Skip to content

Commit

Permalink
fix: use entry uuid uniformly
Browse files Browse the repository at this point in the history
Signed-off-by: Asra Ali <asraa@google.com>

update

Signed-off-by: Asra Ali <asraa@google.com>
  • Loading branch information
asraa committed Aug 29, 2022
1 parent 568e31a commit 6f5383a
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 21 deletions.
23 changes: 20 additions & 3 deletions cmd/rekor-cli/app/get.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func (g *getCmdOutput) String() string {
s += fmt.Sprintf("Index: %d\n", g.LogIndex)
dt := time.Unix(g.IntegratedTime, 0).UTC().Format(time.RFC3339)
s += fmt.Sprintf("IntegratedTime: %s\n", dt)
s += fmt.Sprintf("UUID: %s\n", g.UUID)
s += fmt.Sprintf("Entry UUID: %s\n", g.UUID)
var b bytes.Buffer
e := json.NewEncoder(&b)
e.SetIndent("", " ")
Expand Down Expand Up @@ -127,13 +127,30 @@ var getCmd = &cobra.Command{
return nil, err
}

u, err := sharding.GetUUIDFromIDString(params.EntryUUID)
paramsUUID, err := sharding.GetUUIDFromIDString(params.EntryUUID)
if err != nil {
return nil, err
}
paramsTreeID, err := sharding.GetTreeIDFromIDString(params.EntryUUID)
if !errors.Is(err, sharding.ErrPlainUUID) {
return nil, err
}

for k, entry := range resp.Payload {
if k != u {
outputUUID, err := sharding.GetUUIDFromIDString(k)
if err != nil {
return nil, err
}
outTreeID, err := sharding.GetTreeIDFromIDString(k)
if !errors.Is(err, sharding.ErrPlainUUID) {
return nil, err
}

// Compare against expected UUID and Tree ID (if present).
if outputUUID != paramsUUID {
continue
}
if paramsTreeID != "" && outTreeID != "" && paramsTreeID != outTreeID {
continue
}

Expand Down
7 changes: 5 additions & 2 deletions cmd/rekor-cli/app/verify.go
Original file line number Diff line number Diff line change
Expand Up @@ -164,8 +164,11 @@ var verifyCmd = &cobra.Command{
}
}

// Note: the returned entry UUID is the UUID (not include the Tree ID)
leafHash, _ := hex.DecodeString(o.EntryUUID)
outputUUID, err := sharding.GetUUIDFromIDString(o.EntryUUID)
if err != nil {
return nil, err
}
leafHash, _ := hex.DecodeString(outputUUID)
if !bytes.Equal(rfc6962.DefaultHasher.HashLeaf(entryBytes), leafHash) {
return nil, fmt.Errorf("computed leaf hash did not match entry UUID")
}
Expand Down
16 changes: 9 additions & 7 deletions pkg/api/entries.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,13 @@ func logEntryFromLeaf(ctx context.Context, signer signature.Signer, tc TrillianC
}

uuid := hex.EncodeToString(leaf.MerkleLeafHash)
activeTree := fmt.Sprintf("%x", tc.logID)
entryIDstruct, err := sharding.CreateEntryIDFromParts(activeTree, uuid)
if err != nil {
return nil, fmt.Errorf("error creating EntryID from active treeID %v and uuid %v: %w", activeTree, uuid, err)
}
entryID := entryIDstruct.ReturnEntryIDString()

if viper.GetBool("enable_attestation_storage") {
pe, err := models.UnmarshalProposedEntry(bytes.NewReader(leaf.LeafValue), runtime.JSONConsumer())
if err != nil {
Expand All @@ -119,11 +126,6 @@ func logEntryFromLeaf(ctx context.Context, signer signature.Signer, tc TrillianC
}
// if looking up by key failed or we weren't able to generate a key, try looking up by uuid
if attKey == "" || fetchErr != nil {
activeTree := fmt.Sprintf("%x", tc.logID)
entryIDstruct, err := sharding.CreateEntryIDFromParts(activeTree, uuid)
if err != nil {
return nil, fmt.Errorf("error creating EntryID from active treeID %v and uuid %v: %w", activeTree, uuid, err)
}
att, fetchErr = storageClient.FetchAttestation(ctx, entryIDstruct.UUID)
if fetchErr != nil {
log.ContextLogger(ctx).Errorf("error fetching attestation by uuid: %s %v", entryIDstruct.UUID, fetchErr)
Expand All @@ -143,7 +145,7 @@ func logEntryFromLeaf(ctx context.Context, signer signature.Signer, tc TrillianC
}

return models.LogEntry{
uuid: logEntryAnon}, nil
entryID: logEntryAnon}, nil
}

// GetLogEntryAndProofByIndexHandler returns the entry and inclusion proof for a specified log index
Expand Down Expand Up @@ -262,7 +264,7 @@ func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middl
}

logEntry := models.LogEntry{
uuid: logEntryAnon,
entryID: logEntryAnon,
}
return logEntry, nil
}
Expand Down
12 changes: 3 additions & 9 deletions tests/sharding-e2e-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -243,20 +243,14 @@ fi
echo
echo "Testing /api/v1/log/entries/retrieve endpoint..."

UUID1=$($REKOR_CLI get --log-index 1 --rekor_server http://localhost:3000 --format json | jq -r .UUID)
UUID2=$($REKOR_CLI get --log-index 3 --rekor_server http://localhost:3000 --format json | jq -r .UUID)
ENTRY_ID_1=$($REKOR_CLI get --log-index 1 --rekor_server http://localhost:3000 --format json | jq -r .UUID)
ENTRY_ID_2=$($REKOR_CLI get --log-index 3 --rekor_server http://localhost:3000 --format json | jq -r .UUID)


# Make sure retrieve by UUID in the inactive shard works
NUM_ELEMENTS=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"entryUUIDs\": [\"$UUID1\"]}" | jq '. | length')
NUM_ELEMENTS=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"entryUUIDs\": [\"$ENTRY_ID_1\"]}" | jq '. | length')
stringsMatch $NUM_ELEMENTS "1"

HEX_INITIAL_TREE_ID=$(printf "%x" $INITIAL_TREE_ID | awk '{ for(c = 0; c < 16 ; c++) s = s"0"; s = s$1; print substr(s, 1 + length(s) - 16);}')
HEX_INITIAL_SHARD_ID=$(printf "%x" $SHARD_TREE_ID | awk '{ for(c = 0; c < 16 ; c++) s = s"0"; s = s$1; print substr(s, 1 + length(s) - 16);}')

ENTRY_ID_1=$(echo -n "$HEX_INITIAL_TREE_ID$UUID1" | xargs echo -n)
ENTRY_ID_2=$(echo -n "$HEX_INITIAL_SHARD_ID$UUID2" | xargs echo -n)

# -f makes sure we exit on failure
NUM_ELEMENTS=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"entryUUIDs\": [\"$ENTRY_ID_1\", \"$ENTRY_ID_2\"]}" | jq '. | length')
stringsMatch $NUM_ELEMENTS "2"
Expand Down

0 comments on commit 6f5383a

Please sign in to comment.