sigstore · bobcallaway · May 8, 2023 · May 4, 2023 · May 4, 2023 · May 4, 2023
@@ -25,7 +25,6 @@ import (
 
 	"github.com/sigstore/rekor/pkg/pki"
 	"github.com/sigstore/rekor/pkg/sharding"
-	"github.com/sigstore/rekor/pkg/util"
 
 	"github.com/spf13/pflag"
 
@@ -224,17 +223,17 @@ func isURL(v string) bool {
 // [sha1:]<40 hexadecimal characters>
 // where [sha256:] and [sha1:] are optional
 func validateSHAValue(v string) error {
-	err := util.ValidateSHA1Value(v)
+	err := validateSHA1Value(v)
 	if err == nil {
 		return nil
 	}
 
-	err = util.ValidateSHA256Value(v)
+	err = validateSHA256Value(v)
 	if err == nil {
 		return nil
 	}
 
-	err = util.ValidateSHA512Value(v)
+	err = validateSHA512Value(v)
 	if err == nil {
 		return nil
 	}

@@ -13,7 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package util
+package app
 
 import (
 	"strings"
@@ -24,7 +24,7 @@ import (
 // validateSHA512Value ensures that the supplied string matches the
 // following format: [sha512:]<128 hexadecimal characters>
 // where [sha512:] is optional
-func ValidateSHA512Value(v string) error {
+func validateSHA512Value(v string) error {
 	var prefix, hash string
 
 	split := strings.SplitN(v, ":", 2)
@@ -48,7 +48,7 @@ func ValidateSHA512Value(v string) error {
 // validateSHA256Value ensures that the supplied string matches the following format:
 // [sha256:]<64 hexadecimal characters>
 // where [sha256:] is optional
-func ValidateSHA256Value(v string) error {
+func validateSHA256Value(v string) error {
 	var prefix, hash string
 
 	split := strings.SplitN(v, ":", 2)
@@ -69,7 +69,7 @@ func ValidateSHA256Value(v string) error {
 	return validate.Struct(s)
 }
 
-func ValidateSHA1Value(v string) error {
+func validateSHA1Value(v string) error {
 	var prefix, hash string
 
 	split := strings.SplitN(v, ":", 2)

@@ -13,7 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package util
+package app
 
 import (
 	"testing"
@@ -54,7 +54,7 @@ func TestSHA1(t *testing.T) {
 	}
 
 	for _, tr := range tests {
-		err := ValidateSHA1Value(tr.value)
+		err := validateSHA1Value(tr.value)
 		if tr.expectFail == (err == nil) {
 			t.Errorf("Failure validating '%s': %s", tr.value, err)
 		}
@@ -96,7 +96,7 @@ func TestSHA256(t *testing.T) {
 	}
 
 	for _, tr := range tests {
-		err := ValidateSHA256Value(tr.value)
+		err := validateSHA256Value(tr.value)
 		if tr.expectFail == (err == nil) {
 			t.Errorf("Failure validating '%s': %s", tr.value, err)
 		}
@@ -138,7 +138,7 @@ func TestSHA512(t *testing.T) {
 	}
 
 	for _, tr := range tests {
-		err := ValidateSHA512Value(tr.value)
+		err := validateSHA512Value(tr.value)
 		if tr.expectFail == (err == nil) {
 			t.Errorf("Failure validating '%s': %s", tr.value, err)
 		}

@@ -34,7 +34,7 @@ import (
 	"github.com/sigstore/rekor/pkg/sharding"
 	"github.com/sigstore/rekor/pkg/signer"
 	"github.com/sigstore/rekor/pkg/storage"
-	"github.com/sigstore/rekor/pkg/util"
+	"github.com/sigstore/rekor/pkg/trillianclient"
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
 	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/sigstore/sigstore/pkg/signature/options"
@@ -83,7 +83,7 @@ func NewAPI(treeID uint) (*API, error) {
 	tid := int64(treeID)
 	if tid == 0 {
 		log.Logger.Info("No tree ID specified, attempting to create a new tree")
-		t, err := util.CreateAndInitTree(ctx, logAdminClient, logClient)
+		t, err := trillianclient.CreateAndInitTree(ctx, logAdminClient, logClient)
 		if err != nil {
 			return nil, fmt.Errorf("create and init tree: %w", err)
 		}

@@ -40,6 +40,7 @@ import (
 	"github.com/sigstore/rekor/pkg/generated/restapi/operations/entries"
 	"github.com/sigstore/rekor/pkg/log"
 	"github.com/sigstore/rekor/pkg/sharding"
+	"github.com/sigstore/rekor/pkg/trillianclient"
 	"github.com/sigstore/rekor/pkg/types"
 	"github.com/sigstore/rekor/pkg/util"
 	"github.com/sigstore/sigstore/pkg/signature"
@@ -67,7 +68,7 @@ func signEntry(ctx context.Context, signer signature.Signer, entry models.LogEnt
 }
 
 // logEntryFromLeaf creates a signed LogEntry struct from trillian structs
-func logEntryFromLeaf(ctx context.Context, signer signature.Signer, tc util.TrillianClient, leaf *trillian.LogLeaf,
+func logEntryFromLeaf(ctx context.Context, signer signature.Signer, tc trillianclient.TrillianClient, leaf *trillian.LogLeaf,
 	signedLogRoot *trillian.SignedLogRoot, proof *trillian.Proof, tid int64, ranges sharding.LogRanges) (models.LogEntry, error) {
 
 	log.ContextLogger(ctx).Debugf("log entry from leaf %d", leaf.GetLeafIndex())
@@ -186,7 +187,7 @@ func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middl
 		return nil, handleRekorAPIError(params, http.StatusInternalServerError, err, failedToGenerateCanonicalEntry)
 	}
 
