedLeafCountRequest) Reset()

func (*GetSequencedLeafCountRequest) String ¶ 

func (m *GetSequencedLeafCountRequest) String() string

type GetSequencedLeafCountResponse ¶ 

type GetSequencedLeafCountResponse struct {
	LeafCount int64 `protobuf:"varint,2,opt,name=leaf_count,json=leafCount" json:"leaf_count,omitempty"`
}

func (*GetSequencedLeafCountResponse) Descriptor ¶ 

func (*GetSequencedLeafCountResponse) Descriptor() ([]byte, []int)

func (*GetSequencedLeafCountResponse) GetLeafCount ¶ 

func (m *GetSequencedLeafCountResponse) GetLeafCount() int64

func (*GetSequencedLeafCountResponse) ProtoMessage ¶ 

func (*GetSequencedLeafCountResponse) ProtoMessage()

func (*GetSequencedLeafCountResponse) Reset ¶ 

func (m *GetSequencedLeafCountResponse) Reset()

func (*GetSequencedLeafCountResponse) String ¶ 

func (m *GetSequencedLeafCountResponse) String() string

type GetSignedMapRootByRevisionRequest ¶ 

type GetSignedMapRootByRevisionRequest struct {
	MapId    int64 `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Revision int64 `protobuf:"varint,2,opt,name=revision" json:"revision,omitempty"`
}

func (*GetSignedMapRootByRevisionRequest) Descriptor ¶ 

func (*GetSignedMapRootByRevisionRequest) Descriptor() ([]byte, []int)

func (*GetSignedMapRootByRevisionRequest) GetMapId ¶ 

func (m *GetSignedMapRootByRevisionRequest) GetMapId() int64

func (*GetSignedMapRootByRevisionRequest) GetRevision ¶ 

func (m *GetSignedMapRootByRevisionRequest) GetRevision() int64

func (*GetSignedMapRootByRevisionRequest) ProtoMessage ¶ 

func (*GetSignedMapRootByRevisionRequest) ProtoMessage()

func (*GetSignedMapRootByRevisionRequest) Reset ¶ 

func (m *GetSignedMapRootByRevisionRequest) Reset()

func (*GetSignedMapRootByRevisionRequest) String ¶ 

func (m *GetSignedMapRootByRevisionRequest) String() string

type GetSignedMapRootRequest ¶ 

type GetSignedMapRootRequest struct {
	MapId int64 `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
}

func (*GetSignedMapRootRequest) Descriptor ¶ 

func (*GetSignedMapRootRequest) Descriptor() ([]byte, []int)

func (*GetSignedMapRootRequest) GetMapId ¶ 

func (m *GetSignedMapRootRequest) GetMapId() int64

func (*GetSignedMapRootRequest) ProtoMessage ¶ 

func (*GetSignedMapRootRequest) ProtoMessage()

func (*GetSignedMapRootRequest) Reset ¶ 

func (m *GetSignedMapRootRequest) Reset()

func (*GetSignedMapRootRequest) String ¶ 

func (m *GetSignedMapRootRequest) String() string

type GetSignedMapRootResponse ¶ 

type GetSignedMapRootResponse struct {
	MapRoot *SignedMapRoot `protobuf:"bytes,2,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*GetSignedMapRootResponse) Descriptor ¶ 

func (*GetSignedMapRootResponse) Descriptor() ([]byte, []int)

func (*GetSignedMapRootResponse) GetMapRoot ¶ 

func (m *GetSignedMapRootResponse) GetMapRoot() *SignedMapRoot

func (*GetSignedMapRootResponse) ProtoMessage ¶ 

func (*GetSignedMapRootResponse) ProtoMessage()

func (*GetSignedMapRootResponse) Reset ¶ 

func (m *GetSignedMapRootResponse) Reset()

func (*GetSignedMapRootResponse) String ¶ 

func (m *GetSignedMapRootResponse) String() string

type GetTreeRequest ¶ 

type GetTreeRequest struct {
	// ID of the tree to retrieve.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

GetTree request.

func (*GetTreeRequest) Descriptor ¶ 

func (*GetTreeRequest) Descriptor() ([]byte, []int)

func (*GetTreeRequest) GetTreeId ¶ 

func (m *GetTreeRequest) GetTreeId() int64

func (*GetTreeRequest) ProtoMessage ¶ 

func (*GetTreeRequest) ProtoMessage()

func (*GetTreeRequest) Reset ¶ 

func (m *GetTreeRequest) Reset()

func (*GetTreeRequest) String ¶ 

func (m *GetTreeRequest) String() string

type HashStrategy ¶ 

type HashStrategy int32

Defines the way empty / node / leaf hashes are constructed incorporating preimage protection, which can be application specific. 

const (
	// Hash strategy cannot be determined. Included to enable detection of
	// mismatched proto versions being used. Represents an invalid value.
	HashStrategy_UNKNOWN_HASH_STRATEGY HashStrategy = 0
	// Certificate Transparency strategy: leaf hash prefix = 0x00, node prefix =
	// 0x01, empty hash is digest([]byte{}), as defined in the specification.
	HashStrategy_RFC6962_SHA256 HashStrategy = 1
	// Sparse Merkle Tree strategy:  leaf hash prefix = 0x00, node prefix = 0x01,
	// empty branch is recursively computed from empty leaf nodes.
	// NOT secure in a multi tree environment. For testing only.
	HashStrategy_TEST_MAP_HASHER HashStrategy = 2
	// Append-only log strategy where leaf nodes are defined as the ObjectHash.
	// All other properties are equal to RFC6962_SHA256.
	HashStrategy_OBJECT_RFC6962_SHA256 HashStrategy = 3
	// The CONIKS sparse tree hasher with SHA512_256 as the hash algorithm.
	HashStrategy_CONIKS_SHA512_256 HashStrategy = 4
)

func (HashStrategy) EnumDescriptor ¶ 

func (HashStrategy) EnumDescriptor() ([]byte, []int)

func (HashStrategy) String ¶ 

func (x HashStrategy) String() string

type ListTreesRequest ¶ 

type ListTreesRequest struct {
	// If true, deleted trees are included in the response.
	ShowDeleted bool `protobuf:"varint,1,opt,name=show_deleted,json=showDeleted" json:"show_deleted,omitempty"`
}

ListTrees request. No filters or pagination options are provided.

func (*ListTreesRequest) Descriptor ¶ 

func (*ListTreesRequest) Descriptor() ([]byte, []int)

func (*ListTreesRequest) GetShowDeleted ¶ added in v1.0.2 

func (m *ListTreesRequest) GetShowDeleted() bool

func (*ListTreesRequest) ProtoMessage ¶ 

func (*ListTreesRequest) ProtoMessage()

func (*ListTreesRequest) Reset ¶ 

func (m *ListTreesRequest) Reset()

func (*ListTreesRequest) String ¶ 

func (m *ListTreesRequest) String() string

type ListTreesResponse ¶ 

type ListTreesResponse struct {
	// Trees matching the list request filters.
	Tree []*Tree `protobuf:"bytes,1,rep,name=tree" json:"tree,omitempty"`
}

