github.com/google/trillian-examples@v0.0.0-20240520080811-0d40d35cef0e/binary_transparency/firmware/cmd/ft_monitor/ft_monitor.go

github.com/google/trillian-examples@v0.0.0-20240520080811-0d40d35cef0e/binary_transparency/firmware/cmd/ft_monitor/ft_monitor.go (about)

     1  // Copyright 2020 Google LLC. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // This package is the entrypoint for the Firmware Transparency monitor.
    16  // The monitor follows the growth of the Firmware Transparency log server,
    17  // inspects new firmware metadata as it appears, and prints out a short
    18  // summary.
    19  //
    20  // TODO(al): Extend monitor to verify claims.
    21  //
    22  // Start the monitor using:
    23  // go run ./cmd/ft_monitor/main.go --logtostderr -v=2 --ftlog=http://localhost:8000/  --state_file=/tmp/ftmon.state
    24  package main
    25  
    26  import (
    27  	"context"
    28  	"flag"
    29  	"time"
    30  
    31  	"github.com/golang/glog"
    32  	"github.com/google/trillian-examples/binary_transparency/firmware/api"
    33  	"github.com/google/trillian-examples/binary_transparency/firmware/cmd/ft_monitor/impl"
    34  	"github.com/google/trillian-examples/binary_transparency/firmware/internal/crypto"
    35  	"golang.org/x/mod/sumdb/note"
    36  )
    37  
    38  var (
    39  	ftLog        = flag.String("ftlog", "http://localhost:8000", "Base URL of FT Log server")
    40  	pollInterval = flag.Duration("poll_interval", 5*time.Second, "Duration to wait between polling for new entries")
    41  	keyWord      = flag.String("keyword", "trojan", "Example keyword for malware")
    42  	annotate     = flag.Bool("annotate", false, "If true then this will add annotations to the log in addition to local logging")
    43  	stateFile    = flag.String("state_file", "", "Filepath to persist monitor state to")
    44  )
    45  
    46  func main() {
    47  	flag.Parse()
    48  
    49  	testLogSigV, _ := note.NewVerifier(crypto.TestFTPersonalityPub)
    50  
    51  	if err := impl.Main(context.Background(), impl.MonitorOpts{
    52  		LogURL:       *ftLog,
    53  		PollInterval: *pollInterval,
    54  		Keyword:      *keyWord,
    55  		Matched: func(idx uint64, fw api.FirmwareMetadata) {
    56  			glog.Warningf("Malware detected at log index %d, in firmware: %v", idx, fw)
    57  		},
    58  		Annotate:       *annotate,
    59  		StateFile:      *stateFile,
    60  		LogSigVerifier: testLogSigV,
    61  	}); err != nil {
    62  		glog.Exitf(err.Error())
    63  	}
    64  }