File: gossip_server.go

package info (click to toggle)
golang-github-google-certificate-transparency 0.0~git20160709.0.0f6e3d1~ds1-3
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, buster
  • size: 5,676 kB
  • sloc: cpp: 35,278; python: 11,838; java: 1,911; sh: 1,885; makefile: 950; xml: 520; ansic: 225
file content (73 lines) | stat: -rw-r--r-- 2,076 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
package main

import (
	"errors"
	"flag"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"strings"

	ct "github.com/google/certificate-transparency/go"
	"github.com/google/certificate-transparency/go/gossip"
)

var dbPath = flag.String("database", "/tmp/gossip.sq3", "Path to database.")
var listenAddress = flag.String("listen", ":8080", "Listen address:port for HTTP server.")
var logKeys = flag.String("log_public_keys", "", "Comma separated list of files containing trusted Logs' public keys in PEM format")

func createVerifiers() (*gossip.SignatureVerifierMap, error) {
	m := make(gossip.SignatureVerifierMap)
	if len(*logKeys) == 0 {
		return nil, errors.New("--log_public_keys is empty")
	}
	keys := strings.Split(*logKeys, ",")
	for _, k := range keys {
		pem, err := ioutil.ReadFile(k)
		if err != nil {
			return nil, fmt.Errorf("failed to read specified PEM file %s: %v", k, err)
		}
		for len(pem) > 0 {
			key, id, rest, err := ct.PublicKeyFromPEM(pem)
			pem = rest
			if err != nil {
				return nil, fmt.Errorf("failed to read public key from PEM in file %s: %v", k, err)
			}
			sv, err := ct.NewSignatureVerifier(key)
			if err != nil {
				return nil, fmt.Errorf("Failed to create new SignatureVerifier: %v", err)
			}
			m[id] = *sv
			log.Printf("Loaded key for LogID %v", id)
		}
	}
	return &m, nil
}

func main() {
	flag.Parse()
	verifierMap, err := createVerifiers()
	if err != nil {
		log.Fatalf("Failed to load log public keys: %v", err)
	}
	log.Print("Starting gossip server.")

	storage := gossip.Storage{}
	if err := storage.Open(*dbPath); err != nil {
		log.Fatalf("Failed to open storage: %v", err)
	}
	defer storage.Close()

	handler := gossip.NewHandler(&storage, *verifierMap)
	serveMux := http.NewServeMux()
	serveMux.HandleFunc("/.well-known/ct/v1/sct-feedback", handler.HandleSCTFeedback)
	serveMux.HandleFunc("/.well-known/ct/v1/sth-pollination", handler.HandleSTHPollination)
	server := &http.Server{
		Addr:    *listenAddress,
		Handler: serveMux,
	}
	if err := server.ListenAndServe(); err != nil {
		log.Printf("Error serving: %v", err)
	}
}