ListTrees response. No pagination is provided, all trees the requester has access to are returned.

func (*ListTreesResponse) Descriptor ¶ 

func (*ListTreesResponse) Descriptor() ([]byte, []int)

func (*ListTreesResponse) GetTree ¶ 

func (m *ListTreesResponse) GetTree() []*Tree

func (*ListTreesResponse) ProtoMessage ¶ 

func (*ListTreesResponse) ProtoMessage()

func (*ListTreesResponse) Reset ¶ 

func (m *ListTreesResponse) Reset()

func (*ListTreesResponse) String ¶ 

func (m *ListTreesResponse) String() string

type LogLeaf ¶ 

type LogLeaf struct {
	// merkle_leaf_hash is over leaf data and optional extra_data.
	MerkleLeafHash []byte `protobuf:"bytes,1,opt,name=merkle_leaf_hash,json=merkleLeafHash,proto3" json:"merkle_leaf_hash,omitempty"`
	// leaf_value contains arbitrary data.
	LeafValue []byte `protobuf:"bytes,2,opt,name=leaf_value,json=leafValue,proto3" json:"leaf_value,omitempty"`
	// extra_data is optional metadata. e.g. a timestamp.
	ExtraData []byte `protobuf:"bytes,3,opt,name=extra_data,json=extraData,proto3" json:"extra_data,omitempty"`
	// leaf_index is optional. Trillian will assign the next available index when unset.
	// TODO: remove this into separate AddSequencedLeaves API.
	LeafIndex int64 `protobuf:"varint,4,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	// leaf_identity_hash is a hash over the identity of this leaf.
	// It's intended to provide a mechanism for the personality to provide a
	// hint to Trillian that two leaves should be considered "duplicates" even
	// though their leaf_values differ.
	//
	// E.g. in a CT personality multiple add-chain calls for an identical
	// certificate would produce differing leaf_data bytes (due to the presence
	// of SCT elements), with just this information Trillian would be unable to
	// determine that, within the context of the personality, these entries are
	// dupes, so the CT personality sets leaf_identity_hash to H(cert),
	// which allows Trillian to detect the duplicates.
	//
	// Continuing the CT example, for a CT mirror personality (which must allow
	// dupes since the source log could contain them), the part of the
	// personality which fetches and submits the entries might set
	// leaf_identity_hash to H(seq||certdata).
	//
	// If leaf_identity_hash is empty, it's assumed to be the same as the
	// merkle_leaf_hash.
	LeafIdentityHash []byte `protobuf:"bytes,5,opt,name=leaf_identity_hash,json=leafIdentityHash,proto3" json:"leaf_identity_hash,omitempty"`
}

func (*LogLeaf) Descriptor ¶ 

func (*LogLeaf) Descriptor() ([]byte, []int)

func (*LogLeaf) GetExtraData ¶ 

func (m *LogLeaf) GetExtraData() []byte

func (*LogLeaf) GetLeafIdentityHash ¶ 

func (m *LogLeaf) GetLeafIdentityHash() []byte

func (*LogLeaf) GetLeafIndex ¶ 

func (m *LogLeaf) GetLeafIndex() int64

func (*LogLeaf) GetLeafValue ¶ 

func (m *LogLeaf) GetLeafValue() []byte

func (*LogLeaf) GetMerkleLeafHash ¶ 

func (m *LogLeaf) GetMerkleLeafHash() []byte

func (*LogLeaf) ProtoMessage ¶ 

func (*LogLeaf) ProtoMessage()

func (*LogLeaf) Reset ¶ 

func (m *LogLeaf) Reset()

func (*LogLeaf) String ¶ 

func (m *LogLeaf) String() string

type MapLeaf ¶ 

type MapLeaf struct {
	// index is the location of this leaf.
	// All indexes for a given Map must contain a constant number of bits.
	Index []byte `protobuf:"bytes,1,opt,name=index,proto3" json:"index,omitempty"`
	// leaf_hash is the tree hash of leaf_value.  This does not need to be set
	// on SetMapLeavesRequest; the server will fill it in.
	LeafHash []byte `protobuf:"bytes,2,opt,name=leaf_hash,json=leafHash,proto3" json:"leaf_hash,omitempty"`
	// leaf_value is the data the tree commits to.
	LeafValue []byte `protobuf:"bytes,3,opt,name=leaf_value,json=leafValue,proto3" json:"leaf_value,omitempty"`
	// extra_data holds related contextual data, but is not covered by any hash.
	ExtraData []byte `protobuf:"bytes,4,opt,name=extra_data,json=extraData,proto3" json:"extra_data,omitempty"`
}

MapLeaf represents the data behind Map leaves.

func (*MapLeaf) Descriptor ¶ 

func (*MapLeaf) Descriptor() ([]byte, []int)

func (*MapLeaf) GetExtraData ¶ 

func (m *MapLeaf) GetExtraData() []byte

func (*MapLeaf) GetIndex ¶ 

func (m *MapLeaf) GetIndex() []byte

func (*MapLeaf) GetLeafHash ¶ 

func (m *MapLeaf) GetLeafHash() []byte

func (*MapLeaf) GetLeafValue ¶ 

func (m *MapLeaf) GetLeafValue() []byte

func (*MapLeaf) ProtoMessage ¶ 

func (*MapLeaf) ProtoMessage()

func (*MapLeaf) Reset ¶ 

func (m *MapLeaf) Reset()

func (*MapLeaf) String ¶ 

func (m *MapLeaf) String() string

type MapLeafInclusion ¶ 

type MapLeafInclusion struct {
	Leaf      *MapLeaf `protobuf:"bytes,1,opt,name=leaf" json:"leaf,omitempty"`
	Inclusion [][]byte `protobuf:"bytes,2,rep,name=inclusion,proto3" json:"inclusion,omitempty"`
}

func (*MapLeafInclusion) Descriptor ¶ 

func (*MapLeafInclusion) Descriptor() ([]byte, []int)

func (*MapLeafInclusion) GetInclusion ¶ 

func (m *MapLeafInclusion) GetInclusion() [][]byte

func (*MapLeafInclusion) GetLeaf ¶ 

func (m *MapLeafInclusion) GetLeaf() *MapLeaf

func (*MapLeafInclusion) ProtoMessage ¶ 

func (*MapLeafInclusion) ProtoMessage()

func (*MapLeafInclusion) Reset ¶ 

func (m *MapLeafInclusion) Reset()

func (*MapLeafInclusion) String ¶ 

func (m *MapLeafInclusion) String() string

type Proof ¶ 

type Proof struct {
	LeafIndex int64    `protobuf:"varint,1,opt,name=leaf_index,json=leafIndex" json:"leaf_index,omitempty"`
	Hashes    [][]byte `protobuf:"bytes,3,rep,name=hashes,proto3" json:"hashes,omitempty"`
}

