github.com/google/trillian-examples@v0.0.0-20240520080811-0d40d35cef0e/binary_transparency/firmware/cmd/ft_personality/internal/trees/trees.go (about) 1 // Copyright 2020 Google LLC. All Rights Reserved. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // Package trees contains the personality tree configuration. 16 package trees 17 18 import ( 19 "context" 20 "database/sql" 21 "fmt" 22 "time" 23 24 "github.com/google/trillian" 25 "github.com/google/trillian/client" 26 "google.golang.org/grpc" 27 "google.golang.org/protobuf/proto" 28 "google.golang.org/protobuf/types/known/durationpb" 29 ) 30 31 // TreeStorage allows access to the configuration. 32 type TreeStorage struct { 33 db *sql.DB 34 } 35 36 // NewTreeStorage sets up a TreeStorage using the given DB. 37 func NewTreeStorage(db *sql.DB) *TreeStorage { 38 return &TreeStorage{ 39 db: db, 40 } 41 } 42 43 // EnsureTree gets the tree for this personality, creating it if necessary. 44 // Takes a connection to Trillian to use for initialization. 45 // This is only safe in a single-replica deployment. In a real production setup 46 // this provisioning would likely be done by a human ahead of time, or if this 47 // style of automatic deployment was required then some kind of locking would 48 // be required to ensure that only one log was created and used by all frontends. 49 func (s *TreeStorage) EnsureTree(ctx context.Context, conn grpc.ClientConnInterface) (*trillian.Tree, error) { 50 if err := s.init(); err != nil { 51 return nil, err 52 } 53 res, err := s.getTree() 54 if err == nil { 55 return res, nil 56 } 57 if err == sql.ErrNoRows { 58 tree, err := s.createTree(ctx, conn) 59 if err != nil { 60 return nil, err 61 } 62 return tree, s.setTree(tree) 63 } 64 return nil, err 65 } 66 67 func (s *TreeStorage) createTree(ctx context.Context, conn grpc.ClientConnInterface) (*trillian.Tree, error) { 68 // N.B. Using the admin interface from the personality is not good practice for 69 // a production system. This simply allows a convenient way of getting the tree 70 // for the sake of getting the FT demo up and running. 71 72 ctr := &trillian.CreateTreeRequest{ 73 Tree: &trillian.Tree{ 74 TreeState: trillian.TreeState_ACTIVE, 75 TreeType: trillian.TreeType_LOG, 76 DisplayName: "ft", 77 Description: "binary transparency log", 78 MaxRootDuration: durationpb.New(time.Hour), 79 }, 80 } 81 82 adminClient := trillian.NewTrillianAdminClient(conn) 83 logClient := trillian.NewTrillianLogClient(conn) 84 85 return client.CreateAndInitTree(ctx, ctr, adminClient, logClient) 86 } 87 88 func (s *TreeStorage) getTree() (*trillian.Tree, error) { 89 var raw []byte 90 if err := s.db.QueryRow("SELECT config FROM trees WHERE key = 'ft'").Scan(&raw); err != nil { 91 return nil, err 92 } 93 94 var res *trillian.Tree 95 if err := proto.Unmarshal(raw, res); err != nil { 96 return nil, err 97 } 98 return res, nil 99 } 100 101 func (s *TreeStorage) setTree(tree *trillian.Tree) error { 102 bs, err := proto.Marshal(tree) 103 if err != nil { 104 return err 105 } 106 _, err = s.db.Exec("INSERT INTO trees (key, config) VALUES (?, ?)", "ft", bs) 107 if err != nil { 108 return fmt.Errorf("failed to set tree: %w", err) 109 } 110 return nil 111 } 112 113 func (s *TreeStorage) init() error { 114 _, err := s.db.Exec("CREATE TABLE IF NOT EXISTS trees (key BLOB PRIMARY KEY, config BLOB)") 115 return err 116 }