WIP: fix mutator bug

Author: liamsi

core/monitor/verify.go

@@ -32,6 +32,7 @@ import (
 
 	"github.com/google/keytransparency/core/mutator/entry"
 	ktpb "github.com/google/keytransparency/core/proto/keytransparency_v1_types"
+	"fmt"
 )
 
 var (
@@ -108,13 +109,15 @@ func (m *Monitor) VerifyMutationsResponse(in *ktpb.GetMutationsResponse) []error
 	// previous epoch. Storage always stores the mutations response independent
 	// from if the checks succeeded or not.
 	var oldRoot []byte
-	if m.store.LatestEpoch() > 1 {
+	if m.store.LatestEpoch() > 0 {
+		fmt.Println("Called")
 		// retrieve the old root hash from storage!
 		monRes, err := m.store.Get(in.Epoch - 1)
 		if err != nil {
 			glog.Infof("Could not retrieve previous monitoring result: %v", err)
 		}
 		oldRoot = monRes.Response.GetSmr().GetRootHash()
+
 		if err := m.verifyMutations(in.GetMutations(), oldRoot,
 			in.GetSmr().GetRootHash(), in.GetSmr().GetMapId()); len(err) > 0 {
 			errList = append(errList, err...)
@@ -129,7 +132,7 @@ func (m *Monitor) verifyMutations(muts []*ktpb.Mutation, oldRoot, expectedNewRoo
 	mutator := entry.New()
 	oldProofNodes := make(map[string][]byte)
 	newLeaves := make([]merkle.HStar2LeafHash, 0, len(muts))
-
+	glog.Infof("verifyMutations() called with %v mutations.", len(muts))
 	for _, mut := range muts {
 		oldLeaf, err := entry.FromLeafValue(mut.GetProof().GetLeaf().GetLeafValue())
 		if err != nil {
@@ -146,8 +149,12 @@ func (m *Monitor) verifyMutations(muts []*ktpb.Mutation, oldRoot, expectedNewRoo
 		}
 
 		// compute the new leaf
+		fmt.Println("old leaf: ")
+		fmt.Println(mut.GetProof().GetLeaf().GetLeafValue())
+		fmt.Println(oldLeaf)
 		newLeaf, err := mutator.Mutate(oldLeaf, mut.GetUpdate())
 		if err != nil {
+			glog.Infof("Mutation did not verify: %v", err)
 			errList = append(errList, ErrInvalidMutation)
 		}
 		newLeafnID := storage.NewNodeIDFromPrefixSuffix(index, storage.Suffix{}, m.mapHasher.BitLen())

core/mutation/mutation.go

@@ -106,18 +106,24 @@ func (s *Server) GetMutations(ctx context.Context, in *tpb.GetMutationsRequest)
 	}
 	// Get leaf proofs.
 	// TODO: allow leaf proofs to be optional.
-	proofs, err := s.inclusionProofs(ctx, indexes, in.Epoch)
+	var epoch int64
+	if in.Epoch > 1 {
+		epoch = in.Epoch-1
+	} else {
+		epoch = 1
+	}
+	proofs, err := s.inclusionProofs(ctx, indexes, epoch)
 	if err != nil {
 		return nil, err
 	}
 	for i, p := range proofs {
 		mutations[i].Proof = p
 	}
 
-	// MapRevisions start at 1. Log leave's index starts at 0.
+	// MapRevisions start at 1. Log leave's index starts at 1.
 	// MapRevision should be at least 1 since the Signer is
 	// supposed to create at least one revision on startup.
-	respEpoch := resp.GetMapRoot().GetMapRevision() - 1
+	respEpoch := resp.GetMapRoot().GetMapRevision()
 	// Fetch log proofs.
 	logRoot, logConsistency, logInclusion, err := s.logProofs(ctx, in.GetFirstTreeSize(), respEpoch)
 	if err != nil {

integration/monitor_test.go

@@ -29,6 +29,8 @@ import (
 	"github.com/google/trillian/crypto/keys/pem"
 
 	"github.com/google/keytransparency/core/fake"
+	"github.com/google/keytransparency/core/crypto/signatures"
+	"github.com/google/keytransparency/cmd/keytransparency-client/grpcc"
 )
 
 const (
@@ -73,7 +75,6 @@ func TestMonitorEmptyStart(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Could not query mutations: %v", err)
 	}
-	_ = mon
 	if err := mon.Process(mutResp); err != nil {
 		t.Fatalf("Monitor could process mutations: %v", err)
 	}
@@ -85,5 +86,30 @@ func TestMonitorEmptyStart(t *testing.T) {
 		t.Errorf("Got error: %v", err)
 	}
 
-	// TODO client sends one mutation, sequencer "signs", monitor verifies
+	// client sends one mutation, sequencer "signs", monitor verifies
+	userID := "test@test.com"
+	signers := []signatures.Signer{createSigner(t, testPrivKey1)}
+	authorizedKeys := []*kpb.PublicKey{getAuthorizedKey(testPubKey1)}
+
+	_, err = env.Client.Update(GetNewOutgoingContextWithFakeAuth("test@test.com"), userID, appID, []byte("testProfile"), signers, authorizedKeys)
+	if err != grpcc.ErrRetry {
+		t.Fatalf("Could not send update request: %v", err)
+	}
+	if err := env.Signer.CreateEpoch(bctx, false); err != nil {
+		t.Errorf("CreateEpoch(_): %v", err)
+	}
+	mutResp, err = mutCli.PollMutations(bctx, 2)
+	if err != nil {
+		t.Fatalf("Could not query mutations: %v", err)
+	}
+	if err := mon.Process(mutResp); err != nil {
+		t.Fatalf("Monitor could not process mutations: %v", err)
+	}
+	mresp, err = store.Get(2)
+	if err != nil {
+		t.Fatalf("Could not read monitoring response: %v", err)
+	}
+	for _, err := range mresp.Errors {
+		t.Errorf("Got error: %v", err)
+	}
 }