func (*Proof) Descriptor ¶ 

func (*Proof) Descriptor() ([]byte, []int)

func (*Proof) GetHashes ¶ 

func (m *Proof) GetHashes() [][]byte

func (*Proof) GetLeafIndex ¶ 

func (m *Proof) GetLeafIndex() int64

func (*Proof) ProtoMessage ¶ 

func (*Proof) ProtoMessage()

func (*Proof) Reset ¶ 

func (m *Proof) Reset()

func (*Proof) String ¶ 

func (m *Proof) String() string

type QueueLeafRequest ¶ 

type QueueLeafRequest struct {
	LogId int64    `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaf  *LogLeaf `protobuf:"bytes,2,opt,name=leaf" json:"leaf,omitempty"`
}

func (*QueueLeafRequest) Descriptor ¶ 

func (*QueueLeafRequest) Descriptor() ([]byte, []int)

func (*QueueLeafRequest) GetLeaf ¶ 

func (m *QueueLeafRequest) GetLeaf() *LogLeaf

func (*QueueLeafRequest) GetLogId ¶ 

func (m *QueueLeafRequest) GetLogId() int64

func (*QueueLeafRequest) ProtoMessage ¶ 

func (*QueueLeafRequest) ProtoMessage()

func (*QueueLeafRequest) Reset ¶ 

func (m *QueueLeafRequest) Reset()

func (*QueueLeafRequest) String ¶ 

func (m *QueueLeafRequest) String() string

type QueueLeafResponse ¶ 

type QueueLeafResponse struct {
	QueuedLeaf *QueuedLogLeaf `protobuf:"bytes,2,opt,name=queued_leaf,json=queuedLeaf" json:"queued_leaf,omitempty"`
}

func (*QueueLeafResponse) Descriptor ¶ 

func (*QueueLeafResponse) Descriptor() ([]byte, []int)

func (*QueueLeafResponse) GetQueuedLeaf ¶ 

func (m *QueueLeafResponse) GetQueuedLeaf() *QueuedLogLeaf

func (*QueueLeafResponse) ProtoMessage ¶ 

func (*QueueLeafResponse) ProtoMessage()

func (*QueueLeafResponse) Reset ¶ 

func (m *QueueLeafResponse) Reset()

func (*QueueLeafResponse) String ¶ 

func (m *QueueLeafResponse) String() string

type QueueLeavesRequest ¶ 

type QueueLeavesRequest struct {
	LogId  int64      `protobuf:"varint,1,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Leaves []*LogLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
}

func (*QueueLeavesRequest) Descriptor ¶ 

func (*QueueLeavesRequest) Descriptor() ([]byte, []int)

func (*QueueLeavesRequest) GetLeaves ¶ 

func (m *QueueLeavesRequest) GetLeaves() []*LogLeaf

func (*QueueLeavesRequest) GetLogId ¶ 

func (m *QueueLeavesRequest) GetLogId() int64

func (*QueueLeavesRequest) ProtoMessage ¶ 

func (*QueueLeavesRequest) ProtoMessage()

func (*QueueLeavesRequest) Reset ¶ 

func (m *QueueLeavesRequest) Reset()

func (*QueueLeavesRequest) String ¶ 

func (m *QueueLeavesRequest) String() string

type QueueLeavesResponse ¶ 

type QueueLeavesResponse struct {
	// Same number and order as in the corresponding request.
	QueuedLeaves []*QueuedLogLeaf `protobuf:"bytes,2,rep,name=queued_leaves,json=queuedLeaves" json:"queued_leaves,omitempty"`
}

func (*QueueLeavesResponse) Descriptor ¶ 

func (*QueueLeavesResponse) Descriptor() ([]byte, []int)

func (*QueueLeavesResponse) GetQueuedLeaves ¶ 

func (m *QueueLeavesResponse) GetQueuedLeaves() []*QueuedLogLeaf

func (*QueueLeavesResponse) ProtoMessage ¶ 

func (*QueueLeavesResponse) ProtoMessage()

func (*QueueLeavesResponse) Reset ¶ 

func (m *QueueLeavesResponse) Reset()

func (*QueueLeavesResponse) String ¶ 

func (m *QueueLeavesResponse) String() string

type QueuedLogLeaf ¶ 

type QueuedLogLeaf struct {
	// The leaf is present if status.code is:
	//  - google.rpc.OK : the leaf is the same as in the QueueLea{f,ves}Request
	//  - google.rpc.ALREADY_EXISTS : the leaf is the one already present in the log.
	Leaf   *LogLeaf           `protobuf:"bytes,1,opt,name=leaf" json:"leaf,omitempty"`
	Status *google_rpc.Status `protobuf:"bytes,2,opt,name=status" json:"status,omitempty"`
}

QueuedLogLeaf represents a log leaf that has been queued for inclusion; it may be pending or already exist in the log (if the log does not allow duplicates).

func (*QueuedLogLeaf) Descriptor ¶ 

func (*QueuedLogLeaf) Descriptor() ([]byte, []int)

func (*QueuedLogLeaf) GetLeaf ¶ 

func (m *QueuedLogLeaf) GetLeaf() *LogLeaf

func (*QueuedLogLeaf) GetStatus ¶ 

func (m *QueuedLogLeaf) GetStatus() *google_rpc.Status

func (*QueuedLogLeaf) ProtoMessage ¶ 

func (*QueuedLogLeaf) ProtoMessage()

func (*QueuedLogLeaf) Reset ¶ 

func (m *QueuedLogLeaf) Reset()

func (*QueuedLogLeaf) String ¶ 

func (m *QueuedLogLeaf) String() string

type SetMapLeavesRequest ¶ 

type SetMapLeavesRequest struct {
	MapId  int64      `protobuf:"varint,1,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	Leaves []*MapLeaf `protobuf:"bytes,2,rep,name=leaves" json:"leaves,omitempty"`
	// Metadata that the Map should associate with the new Map root after
	// incorporating the leaf changes.  The metadata will be reflected in the
	// Map Root returned in the map's SetLeaves response.
	// Map personalities should use metadata to persist any state needed later
	// to continue mapping from an external data source.
	Metadata *google_protobuf.Any `protobuf:"bytes,4,opt,name=metadata" json:"metadata,omitempty"`
}

func (*SetMapLeavesRequest) Descriptor ¶ 

func (*SetMapLeavesRequest) Descriptor() ([]byte, []int)

func (*SetMapLeavesRequest) GetLeaves ¶ 

func (m *SetMapLeavesRequest) GetLeaves() []*MapLeaf

func (*SetMapLeavesRequest) GetMapId ¶ 

func (m *SetMapLeavesRequest) GetMapId() int64

func (*SetMapLeavesRequest) GetMetadata ¶ added in v1.0.2 

func (m *SetMapLeavesRequest) GetMetadata() *google_protobuf.Any

func (*SetMapLeavesRequest) ProtoMessage ¶ 

func (*SetMapLeavesRequest) ProtoMessage()

