1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
package main
import (
"log"
"time"
"git.sr.ht/~benburwell/gosumdbaudit/monitor"
// "git.sr.ht/~benburwell/gosumdbaudit/sumdb"
)
func main() {
mon := monitor.NewMonitor(&monitor.Database{
URL: "sum.golang.org",
Key: "sum.golang.org+033de0ae+Ac4zctda0e5eza+HJyk9SxEdh+s3Ux18htTTAD8OuAn8",
})
if err := mon.Watch(10 * time.Second); err != nil {
log.Printf("AUDIT FAILED: %v", err)
}
}
// func monitor(db *database) error {
// log.Printf("starting monitor for %s", db.host)
// client := sumdb.NewClient(db)
// tree, err := client.FetchLatest()
// if err != nil {
// return err
// }
// log.Printf("got latest: N=%d, Hash=%s", tree.N, tree.Hash)
// if err := client.FetchTreeProof(tree); err != nil {
// return err
// }
// // fetch all entries in the tree according to the STH
// // entries := client.Entries(nil, latest)
// // confirm the tree made from the entries produces the same hash as the STH
// // IF NOT: the server has signed invalid data
// // prev := latest
// for {
// // await a new STH
// // prev = latest
// time.Sleep(db.pollInterval)
// log.Printf("checking %s for new STH...", db.host)
// // awaitNewSTH()
// // latest, err := client.Latest()
// // if err != nil {
// // return err
// // }
// // fetch all NEW entries between prev and latest
// // if unavailable for an extended period, this should be viewed as misbehavior
// // entries := client.Entries(prev, latest)
// // fetch a consistency proof for the new STH with the previous STH
// // verify consistency proof
// // verify the new entries generate the corresponding elements in the consistency proof
// }
// }
|