Skip to content
Permalink
Browse files

Use IsValidEntry in Keyserver

  • Loading branch information...
gdbelvin committed Feb 22, 2019
1 parent e3d0311 commit a037b3d1236d1b184f378e1a62e334bead33dd31
@@ -121,7 +121,7 @@ func main() {
tmap := trillian.NewTrillianMapClient(mconn)

// Create gRPC server.
ksvr := keyserver.New(tlog, tmap, entry.MutateFn, directories, logs, logs,
ksvr := keyserver.New(tlog, tmap, entry.IsValidEntry, directories, logs, logs,
prometheus.MetricFactory{})
grpcServer := grpc.NewServer(
grpc.Creds(creds),
@@ -81,33 +81,33 @@ type indexFunc func(ctx context.Context, d *directory.Directory, userID string)

// Server holds internal state for the key server.
type Server struct {
tlog tpb.TrillianLogClient
tmap tpb.TrillianMapClient
mutate mutator.ReduceMutationFn
directories directory.Storage
logs MutationLogs
batches BatchReader
indexFunc indexFunc
tlog tpb.TrillianLogClient
tmap tpb.TrillianMapClient
verifyMutation mutator.VerifyMutationFn
directories directory.Storage
logs MutationLogs
batches BatchReader
indexFunc indexFunc
}

// New creates a new instance of the key server.
func New(tlog tpb.TrillianLogClient,
tmap tpb.TrillianMapClient,
mutate mutator.ReduceMutationFn,
verifyMutation mutator.VerifyMutationFn,
directories directory.Storage,
logs MutationLogs,
batches BatchReader,
metricsFactory monitoring.MetricFactory,
) *Server {
initMetrics.Do(func() { createMetrics(metricsFactory) })
return &Server{
tlog: tlog,
tmap: tmap,
mutate: mutate,
directories: directories,
logs: logs,
batches: batches,
indexFunc: indexFromVRF,
tlog: tlog,
tmap: tmap,
verifyMutation: verifyMutation,
directories: directories,
logs: logs,
batches: batches,
indexFunc: indexFromVRF,
}
}

@@ -563,8 +563,7 @@ func (s *Server) BatchQueueUserUpdate(ctx context.Context, in *pb.BatchQueueUser
// - Correct profile commitment.
// - Correct key formats.
for _, u := range in.Updates {
_, err := s.mutate(u.Mutation, u.Mutation, false)
if err != nil {
if err := s.verifyMutation(u.Mutation); err != nil {
glog.Warningf("Invalid UpdateEntryRequest: %v", err)
return nil, status.Errorf(codes.InvalidArgument, "Invalid mutation")
}
@@ -109,7 +109,7 @@ func (m *Monitor) verifyMutations(muts []*pb.MutationProof, oldRoot *trillian.Si
}

// compute the new leaf
newValue, err := entry.MutateFn(oldLeaf, mut.GetMutation(), true)
newValue, err := entry.MutateFn(oldLeaf, mut.GetMutation())
if err != nil {
glog.Infof("Mutation did not verify: %v", err)
errs.AppendStatus(status.Newf(codes.DataLoss, "invalid mutation: %v", err).WithDetails(mut.GetMutation()))
@@ -111,7 +111,7 @@ func (m *Mutation) SerializeAndSign(signers []tink.Signer) (*pb.EntryUpdate, err
}

// Sanity check the mutation's correctness.
if _, err := MutateFn(m.prevSignedEntry, mutation, true); err != nil {
if _, err := MutateFn(m.prevSignedEntry, mutation); err != nil {
return nil, fmt.Errorf("presign mutation check: %v", err)
}

@@ -114,7 +114,7 @@ func TestCreateAndVerify(t *testing.T) {
if err != nil {
t.Fatalf("FromLeafValue(%v): %v", tc.old, err)
}
newSignedEntry, err := MutateFn(oldSignedEntry, update.GetMutation(), true)
newSignedEntry, err := MutateFn(oldSignedEntry, update.GetMutation())
if err != nil {
t.Fatalf("Mutate(%v): %v", update.GetMutation(), err)
}
@@ -177,7 +177,7 @@ func TestCheckMutation(t *testing.T) {
continue
}

if _, got := MutateFn(tc.old, m, true); got != tc.err {
if _, got := MutateFn(tc.old, m); got != tc.err {
t.Errorf("%v Mutate(): %v, want %v", tc.desc, got, tc.err)
}
}
@@ -69,7 +69,7 @@ func ReduceFn(mutatorFn mutator.ReduceMutationFn,
// TODO(gbelvin): Choose the mutation deterministically, regardless of the messages order.
// (optional): Select the mutation based on it's correctness.
msg := msgs[0]
newValue, err := mutatorFn(oldValue, msg.Mutation, true)
newValue, err := mutatorFn(oldValue, msg.Mutation)
if err != nil {
glog.Warningf("Mutate(): %v", err)
return nil // A bad mutation should not make the whole batch to fail.
@@ -181,7 +181,7 @@ func NewEnv(ctx context.Context) (*Env, error) {

pb.RegisterKeyTransparencyServer(gsvr, keyserver.New(
logEnv.Log, mapEnv.Map,
entry.MutateFn, directoryStorage,
entry.IsValidEntry, directoryStorage,
mutations, mutations,
monitoring.InertMetricFactory{},
))

0 comments on commit a037b3d

Please sign in to comment.
You can’t perform that action at this time.