func (*SetMapLeavesRequest) Reset ¶ 

func (m *SetMapLeavesRequest) Reset()

func (*SetMapLeavesRequest) String ¶ 

func (m *SetMapLeavesRequest) String() string

type SetMapLeavesResponse ¶ 

type SetMapLeavesResponse struct {
	MapRoot *SignedMapRoot `protobuf:"bytes,2,opt,name=map_root,json=mapRoot" json:"map_root,omitempty"`
}

func (*SetMapLeavesResponse) Descriptor ¶ 

func (*SetMapLeavesResponse) Descriptor() ([]byte, []int)

func (*SetMapLeavesResponse) GetMapRoot ¶ 

func (m *SetMapLeavesResponse) GetMapRoot() *SignedMapRoot

func (*SetMapLeavesResponse) ProtoMessage ¶ 

func (*SetMapLeavesResponse) ProtoMessage()

func (*SetMapLeavesResponse) Reset ¶ 

func (m *SetMapLeavesResponse) Reset()

func (*SetMapLeavesResponse) String ¶ 

func (m *SetMapLeavesResponse) String() string

type SignedEntryTimestamp ¶ 

type SignedEntryTimestamp struct {
	TimestampNanos int64                  `protobuf:"varint,1,opt,name=timestamp_nanos,json=timestampNanos" json:"timestamp_nanos,omitempty"`
	LogId          int64                  `protobuf:"varint,2,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	Signature      *sigpb.DigitallySigned `protobuf:"bytes,3,opt,name=signature" json:"signature,omitempty"`
}

func (*SignedEntryTimestamp) Descriptor ¶ 

func (*SignedEntryTimestamp) Descriptor() ([]byte, []int)

func (*SignedEntryTimestamp) GetLogId ¶ 

func (m *SignedEntryTimestamp) GetLogId() int64

func (*SignedEntryTimestamp) GetSignature ¶ 

func (m *SignedEntryTimestamp) GetSignature() *sigpb.DigitallySigned

func (*SignedEntryTimestamp) GetTimestampNanos ¶ 

func (m *SignedEntryTimestamp) GetTimestampNanos() int64

func (*SignedEntryTimestamp) ProtoMessage ¶ 

func (*SignedEntryTimestamp) ProtoMessage()

func (*SignedEntryTimestamp) Reset ¶ 

func (m *SignedEntryTimestamp) Reset()

func (*SignedEntryTimestamp) String ¶ 

func (m *SignedEntryTimestamp) String() string

type SignedLogRoot ¶ 

type SignedLogRoot struct {
	// epoch nanoseconds, good until 2500ish
	TimestampNanos int64  `protobuf:"varint,1,opt,name=timestamp_nanos,json=timestampNanos" json:"timestamp_nanos,omitempty"`
	RootHash       []byte `protobuf:"bytes,2,opt,name=root_hash,json=rootHash,proto3" json:"root_hash,omitempty"`
	// TreeSize is the number of entries in the tree.
	TreeSize     int64                  `protobuf:"varint,3,opt,name=tree_size,json=treeSize" json:"tree_size,omitempty"`
	Signature    *sigpb.DigitallySigned `protobuf:"bytes,4,opt,name=signature" json:"signature,omitempty"`
	LogId        int64                  `protobuf:"varint,5,opt,name=log_id,json=logId" json:"log_id,omitempty"`
	TreeRevision int64                  `protobuf:"varint,6,opt,name=tree_revision,json=treeRevision" json:"tree_revision,omitempty"`
}

SignedLogRoot represents a commitment by a Log to a particular tree.

func (*SignedLogRoot) Descriptor ¶ 

func (*SignedLogRoot) Descriptor() ([]byte, []int)

func (*SignedLogRoot) GetLogId ¶ 

func (m *SignedLogRoot) GetLogId() int64

func (*SignedLogRoot) GetRootHash ¶ 

func (m *SignedLogRoot) GetRootHash() []byte

func (*SignedLogRoot) GetSignature ¶ 

func (m *SignedLogRoot) GetSignature() *sigpb.DigitallySigned

func (*SignedLogRoot) GetTimestampNanos ¶ 

func (m *SignedLogRoot) GetTimestampNanos() int64

func (*SignedLogRoot) GetTreeRevision ¶ 

func (m *SignedLogRoot) GetTreeRevision() int64

func (*SignedLogRoot) GetTreeSize ¶ 

func (m *SignedLogRoot) GetTreeSize() int64

func (*SignedLogRoot) ProtoMessage ¶ 

func (*SignedLogRoot) ProtoMessage()

func (*SignedLogRoot) Reset ¶ 

func (m *SignedLogRoot) Reset()

func (*SignedLogRoot) String ¶ 

func (m *SignedLogRoot) String() string

type SignedMapRoot ¶ 

type SignedMapRoot struct {
	TimestampNanos int64  `protobuf:"varint,1,opt,name=timestamp_nanos,json=timestampNanos" json:"timestamp_nanos,omitempty"`
	RootHash       []byte `protobuf:"bytes,2,opt,name=root_hash,json=rootHash,proto3" json:"root_hash,omitempty"`
	// TODO(al): define serialized format for the signature scheme.
	Signature   *sigpb.DigitallySigned `protobuf:"bytes,4,opt,name=signature" json:"signature,omitempty"`
	MapId       int64                  `protobuf:"varint,5,opt,name=map_id,json=mapId" json:"map_id,omitempty"`
	MapRevision int64                  `protobuf:"varint,6,opt,name=map_revision,json=mapRevision" json:"map_revision,omitempty"`
	// Metadata associated with the Map root.  This is set by the map personality
	// layer in a SetLeaves map request.  It could be used to persist state
	// needed to recreate the Map from an external data source.
	Metadata *google_protobuf.Any `protobuf:"bytes,7,opt,name=metadata" json:"metadata,omitempty"`
}

SignedMapRoot represents a commitment by a Map to a particular tree.

