Merge branch 'master' into witoff/aws

Author: witoff

cmd/createtree/main.go

@@ -43,6 +43,7 @@ import (
 	"github.com/golang/protobuf/ptypes/any"
 	"github.com/google/trillian"
 	"github.com/google/trillian/cmd"
+	"github.com/google/trillian/crypto/keys"
 	"github.com/google/trillian/crypto/keyspb"
 	"github.com/google/trillian/crypto/sigpb"
 	"google.golang.org/grpc"
@@ -59,7 +60,7 @@ var (
 	displayName        = flag.String("display_name", "", "Display name of the new tree")
 	description        = flag.String("description", "", "Description of the new tree")
 
-	privateKeyFormat = flag.String("private_key_format", "PEMKeyFile", "Type of private key to be used")
+	privateKeyFormat = flag.String("private_key_format", "PrivateKey", "Type of private key to be used")
 	pemKeyPath       = flag.String("pem_key_path", "", "Path to the private key PEM file")
 	pemKeyPassword   = flag.String("pem_key_password", "", "Password of the private key PEM file")
 
@@ -145,7 +146,7 @@ func newPK(opts *createOpts) (*any.Any, error) {
 	switch opts.privateKeyType {
 	case "PEMKeyFile":
 		if opts.pemKeyPath == "" {
-			return nil, errors.New("empty PEM path")
+			return nil, errors.New("empty pem_key_path")
 		}
 		if opts.pemKeyPass == "" {
 			return nil, fmt.Errorf("empty password for PEM key file %q", opts.pemKeyPath)
@@ -155,6 +156,20 @@ func newPK(opts *createOpts) (*any.Any, error) {
 			Password: opts.pemKeyPass,
 		}
 		return ptypes.MarshalAny(pemKey)
+	case "PrivateKey":
+		if opts.pemKeyPath == "" {
+			return nil, errors.New("empty pem_key_path")
+		}
+		pemSigner, err := keys.NewFromPrivatePEMFile(
+			opts.pemKeyPath, opts.pemKeyPass)
+		if err != nil {
+			return nil, err
+		}
+		der, err := keys.MarshalPrivateKey(pemSigner)
+		if err != nil {
+			return nil, err
+		}
+		return ptypes.MarshalAny(&keyspb.PrivateKey{Der: der})
 	default:
 		return nil, fmt.Errorf("unknown private key type: %v", opts.privateKeyType)
 	}

cmd/createtree/main_test.go

@@ -19,24 +19,40 @@ import (
 	"net"
 	"testing"
 
+	"github.com/gogo/protobuf/proto"
 	"github.com/golang/protobuf/ptypes"
+	"github.com/golang/protobuf/ptypes/any"
 	"github.com/golang/protobuf/ptypes/empty"
 	"github.com/google/trillian"
+	"github.com/google/trillian/crypto/keys"
 	"github.com/google/trillian/crypto/keyspb"
 	"github.com/google/trillian/crypto/sigpb"
 	"github.com/kylelemons/godebug/pretty"
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
 
+func marshalAny(p proto.Message) *any.Any {
+	anyKey, err := ptypes.MarshalAny(p)
+	if err != nil {
+		panic(err)
+	}
+	return anyKey
+}
+
 func TestRun(t *testing.T) {
-	pemKey := &keyspb.PEMKeyFile{
-		Path:     "../../testdata/log-rpc-server.privkey.pem",
-		Password: "towel",
+	pemPath, pemPassword := "../../testdata/log-rpc-server.privkey.pem", "towel"
+	pemSigner, err := keys.NewFromPrivatePEMFile(pemPath, pemPassword)
+	if err != nil {
+		t.Fatalf("NewFromPrivatPEM(): %v", err)
 	}
-	anyKey, err := ptypes.MarshalAny(pemKey)
+	pemDer, err := keys.MarshalPrivateKey(pemSigner)
 	if err != nil {
-		t.Fatalf("Can't marshall pemKey: %v", err)
+		t.Fatalf("MashalPrivateKey(): %v", err)
+	}
+	anyPrivKey, err := ptypes.MarshalAny(&keyspb.PrivateKey{Der: pemDer})
+	if err != nil {
+		t.Fatalf("MarshalAny(%v): %v", pemDer, err)
 	}
 
