summaryrefslogtreecommitdiff
path: root/vendor/github.com/google/certificate-transparency-go/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/google/certificate-transparency-go/README.md')
-rw-r--r--vendor/github.com/google/certificate-transparency-go/README.md118
1 files changed, 47 insertions, 71 deletions
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index 6b71eaa987..7284bb86d7 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,14 +6,14 @@
This repository holds Go code related to
[Certificate Transparency](https://www.certificate-transparency.org/) (CT). The
-repository requires Go version 1.9.
+repository requires Go version 1.17.
- [Repository Structure](#repository-structure)
- [Trillian CT Personality](#trillian-ct-personality)
- [Working on the Code](#working-on-the-code)
+ - [Running Codebase Checks](#running-codebase-checks)
- [Rebuilding Generated Code](#rebuilding-generated-code)
- [Updating Vendor Code](#updating-vendor-code)
- - [Running Codebase Checks](#running-codebase-checks)
## Repository Structure
@@ -29,57 +29,44 @@ The main parts of the repository are:
[pre-certificates defined in RFC 6962](https://tools.ietf.org/html/rfc6962#section-3.1).
- `tls` holds a library for processing TLS-encoded data as described in
[RFC 5246](https://tools.ietf.org/html/rfc5246).
- - `x509util` provides additional utilities for dealing with
+ - `x509util/` provides additional utilities for dealing with
`x509.Certificate`s.
- CT client libraries:
- The top-level `ct` package (in `.`) holds types and utilities for working
with CT data structures defined in
[RFC 6962](https://tools.ietf.org/html/rfc6962).
- `client/` and `jsonclient/` hold libraries that allow access to CT Logs
- via entrypoints described in
+ via HTTP entrypoints described in
[section 4 of RFC 6962](https://tools.ietf.org/html/rfc6962#section-4).
+ - `dnsclient/` has a library that allows access to CT Logs over
+ [DNS](https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft-ct-over-dns.md).
- `scanner/` holds a library for scanning the entire contents of an existing
CT Log.
+ - CT Personality for [Trillian](https://github.com/google/trillian):
+ - `trillian/` holds code that allows a Certificate Transparency Log to be
+ run using a Trillian Log as its back-end -- see
+ [below](#trillian-ct-personality).
- Command line tools:
- - `./client/ctclient` allows interaction with a CT Log
+ - `./client/ctclient` allows interaction with a CT Log.
+ - `./ctutil/sctcheck` allows SCTs (signed certificate timestamps) from a CT
+ Log to be verified.
- `./scanner/scanlog` allows an existing CT Log to be scanned for certificates
of interest; please be polite when running this tool against a Log.
- `./x509util/certcheck` allows display and verification of certificates
- `./x509util/crlcheck` allows display and verification of certificate
revocation lists (CRLs).
- - CT Personality for [Trillian](https://github.com/google/trillian):
- - `trillian/` holds code that allows a Certificate Transparency Log to be
- run using a Trillian Log as its back-end -- see
- [below](#trillian-ct-personality).
+ - Other libraries related to CT:
+ - `ctutil/` holds utility functions for validating and verifying CT data
+ structures.
+ - `loglist3/` has a library for reading
+ [v3 JSON lists of CT Logs](https://groups.google.com/a/chromium.org/g/ct-policy/c/IdbrdAcDQto/m/i5KPyzYwBAAJ).
## Trillian CT Personality
The `trillian/` subdirectory holds code and scripts for running a CT Log based
-on the [Trillian](https://github.com/google/trillian) general transparency Log.
-
-The main code for the CT personality is held in `trillian/ctfe`; this code
-responds to HTTP requests on the
-[CT API paths](https://tools.ietf.org/html/rfc6962#section-4) and translates
-them to the equivalent gRPC API requests to the Trillian Log.