func (*SignedMapRoot) Descriptor ¶ 

func (*SignedMapRoot) Descriptor() ([]byte, []int)

func (*SignedMapRoot) GetMapId ¶ 

func (m *SignedMapRoot) GetMapId() int64

func (*SignedMapRoot) GetMapRevision ¶ 

func (m *SignedMapRoot) GetMapRevision() int64

func (*SignedMapRoot) GetMetadata ¶ 

func (m *SignedMapRoot) GetMetadata() *google_protobuf.Any

func (*SignedMapRoot) GetRootHash ¶ 

func (m *SignedMapRoot) GetRootHash() []byte

func (*SignedMapRoot) GetSignature ¶ 

func (m *SignedMapRoot) GetSignature() *sigpb.DigitallySigned

func (*SignedMapRoot) GetTimestampNanos ¶ 

func (m *SignedMapRoot) GetTimestampNanos() int64

func (*SignedMapRoot) ProtoMessage ¶ 

func (*SignedMapRoot) ProtoMessage()

func (*SignedMapRoot) Reset ¶ 

func (m *SignedMapRoot) Reset()

func (*SignedMapRoot) String ¶ 

func (m *SignedMapRoot) String() string

type Tree ¶ 

type Tree struct {
	// ID of the tree.
	// Readonly.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
	// State of the tree.
	// Trees are active after creation. At any point the tree may transition
	// between ACTIVE and FROZEN.
	TreeState TreeState `protobuf:"varint,2,opt,name=tree_state,json=treeState,enum=trillian.TreeState" json:"tree_state,omitempty"`
	// Type of the tree.
	// Readonly.
	TreeType TreeType `protobuf:"varint,3,opt,name=tree_type,json=treeType,enum=trillian.TreeType" json:"tree_type,omitempty"`
	// Hash strategy to be used by the tree.
	// Readonly.
	HashStrategy HashStrategy `protobuf:"varint,4,opt,name=hash_strategy,json=hashStrategy,enum=trillian.HashStrategy" json:"hash_strategy,omitempty"`
	// Hash algorithm to be used by the tree.
	// Readonly.
	// TODO(gdbelvin): Deprecate in favor of signature_cipher_suite and hash_strategy.
	HashAlgorithm sigpb.DigitallySigned_HashAlgorithm `` /* 135-byte string literal not displayed */
	// Signature algorithm to be used by the tree.
	// Readonly.
	// TODO(gdbelvin): Deprecate in favor of signature_cipher_suite.
	SignatureAlgorithm sigpb.DigitallySigned_SignatureAlgorithm `` /* 155-byte string literal not displayed */
	// Signature cipher suite specifies the algorithms used to generate signatures.
	SignatureCipherSuite sigpb.DigitallySigned_SignatureCipherSuite `` /* 166-byte string literal not displayed */
	// Display name of the tree.
	// Optional.
	DisplayName string `protobuf:"bytes,8,opt,name=display_name,json=displayName" json:"display_name,omitempty"`
	// Description of the tree,
	// Optional.
	Description string `protobuf:"bytes,9,opt,name=description" json:"description,omitempty"`
	// Identifies the private key used for signing tree heads and entry
	// timestamps.
	// This can be any type of message to accommodate different key management
	// systems, e.g. PEM files, HSMs, etc.
	// Private keys are write-only: they're never returned by RPCs.
	// The private_key message can be changed after a tree is created, but the
	// underlying key must remain the same - this is to enable migrating a key
	// from one provider to another.
	PrivateKey *google_protobuf.Any `protobuf:"bytes,12,opt,name=private_key,json=privateKey" json:"private_key,omitempty"`
	// Storage-specific settings.
	// Varies according to the storage implementation backing Trillian.
	StorageSettings *google_protobuf.Any `protobuf:"bytes,13,opt,name=storage_settings,json=storageSettings" json:"storage_settings,omitempty"`
	// The public key used for verifying tree heads and entry timestamps.
	// Readonly.
	PublicKey *keyspb.PublicKey `protobuf:"bytes,14,opt,name=public_key,json=publicKey" json:"public_key,omitempty"`
	// Interval after which a new signed root is produced even if there have been
	// no submission.  If zero, this behavior is disabled.
	MaxRootDuration *google_protobuf1.Duration `protobuf:"bytes,15,opt,name=max_root_duration,json=maxRootDuration" json:"max_root_duration,omitempty"`
	// Time of tree creation.
	// Readonly.
	CreateTime *google_protobuf2.Timestamp `protobuf:"bytes,16,opt,name=create_time,json=createTime" json:"create_time,omitempty"`
	// Time of last tree update.
	// Readonly (automatically assigned on updates).
	UpdateTime *google_protobuf2.Timestamp `protobuf:"bytes,17,opt,name=update_time,json=updateTime" json:"update_time,omitempty"`
	// If true, the tree has been deleted.
	// Deleted trees may be undeleted during a certain time window, after which
	// they're permanently deleted (and unrecoverable).
	// Readonly.
	Deleted bool `protobuf:"varint,19,opt,name=deleted" json:"deleted,omitempty"`
	// Time of tree deletion, if any.
	// Readonly.
	DeleteTime *google_protobuf2.Timestamp `protobuf:"bytes,20,opt,name=delete_time,json=deleteTime" json:"delete_time,omitempty"`
}

Represents a tree, which may be either a verifiable log or map. Readonly attributes are assigned at tree creation, after which they may not be modified.

func (*Tree) Descriptor ¶ 

func (*Tree) Descriptor() ([]byte, []int)

func (*Tree) GetCreateTime ¶ 

func (m *Tree) GetCreateTime() *google_protobuf2.Timestamp

func (*Tree) GetDeleteTime ¶ 

func (m *Tree) GetDeleteTime() *google_protobuf2.Timestamp

func (*Tree) GetDeleted ¶ 

func (m *Tree) GetDeleted() bool

func (*Tree) GetDescription ¶ 

func (m *Tree) GetDescription() string

func (*Tree) GetDisplayName ¶ 

func (m *Tree) GetDisplayName() string

func (*Tree) GetHashAlgorithm ¶ 

func (m *Tree) GetHashAlgorithm() sigpb.DigitallySigned_HashAlgorithm

func (*Tree) GetHashStrategy ¶ 

func (m *Tree) GetHashStrategy() HashStrategy

func (*Tree) GetMaxRootDuration ¶ 

func (m *Tree) GetMaxRootDuration() *google_protobuf1.Duration

func (*Tree) GetPrivateKey ¶ 

func (m *Tree) GetPrivateKey() *google_protobuf.Any

func (*Tree) GetPublicKey ¶ 

func (m *Tree) GetPublicKey() *keyspb.PublicKey

func (*Tree) GetSignatureAlgorithm ¶ 

func (m *Tree) GetSignatureAlgorithm() sigpb.DigitallySigned_SignatureAlgorithm

func (*Tree) GetSignatureCipherSuite ¶ 

func (m *Tree) GetSignatureCipherSuite() sigpb.DigitallySigned_SignatureCipherSuite

func (*Tree) GetStorageSettings ¶ 

func (m *Tree) GetStorageSettings() *google_protobuf.Any

func (*Tree) GetTreeId ¶ 

func (m *Tree) GetTreeId() int64

func (*Tree) GetTreeState ¶ 

func (m *Tree) GetTreeState() TreeState

func (*Tree) GetTreeType ¶ 

func (m *Tree) GetTreeType() TreeType

func (*Tree) GetUpdateTime ¶ 

func (m *Tree) GetUpdateTime() *google_protobuf2.Timestamp

func (*Tree) ProtoMessage ¶ 

func (*Tree) ProtoMessage()

func (*Tree) Reset ¶ 

func (m *Tree) Reset()

func (*Tree) String ¶ 

func (m *Tree) String() string

type TreeState ¶ 

type TreeState int32

State of the tree. 

