...

Source file src/github.com/google/certificate-transparency-go/trillian/migrillian/core/config.go

Documentation: github.com/google/certificate-transparency-go/trillian/migrillian/core 

     1  // Copyright 2018 Google LLC. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package core
    16  
    17  import (
    18  	"errors"
    19  	"fmt"
    20  	"os"
    21  
    22  	"github.com/google/certificate-transparency-go/trillian/migrillian/configpb"
    23  	"google.golang.org/protobuf/encoding/prototext"
    24  	"google.golang.org/protobuf/proto"
    25  )
    26  
    27  // LoadConfigFromFile reads MigrillianConfig from the given filename, which
    28  // should contain text-protobuf encoded configuration data.
    29  func LoadConfigFromFile(filename string) (*configpb.MigrillianConfig, error) {
    30  	cfgBytes, err := os.ReadFile(filename)
    31  	if err != nil {
    32  		return nil, err
    33  	}
    34  	var cfg configpb.MigrillianConfig
    35  	if txtErr := prototext.Unmarshal(cfgBytes, &cfg); txtErr != nil {
    36  		if binErr := proto.Unmarshal(cfgBytes, &cfg); binErr != nil {
    37  			return nil, fmt.Errorf("failed to parse MigrillianConfig from %q as text protobuf (%v) or binary protobuf (%v)", filename, txtErr, binErr)
    38  		}
    39  	}
    40  
    41  	return &cfg, nil
    42  }
    43  
    44  // ValidateMigrationConfig verifies that the migration config is sane.
    45  func ValidateMigrationConfig(cfg *configpb.MigrationConfig) error {
    46  	// TODO(pavelkalinnikov): Also try to parse the public key.
    47  	switch {
    48  	case len(cfg.SourceUri) == 0:
    49  		return errors.New("missing CT log URI")
    50  	case cfg.PublicKey == nil:
    51  		return errors.New("missing public key")
    52  	case cfg.LogId <= 0:
    53  		return errors.New("log ID must be positive")
    54  	case cfg.BatchSize <= 0:
    55  		return errors.New("batch size must be positive")
    56  	}
    57  	switch idFunc := cfg.IdentityFunction; idFunc {
    58  	case configpb.IdentityFunction_SHA256_CERT_DATA:
    59  	case configpb.IdentityFunction_SHA256_LEAF_INDEX:
    60  	default:
    61  		return fmt.Errorf("unknown identity function: %v", idFunc)
    62  	}
    63  	return nil
    64  }
    65  
    66  // ValidateConfig verifies that MigrillianConfig is correct. In particular:
    67  // - Migration configs are valid (as per ValidateMigrationConfig).
    68  // - Each migration config has a unique log ID.
    69  func ValidateConfig(cfg *configpb.MigrillianConfig) error {
    70  	// Validate each MigrationConfig, and ensure that log IDs are unique.
    71  	logIDs := make(map[int64]bool)
    72  	for _, mc := range cfg.MigrationConfigs.Config {
    73  		if err := ValidateMigrationConfig(mc); err != nil {
    74  			return fmt.Errorf("MigrationConfig: %v: %v", err, mc)
    75  		}
    76  		if ok := logIDs[mc.LogId]; ok {
    77  			return fmt.Errorf("duplicate tree ID %d: %v", mc.LogId, mc)
    78  		}
    79  		logIDs[mc.LogId] = true
    80  	}
    81  	return nil
    82  }
    83  

View as plain text