 	// defaultTree reflects all flag defaults with the addition of a valid pk
@@ -46,7 +62,7 @@ func TestRun(t *testing.T) {
 		HashStrategy:       trillian.HashStrategy_RFC_6962,
 		HashAlgorithm:      sigpb.DigitallySigned_SHA256,
 		SignatureAlgorithm: sigpb.DigitallySigned_RSA,
-		PrivateKey:         anyKey,
+		PrivateKey:         anyPrivKey,
 	}
 
 	server, lis, stopFn, err := startFakeServer()
@@ -57,8 +73,8 @@ func TestRun(t *testing.T) {
 
 	validOpts := newOptsFromFlags()
 	validOpts.addr = lis.Addr().String()
-	validOpts.pemKeyPath = pemKey.Path
-	validOpts.pemKeyPass = pemKey.Password
+	validOpts.pemKeyPath = pemPath
+	validOpts.pemKeyPass = pemPassword
 
 	nonDefaultTree := *defaultTree
 	nonDefaultTree.TreeType = trillian.TreeType_MAP
@@ -87,60 +103,33 @@ func TestRun(t *testing.T) {
 	emptyPEMPass := *validOpts
 	emptyPEMPass.pemKeyPass = ""
 
+	pemKeyOpts := *validOpts
+	pemKeyOpts.privateKeyType = "PEMKeyFile"
+	pemKeyTree := *defaultTree
+	pemKeyTree.PrivateKey, err = ptypes.MarshalAny(&keyspb.PEMKeyFile{
+		Path:     pemPath,
+		Password: pemPassword,
+	})
+	if err != nil {
+		t.Fatalf("MarshalAny(PEMKeyFile): %v", err)
+	}
 	tests := []struct {
 		desc      string
 		opts      *createOpts
 		createErr error
 		wantErr   bool
 		wantTree  *trillian.Tree
 	}{
-		{
-			desc:     "validOpts",
-			opts:     validOpts,
-			wantTree: defaultTree,
-		},
-		{
-			desc:     "nonDefaultOpts",
-			opts:     &nonDefaultOpts,
-			wantTree: &nonDefaultTree,
-		},
-		{
-			// No mandatory opts provided
-			desc:    "defaultOptsOnly",
-			opts:    newOptsFromFlags(),
-			wantErr: true,
-		},
-		{
-			desc:    "emptyAddr",
-			opts:    &emptyAddr,
-			wantErr: true,
-		},
-		{
-			desc:    "invalidEnumOpts",
-			opts:    &invalidEnumOpts,
-			wantErr: true,
-		},
-		{
-			desc:    "invalidKeyTypeOpts",
-			opts:    &invalidKeyTypeOpts,
-			wantErr: true,
-		},
-		{
-			desc:    "emptyPEMPath",
-			opts:    &emptyPEMPath,
-			wantErr: true,
-		},
-		{
-			desc:    "emptyPEMPass",
-			opts:    &emptyPEMPass,
-			wantErr: true,
-		},
-		{
-			desc:      "createErr",
-			opts:      validOpts,
-			createErr: errors.New("create tree failed"),
-			wantErr:   true,
-		},
+		{desc: "validOpts", opts: validOpts, wantTree: defaultTree},
+		{desc: "nonDefaultOpts", opts: &nonDefaultOpts, wantTree: &nonDefaultTree},
+		{desc: "defaultOptsOnly", opts: newOptsFromFlags(), wantErr: true}, // No mandatory opts provided
+		{desc: "emptyAddr", opts: &emptyAddr, wantErr: true},
+		{desc: "invalidEnumOpts", opts: &invalidEnumOpts, wantErr: true},
+		{desc: "invalidKeyTypeOpts", opts: &invalidKeyTypeOpts, wantErr: true},
+		{desc: "emptyPEMPath", opts: &emptyPEMPath, wantErr: true},
+		{desc: "emptyPEMPass", opts: &emptyPEMPass, wantErr: true},
+		{desc: "PEMKeyFile", opts: &pemKeyOpts, wantErr: false, wantTree: &pemKeyTree},
+		{desc: "createErr", opts: validOpts, createErr: errors.New("create tree failed"), wantErr: true},
 	}
 
 	ctx := context.Background()

crypto/keys/mock_keys.go

@@ -6,8 +6,8 @@ package keys
 import (
 	context "context"
 	crypto "crypto"
-	proto "github.com/gogo/protobuf/proto"
 	gomock "github.com/golang/mock/gomock"
+	proto "github.com/golang/protobuf/proto"
 	keyspb "github.com/google/trillian/crypto/keyspb"
 )
 

crypto/keys/pem_signer_factory.go

@@ -19,7 +19,7 @@ import (
 	"crypto"
 	"fmt"
 