const (
	// Tree state cannot be determined. Included to enable detection of
	// mismatched proto versions being used. Represents an invalid value.
	TreeState_UNKNOWN_TREE_STATE TreeState = 0
	// Active trees are able to respond to both read and write requests.
	TreeState_ACTIVE TreeState = 1
	// Frozen trees are only able to respond to read requests, writing to a frozen
	// tree is forbidden.
	TreeState_FROZEN TreeState = 2
	// Deprecated in favor of Tree.deleted.
	TreeState_DEPRECATED_SOFT_DELETED TreeState = 3
	// Deprecated in favor of Tree.deleted.
	TreeState_DEPRECATED_HARD_DELETED TreeState = 4
)

func (TreeState) EnumDescriptor ¶ 

func (TreeState) EnumDescriptor() ([]byte, []int)

func (TreeState) String ¶ 

func (x TreeState) String() string

type TreeType ¶ 

type TreeType int32

Type of the tree. 

const (
	// Tree type cannot be determined. Included to enable detection of
	// mismatched proto versions being used. Represents an invalid value.
	TreeType_UNKNOWN_TREE_TYPE TreeType = 0
	// Tree represents a verifiable log.
	TreeType_LOG TreeType = 1
	// Tree represents a verifiable map.
	TreeType_MAP TreeType = 2
)

func (TreeType) EnumDescriptor ¶ 

func (TreeType) EnumDescriptor() ([]byte, []int)

func (TreeType) String ¶ 

func (x TreeType) String() string

type TrillianAdminClient ¶ 

type TrillianAdminClient interface {
	// Lists all trees the requester has access to.
	ListTrees(ctx context.Context, in *ListTreesRequest, opts ...grpc.CallOption) (*ListTreesResponse, error)
	// Retrieves a tree by ID.
	GetTree(ctx context.Context, in *GetTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Creates a new tree.
	// System-generated fields are not required and will be ignored if present,
	// e.g.: tree_id, create_time and update_time.
	// Returns the created tree, with all system-generated fields assigned.
	CreateTree(ctx context.Context, in *CreateTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Updates a tree.
	// See Tree for details. Readonly fields cannot be updated.
	UpdateTree(ctx context.Context, in *UpdateTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Soft-deletes a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	DeleteTree(ctx context.Context, in *DeleteTreeRequest, opts ...grpc.CallOption) (*Tree, error)
	// Undeletes a soft-deleted a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	UndeleteTree(ctx context.Context, in *UndeleteTreeRequest, opts ...grpc.CallOption) (*Tree, error)
}

func NewTrillianAdminClient ¶ 

func NewTrillianAdminClient(cc *grpc.ClientConn) TrillianAdminClient

type TrillianAdminServer ¶ 

type TrillianAdminServer interface {
	// Lists all trees the requester has access to.
	ListTrees(context.Context, *ListTreesRequest) (*ListTreesResponse, error)
	// Retrieves a tree by ID.
	GetTree(context.Context, *GetTreeRequest) (*Tree, error)
	// Creates a new tree.
	// System-generated fields are not required and will be ignored if present,
	// e.g.: tree_id, create_time and update_time.
	// Returns the created tree, with all system-generated fields assigned.
	CreateTree(context.Context, *CreateTreeRequest) (*Tree, error)
	// Updates a tree.
	// See Tree for details. Readonly fields cannot be updated.
	UpdateTree(context.Context, *UpdateTreeRequest) (*Tree, error)
	// Soft-deletes a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	DeleteTree(context.Context, *DeleteTreeRequest) (*Tree, error)
	// Undeletes a soft-deleted a tree.
	// A soft-deleted tree may be undeleted for a certain period, after which
	// it'll be permanently deleted.
	UndeleteTree(context.Context, *UndeleteTreeRequest) (*Tree, error)
}

type TrillianLogClient ¶ 

type TrillianLogClient interface {
	// QueueLeaf adds a single leaf to the queue.
	QueueLeaf(ctx context.Context, in *QueueLeafRequest, opts ...grpc.CallOption) (*QueueLeafResponse, error)
	// No direct equivalent at the storage level
	GetInclusionProof(ctx context.Context, in *GetInclusionProofRequest, opts ...grpc.CallOption) (*GetInclusionProofResponse, error)
	GetInclusionProofByHash(ctx context.Context, in *GetInclusionProofByHashRequest, opts ...grpc.CallOption) (*GetInclusionProofByHashResponse, error)
	GetConsistencyProof(ctx context.Context, in *GetConsistencyProofRequest, opts ...grpc.CallOption) (*GetConsistencyProofResponse, error)
	// Corresponds to the LogRootReader API
	GetLatestSignedLogRoot(ctx context.Context, in *GetLatestSignedLogRootRequest, opts ...grpc.CallOption) (*GetLatestSignedLogRootResponse, error)
	// Corresponds to the LeafReader API
	GetSequencedLeafCount(ctx context.Context, in *GetSequencedLeafCountRequest, opts ...grpc.CallOption) (*GetSequencedLeafCountResponse, error)
	GetEntryAndProof(ctx context.Context, in *GetEntryAndProofRequest, opts ...grpc.CallOption) (*GetEntryAndProofResponse, error)
	// Corresponds to the LeafQueuer API
	QueueLeaves(ctx context.Context, in *QueueLeavesRequest, opts ...grpc.CallOption) (*QueueLeavesResponse, error)
	GetLeavesByIndex(ctx context.Context, in *GetLeavesByIndexRequest, opts ...grpc.CallOption) (*GetLeavesByIndexResponse, error)
	GetLeavesByHash(ctx context.Context, in *GetLeavesByHashRequest, opts ...grpc.CallOption) (*GetLeavesByHashResponse, error)
}

func NewTrillianLogClient ¶ 

func NewTrillianLogClient(cc *grpc.ClientConn) TrillianLogClient

type TrillianLogServer ¶ 

type TrillianLogServer interface {
	// QueueLeaf adds a single leaf to the queue.
	QueueLeaf(context.Context, *QueueLeafRequest) (*QueueLeafResponse, error)
	// No direct equivalent at the storage level
	GetInclusionProof(context.Context, *GetInclusionProofRequest) (*GetInclusionProofResponse, error)
	GetInclusionProofByHash(context.Context, *GetInclusionProofByHashRequest) (*GetInclusionProofByHashResponse, error)
	GetConsistencyProof(context.Context, *GetConsistencyProofRequest) (*GetConsistencyProofResponse, error)
	// Corresponds to the LogRootReader API
	GetLatestSignedLogRoot(context.Context, *GetLatestSignedLogRootRequest) (*GetLatestSignedLogRootResponse, error)
	// Corresponds to the LeafReader API
	GetSequencedLeafCount(context.Context, *GetSequencedLeafCountRequest) (*GetSequencedLeafCountResponse, error)
	GetEntryAndProof(context.Context, *GetEntryAndProofRequest) (*GetEntryAndProofResponse, error)
	// Corresponds to the LeafQueuer API
	QueueLeaves(context.Context, *QueueLeavesRequest) (*QueueLeavesResponse, error)
	GetLeavesByIndex(context.Context, *GetLeavesByIndexRequest) (*GetLeavesByIndexResponse, error)
	GetLeavesByHash(context.Context, *GetLeavesByHashRequest) (*GetLeavesByHashResponse, error)
}