-
-This obviously relies on the gRPC API definitions at
-`github.com/google/trillian`; the code also uses common libraries from the
-Trillian project for:
- - exposing monitoring and statistics via an `interface` and corresponding
- Prometheus implementation (`github.com/google/trillian/monitoring/...`)
- - dealing with cryptographic keys (`github.com/google/trillian/crypto/...`).
-
-The `trillian/integration/` directory holds scripts and tests for running the whole
-system locally. In particular:
- - `trillian/integration/ct_integration_test.sh` brings up local processes
- running a Trillian Log server, signer and a CT personality, and exercises the
- complete set of RFC 6962 API entrypoints.
- - `trillian/integration/ct_hammer_test.sh` brings up a complete system and runs
- a continuous randomized test of the CT entrypoints.
-
-These scripts require a local database instance to be configured as described
-in the [Trillian instructions](https://github.com/google/trillian#mysql-setup).
+on the [Trillian](https://github.com/google/trillian) general transparency Log,
+and is [documented separately](trillian/README.md).
## Working on the Code
@@ -90,48 +77,15 @@ dependencies and tools, described in the following sections. The
for the required tools and scripts, as it may be more up-to-date than this
document.
-### Rebuilding Generated Code
-
-Some of the CT Go code is autogenerated from other files:
-
- - [Protocol buffer](https://developers.google.com/protocol-buffers/) message
- definitions are converted to `.pb.go` implementations.
- - A mock implementation of the Trillian gRPC API (in `trillian/mockclient`) is
- created with [GoMock](https://github.com/golang/mock).
-
-Re-generating mock or protobuffer files is only needed if you're changing
-the original files; if you do, you'll need to install the prerequisites:
-
- - `mockgen` tool from https://github.com/golang/mock
- - `protoc`, [Go support for protoc](https://github.com/golang/protobuf) (see
- documentation linked from the
- [protobuf site](https://github.com/google/protobuf))
-
-and run the following:
-
-```bash
-go generate -x ./... # hunts for //go:generate comments and runs them
-```
-
-### Updating Vendor Code
-
-The codebase includes a couple of external projects under the `vendor/`
-subdirectory, to ensure that builds use a fixed version (typically because the
-upstream repository does not guarantee back-compatibility between the tip
-`master` branch and the current stable release). See
-[instructions in the Trillian repo](https://github.com/google/trillian#updating-vendor-code)
-for how to update vendored subtrees.
-
-
### Running Codebase Checks
The [`scripts/presubmit.sh`](scripts/presubmit.sh) script runs various tools
-and tests over the codebase.
+and tests over the codebase; please ensure this script passes before sending
+pull requests for review.
```bash
-# Install gometalinter and all linters
-go get -u github.com/alecthomas/gometalinter
-gometalinter --install
+# Install golangci-lint
+go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.1
# Run code generation, build, test and linters
./scripts/presubmit.sh
@@ -140,5 +94,27 @@ gometalinter --install
./scripts/presubmit.sh --no-generate
# Or just run the linters alone:
-gometalinter --config=gometalinter.json ./...
+golangci-lint run
+```
+
+### Rebuilding Generated Code
+
+Some of the CT Go code is autogenerated from other files:
+
+- [Protocol buffer](https://developers.google.com/protocol-buffers/) message
+ definitions are converted to `.pb.go` implementations.
+- A mock implementation of the Trillian gRPC API (in `trillian/mockclient`) is
+ created with [GoMock](https://github.com/golang/mock).
+
+Re-generating mock or protobuffer files is only needed if you're changing
+the original files; if you do, you'll need to install the prerequisites:
+
+- tools written in `go` can be installed with a single run of `go install`
+ (courtesy of [`tools.go`](./tools/tools.go) and `go.mod`).
+- `protoc` tool: you'll need [version 3.12.4](https://github.com/protocolbuffers/protobuf/releases/tag/v3.12.4) installed, and `PATH` updated to include its `bin/` directory.
+
+With tools installed, run the following:
+
+```bash
+go generate -x ./... # hunts for //go:generate comments and runs them
```
View Lorry Controller Status