-	"github.com/gogo/protobuf/proto"
+	"github.com/golang/protobuf/proto"
 	"github.com/golang/protobuf/ptypes"
 	"github.com/golang/protobuf/ptypes/any"
 	"github.com/google/trillian/crypto/keyspb"

crypto/keys/private_keys.go

@@ -27,7 +27,7 @@ import (
 	"fmt"
 	"io/ioutil"
 
-	"github.com/gogo/protobuf/proto"
+	"github.com/golang/protobuf/proto"
 	"github.com/google/trillian/crypto/keyspb"
 )
 

docs/storage/commit_log/simkafka/kafka_test.go

@@ -54,10 +54,10 @@ func TestRead(t *testing.T) {
 	}
 	offset = 2
 	if got := Read(topic, offset); got != "" {
-		t.Errorf("Read(%q, %d)=%v; want ''", topic, got, offset)
+		t.Errorf("Read(%q, %d)=%v; want ''", topic, offset, got)
 	}
 	if got := ReadMultiple(topic, offset, 1); got != nil {
-		t.Errorf("ReadMultiple(%q, %d, 1)=%v; want ''", topic, got, offset)
+		t.Errorf("ReadMultiple(%q, %d, 1)=%v; want ''", topic, offset, got)
 	}
 }
 

integration/admin/admin_integration_test.go

@@ -20,7 +20,7 @@ import (
 	"sort"
 	"testing"
 
-	"github.com/gogo/protobuf/proto"
+	"github.com/golang/protobuf/proto"
 	"github.com/google/trillian"
 	sa "github.com/google/trillian/server/admin"
 	"github.com/google/trillian/server/interceptor"
@@ -342,7 +342,8 @@ func setupAdminServer() (trillian.TrillianAdminClient, func(), error) {
 		Admin:        registry.AdminStorage,
 		QuotaManager: registry.QuotaManager,
 	}
-	grpcServer := grpc.NewServer(grpc.UnaryInterceptor(interceptor.WrapErrors(ti.UnaryInterceptor)))
+	netInterceptor := interceptor.Combine(interceptor.ErrorWrapper, ti.UnaryInterceptor)
+	grpcServer := grpc.NewServer(grpc.UnaryInterceptor(netInterceptor))
 	// grpcServer is stopped via returned func
 	server := sa.New(registry)
 	trillian.RegisterTrillianAdminServer(grpcServer, server)

integration/log_integration_test.go

@@ -106,7 +106,7 @@ func TestInProcessLogIntegration(t *testing.T) {
 func TestInProcessLogIntegrationDuplicateLeaves(t *testing.T) {
 	ctx := context.Background()
 	const numSequencers = 2
-	ms := memory.NewLogStorage()
+	ms := memory.NewLogStorage(nil)
 
 	reggie := extension.Registry{
 		AdminStorage:  memory.NewAdminStorage(ms),

integration/quota/quota_test.go

@@ -118,7 +118,8 @@ func setupLogServer(maxUnsequenced int) (trillian.TrillianAdminClient, trillian.
 		Admin:        registry.AdminStorage,
 		QuotaManager: registry.QuotaManager,
 	}
-	s = grpc.NewServer(grpc.UnaryInterceptor(interceptor.WrapErrors(intercept.UnaryInterceptor)))
+	netInterceptor := interceptor.Combine(interceptor.ErrorWrapper, intercept.UnaryInterceptor)
+	s = grpc.NewServer(grpc.UnaryInterceptor(netInterceptor))
 	trillian.RegisterTrillianAdminServer(s, admin.New(registry))
 	trillian.RegisterTrillianLogServer(s, server.NewTrillianLogRPCServer(registry, util.SystemTimeSource{}))