type TrillianMapClient ¶ 

type TrillianMapClient interface {
	// GetLeaves returns an inclusion proof for each index requested.
	// For indexes that do not exist, the inclusion proof will use nil for the empty leaf value.
	GetLeaves(ctx context.Context, in *GetMapLeavesRequest, opts ...grpc.CallOption) (*GetMapLeavesResponse, error)
	SetLeaves(ctx context.Context, in *SetMapLeavesRequest, opts ...grpc.CallOption) (*SetMapLeavesResponse, error)
	GetSignedMapRoot(ctx context.Context, in *GetSignedMapRootRequest, opts ...grpc.CallOption) (*GetSignedMapRootResponse, error)
	GetSignedMapRootByRevision(ctx context.Context, in *GetSignedMapRootByRevisionRequest, opts ...grpc.CallOption) (*GetSignedMapRootResponse, error)
}

func NewTrillianMapClient ¶ 

func NewTrillianMapClient(cc *grpc.ClientConn) TrillianMapClient

type TrillianMapServer ¶ 

type TrillianMapServer interface {
	// GetLeaves returns an inclusion proof for each index requested.
	// For indexes that do not exist, the inclusion proof will use nil for the empty leaf value.
	GetLeaves(context.Context, *GetMapLeavesRequest) (*GetMapLeavesResponse, error)
	SetLeaves(context.Context, *SetMapLeavesRequest) (*SetMapLeavesResponse, error)
	GetSignedMapRoot(context.Context, *GetSignedMapRootRequest) (*GetSignedMapRootResponse, error)
	GetSignedMapRootByRevision(context.Context, *GetSignedMapRootByRevisionRequest) (*GetSignedMapRootResponse, error)
}

type UndeleteTreeRequest ¶ added in v1.0.2 

type UndeleteTreeRequest struct {
	// ID of the tree to undelete.
	TreeId int64 `protobuf:"varint,1,opt,name=tree_id,json=treeId" json:"tree_id,omitempty"`
}

UndeleteTree request.

func (*UndeleteTreeRequest) Descriptor ¶ added in v1.0.2 

func (*UndeleteTreeRequest) Descriptor() ([]byte, []int)

func (*UndeleteTreeRequest) GetTreeId ¶ added in v1.0.2 

func (m *UndeleteTreeRequest) GetTreeId() int64

func (*UndeleteTreeRequest) ProtoMessage ¶ added in v1.0.2 

func (*UndeleteTreeRequest) ProtoMessage()

func (*UndeleteTreeRequest) Reset ¶ added in v1.0.2 

func (m *UndeleteTreeRequest) Reset()

func (*UndeleteTreeRequest) String ¶ added in v1.0.2 

func (m *UndeleteTreeRequest) String() string

type UpdateTreeRequest ¶ 

type UpdateTreeRequest struct {
	// Tree to be updated.
	Tree *Tree `protobuf:"bytes,1,opt,name=tree" json:"tree,omitempty"`
	// Fields modified by the update request.
	// For example: "tree_state", "display_name", "description".
	UpdateMask *google_protobuf4.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask" json:"update_mask,omitempty"`
}

UpdateTree request.

func (*UpdateTreeRequest) Descriptor ¶ 

func (*UpdateTreeRequest) Descriptor() ([]byte, []int)

func (*UpdateTreeRequest) GetTree ¶ 

func (m *UpdateTreeRequest) GetTree() *Tree

func (*UpdateTreeRequest) GetUpdateMask ¶ 

func (m *UpdateTreeRequest) GetUpdateMask() *google_protobuf4.FieldMask

func (*UpdateTreeRequest) ProtoMessage ¶ 

func (*UpdateTreeRequest) ProtoMessage()

func (*UpdateTreeRequest) Reset ¶ 

func (m *UpdateTreeRequest) Reset()