-	tc := util.NewTrillianClient(ctx, api.logClient, api.logID)
+	tc := trillianclient.NewTrillianClient(ctx, api.logClient, api.logID)
 
 	resp := tc.AddLeaf(leaf)
 	// this represents overall GRPC response state (not the results of insertion into the log)
@@ -405,7 +406,7 @@ func SearchLogQueryHandler(params entries.SearchLogQueryParams) middleware.Respo
 		for i, hash := range searchHashes {
 			var results map[int64]*trillian.GetEntryAndProofResponse
 			for _, shard := range api.logRanges.AllShards() {
-				tcs := util.NewTrillianClient(httpReqCtx, api.logClient, shard)
+				tcs := trillianclient.NewTrillianClient(httpReqCtx, api.logClient, shard)
 				resp := tcs.GetLeafAndProofByHash(hash)
 				switch resp.Status {
 				case codes.OK:
@@ -431,7 +432,7 @@ func SearchLogQueryHandler(params entries.SearchLogQueryParams) middleware.Respo
 				if leafResp == nil {
 					continue
 				}
-				tcs := util.NewTrillianClient(httpReqCtx, api.logClient, shard)
+				tcs := trillianclient.NewTrillianClient(httpReqCtx, api.logClient, shard)
 				logEntry, err := logEntryFromLeaf(httpReqCtx, api.signer, tcs, leafResp.Leaf, leafResp.SignedLogRoot, leafResp.Proof, shard, api.logRanges)
 				if err != nil {
 					return handleRekorAPIError(params, http.StatusInternalServerError, err, err.Error())
@@ -461,7 +462,7 @@ func retrieveLogEntryByIndex(ctx context.Context, logIndex int) (models.LogEntry
 	log.ContextLogger(ctx).Infof("Retrieving log entry by index %d", logIndex)
 
 	tid, resolvedIndex := api.logRanges.ResolveVirtualIndex(logIndex)
-	tc := util.NewTrillianClient(ctx, api.logClient, tid)
+	tc := trillianclient.NewTrillianClient(ctx, api.logClient, tid)
 	log.ContextLogger(ctx).Debugf("Retrieving resolved index %v from TreeID %v", resolvedIndex, tid)
 
 	resp := tc.GetLeafAndProofByIndex(resolvedIndex)
@@ -525,7 +526,7 @@ func retrieveUUIDFromTree(ctx context.Context, uuid string, tid int64) (models.L
 		return models.LogEntry{}, types.ValidationError(err)
 	}
 
-	tc := util.NewTrillianClient(ctx, api.logClient, tid)
+	tc := trillianclient.NewTrillianClient(ctx, api.logClient, tid)
 	log.ContextLogger(ctx).Debugf("Attempting to retrieve UUID %v from TreeID %v", uuid, tid)
 
 	resp := tc.GetLeafAndProofByHash(hashValue)

@@ -31,12 +31,13 @@ import (
 	"github.com/sigstore/rekor/pkg/generated/models"
 	"github.com/sigstore/rekor/pkg/generated/restapi/operations/tlog"
 	"github.com/sigstore/rekor/pkg/log"
+	"github.com/sigstore/rekor/pkg/trillianclient"
 	"github.com/sigstore/rekor/pkg/util"
 )
 
 // GetLogInfoHandler returns the current size of the tree and the STH
 func GetLogInfoHandler(params tlog.GetLogInfoParams) middleware.Responder {
-	tc := util.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, api.logID)
+	tc := trillianclient.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, api.logID)
 
 	// for each inactive shard, get the loginfo
 	var inactiveShards []*models.InactiveShardLogInfo
@@ -92,13 +93,13 @@ func GetLogProofHandler(params tlog.GetLogProofParams) middleware.Responder {
 	if *params.FirstSize > params.LastSize {
 		return handleRekorAPIError(params, http.StatusBadRequest, nil, fmt.Sprintf(firstSizeLessThanLastSize, *params.FirstSize, params.LastSize))
 	}
-	tc := util.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, api.logID)
+	tc := trillianclient.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, api.logID)
 	if treeID := swag.StringValue(params.TreeID); treeID != "" {
 		id, err := strconv.Atoi(treeID)
 		if err != nil {
 			log.Logger.Infof("Unable to convert %s to string, skipping initializing client with Tree ID: %v", treeID, err)
 		} else {
-			tc = util.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, int64(id))
+			tc = trillianclient.NewTrillianClient(params.HTTPRequest.Context(), api.logClient, int64(id))
 		}
 	}
 
@@ -136,7 +137,7 @@ func GetLogProofHandler(params tlog.GetLogProofParams) middleware.Responder {
 }
 
 func inactiveShardLogInfo(ctx context.Context, tid int64) (*models.InactiveShardLogInfo, error) {
-	tc := util.NewTrillianClient(ctx, api.logClient, tid)
+	tc := trillianclient.NewTrillianClient(ctx, api.logClient, tid)
 	resp := tc.GetLatest(0)
 	if resp.Status != codes.OK {
 		return nil, fmt.Errorf("resp code is %d", resp.Status)

@@ -13,7 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package util
+package trillianclient
 
 import (
 	"context"