func (*UpdateTreeRequest) String ¶ 

func (m *UpdateTreeRequest) String() string

Source Files ¶

View all Source files

Directories ¶

Path Synopsis
Package client verifies responses from the Trillian log.
 Package client verifies responses from the Trillian log.
backoff
Package backoff allows retrying an operation with backoff.
 Package backoff allows retrying an operation with backoff.
cmd
createtree
Package main contains the implementation and entry point for the createtree command.
 Package main contains the implementation and entry point for the createtree command.
createtree/keys
createtree/testonly
Package crypto provides signing functionality for Trillian.
 Package crypto provides signing functionality for Trillian.
keys
Package keys provides access to public and private keys for signing and verification of signatures.
 Package keys provides access to public and private keys for signing and verification of signatures.
keys/der
keys/der/proto
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
keys/pem
keys/pem/proto
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
keys/pkcs11
Package pkcs11 provides access to private keys using a PKCS#11 interface.
 Package pkcs11 provides access to private keys using a PKCS#11 interface.
keys/pkcs11/proto
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
keys/testonly
Package testonly contains code and data that should only be used by tests.
 Package testonly contains code and data that should only be used by tests.
keyspb
Package keyspb is a generated protocol buffer package.
 Package keyspb is a generated protocol buffer package.
sigpb
Package sigpb is a generated protocol buffer package.
 Package sigpb is a generated protocol buffer package.
docs
storage/commit_log
The commit_log binary runs a simulation of the design for a commit-log based signer, with a simulated Kafka-like interface and a simulated master election package (which can be triggered to incorrectly report multiple masters), and with the core algorithm in the signer code.
 The commit_log binary runs a simulation of the design for a commit-log based signer, with a simulated Kafka-like interface and a simulated master election package (which can be triggered to incorrectly report multiple masters), and with the core algorithm in the signer code.
storage/commit_log/signer
Package signer is a sample implementation of a commit-log based signer.
 Package signer is a sample implementation of a commit-log based signer.
storage/commit_log/simelection
Package simelection simulates a master election.
 Package simelection simulates a master election.
storage/commit_log/simkafka
Package simkafka is a toy simulation of a Kafka commit log.
 Package simkafka is a toy simulation of a Kafka commit log.
Package errors defines an error representation that associates an error message to an error code.
 Package errors defines an error representation that associates an error message to an error code.
examples
ct/ctmapper
Package ctmapper maps from a verifiable log to verifiable map.
 Package ctmapper maps from a verifiable log to verifiable map.
ct/ctmapper/ctmapperpb
Package ctmapperpb is a generated protocol buffer package.
 Package ctmapperpb is a generated protocol buffer package.
ct/ctmapper/lookup
The lookup binary looks up a specific ID in a map.
 The lookup binary looks up a specific ID in a map.
ct/ctmapper/mapper
The mapper binary performs log->map mapping.
 The mapper binary performs log->map mapping.
vmap/trillian_map_client
The trillian_map_client binary performs a trivial map operation.
 The trillian_map_client binary performs a trivial map operation.
Package extension provides an extension mechanism for Trillian code to access fork-specific functionality.
 Package extension provides an extension mechanism for Trillian code to access fork-specific functionality.
Package integration contains some integration tests which are intended to serve as a way of checking that various top-level binaries work as intended, as well as providing a simple example of how to run and use the various servers.
 Package integration contains some integration tests which are intended to serve as a way of checking that various top-level binaries work as intended, as well as providing a simple example of how to run and use the various servers.
admin
Package admin contains integration tests for the Admin server.
 Package admin contains integration tests for the Admin server.
maptest
quota
Package quota contains quota-related integration tests.
 Package quota contains quota-related integration tests.
Package log includes code that is specific to Trillian's log mode, particularly code for running sequencing operations.
 Package log includes code that is specific to Trillian's log mode, particularly code for running sequencing operations.
Package merkle provides Merkle tree manipulation functions.
 Package merkle provides Merkle tree manipulation functions.
coniks
Package coniks provides hashing for maps.
 Package coniks provides hashing for maps.
hashers
maphasher
Package maphasher provides hashing for maps.
 Package maphasher provides hashing for maps.
objhasher
Package objhasher provides generic object hashing functionality.
 Package objhasher provides generic object hashing functionality.
rfc6962
Package rfc6962 provides hashing functionality according to RFC6962.
 Package rfc6962 provides hashing functionality according to RFC6962.
Package monitoring provides monitoring functionality.
 Package monitoring provides monitoring functionality.
prometheus
Package prometheus provides a Prometheus-based implementation of the MetricFactory abstraction.
 Package prometheus provides a Prometheus-based implementation of the MetricFactory abstraction.
prometheus/etcdiscover
The etcdiscover binary monitors etcd to track the set of instances that support a gRPC service, and updates a file so that Prometheus can track those instances.
 The etcdiscover binary monitors etcd to track the set of instances that support a gRPC service, and updates a file so that Prometheus can track those instances.
testonly
Package quota defines Trillian's Quota Management service.
 Package quota defines Trillian's Quota Management service.
cacheqm
Package cacheqm contains a caching quota.Manager implementation.
 Package cacheqm contains a caching quota.Manager implementation.
etcd/etcdqm
Package etcdqm contains an etcd-based quota.Manager implementation.
 Package etcdqm contains an etcd-based quota.Manager implementation.
etcd/quotaapi
Package quotaapi provides a Quota admin server implementation.
 Package quotaapi provides a Quota admin server implementation.
etcd/quotapb
Package quotapb contains definitions for quota API protos and RPC service.
 Package quotapb contains definitions for quota API protos and RPC service.
etcd/storage
Package storage contains storage classes for etcd-based quotas.
 Package storage contains storage classes for etcd-based quotas.
etcd/storagepb
Package storagepb is a generated protocol buffer package.
 Package storagepb is a generated protocol buffer package.
mysqlqm
Package mysqlqm defines a MySQL-based quota.Manager implementation.
 Package mysqlqm defines a MySQL-based quota.Manager implementation.
Package server holds code for core Trillian servers.
 Package server holds code for core Trillian servers.
admin
Package admin contains the TrillianAdminServer implementation.
 Package admin contains the TrillianAdminServer implementation.
errors
Package errors contains utilities to translate TrillianErrors to gRPC errors.
 Package errors contains utilities to translate TrillianErrors to gRPC errors.
interceptor
Package interceptor defines gRPC interceptors for Trillian.
 Package interceptor defines gRPC interceptors for Trillian.
trillian_log_server
The trillian_log_server binary runs the Trillian log server, and also provides an admin server.
 The trillian_log_server binary runs the Trillian log server, and also provides an admin server.
trillian_log_signer
The trillian_log_signer binary runs the log signing code.
 The trillian_log_signer binary runs the log signing code.
trillian_map_server
Package storage provides general interfaces to Trillian storage layers.
 Package storage provides general interfaces to Trillian storage layers.
cache
Package cache provides subtree caching functionality.
 Package cache provides subtree caching functionality.
memory
Package memory provides a simple in-process implementation of the tree- and log-storage interfaces.
 Package memory provides a simple in-process implementation of the tree- and log-storage interfaces.
mysql
Package mysql provides a MySQL-based storage layer implementation.
 Package mysql provides a MySQL-based storage layer implementation.
storagepb
Package storagepb is a generated protocol buffer package.
 Package storagepb is a generated protocol buffer package.
testdb
Package testdb creates new databases for tests.
 Package testdb creates new databases for tests.
testonly
Package testonly holds test-specific code for Trillian storage layers.
 Package testonly holds test-specific code for Trillian storage layers.
tools/dump_tree
The dump_tree program uses the in memory storage implementation to create a sequenced log tree of a particular size using known leaf data and then dumps out the resulting SubTree protos for examination and debugging.
 The dump_tree program uses the in memory storage implementation to create a sequenced log tree of a particular size using known leaf data and then dumps out the resulting SubTree protos for examination and debugging.
tools/dump_tree/dumplib
tools/fetch_leaves
The fetch_leaves program retrieves leaves from a tree.
 The fetch_leaves program retrieves leaves from a tree.
tools/hasher
The hasher program provides a simple CLI for producing Merkle tree hashes.
 The hasher program provides a simple CLI for producing Merkle tree hashes.
tools/log_client
The log_client binary retrieves leaves from a log.
 The log_client binary retrieves leaves from a log.
tools/queue_leaves
The queue_leaves binary queues a number of leaves for a log from a given start point with predictable hashes.
 The queue_leaves binary queues a number of leaves for a log from a given start point with predictable hashes.
Package testonly contains code and data that should only be used by tests.
 Package testonly contains code and data that should only be used by tests.
hammer
hammer/maphammer
maphammer is a stress/load test for a Trillian Map.
 maphammer is a stress/load test for a Trillian Map.
integration
Package integration provides test-only code for performing integrated tests of Trillian functionality.
 Package integration provides test-only code for performing integrated tests of Trillian functionality.
integration/etcd
matchers
Package matchers contains additional gomock matchers.
 Package matchers contains additional gomock matchers.
Package trees contains utility method for retrieving trees and acquiring objects (hashers, signers) associated with them.
 Package trees contains utility method for retrieving trees and acquiring objects (hashers, signers) associated with them.
Package util holds various utility functions used throughout the Trillian codebase.
 Package util holds various utility functions used throughout the Trillian codebase.
etcd
Package etcd holds an etcd-specific implementation of the util.MasterElection interface.
 Package etcd holds an etcd-specific implementation of the util.MasterElection interface.
flagsaver
Package flagsaver provides a simple way to save and restore flag values.
 Package flagsaver provides a simple way to save and restore flag values.
proxy
Package proxy forwards Trillian Log Server requests to another server.
 Package proxy forwards Trillian Log Server requests to another server.
vmap
rpctoy
toy

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.