Remove hash_strategy from Tree.

Part of google#2450.
ermul · Apr 12, 2021 · 858b270 · 858b270
1 parent 6e2798e
commit 858b270
Show file tree

Hide file tree

Showing 23 changed files with 121 additions and 243 deletions.
diff --git a/client/log_verifier.go b/client/log_verifier.go
@@ -53,10  53,6 @@ func NewLogVerifierFromTree(config *trillian.Tree) (*LogVerifier, error) {
 		return nil, fmt.Errorf("client: NewLogVerifierFromTree(): TreeType: %v, want %v or %v", got, log, pLog)
 	}
 
-	if s := config.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return nil, fmt.Errorf("client: NewLogVerifierFromTree(): unknown hash strategy: %s", s)
-	}
-
 	return NewLogVerifier(rfc6962.DefaultHasher), nil
 }
 

diff --git a/cmd/createtree/main.go b/cmd/createtree/main.go
@@ -53,7  53,6 @@ var (
 
 	treeState          = flag.String("tree_state", trillian.TreeState_ACTIVE.String(), "State of the new tree")
 	treeType           = flag.String("tree_type", trillian.TreeType_LOG.String(), "Type of the new tree")
-	hashStrategy       = flag.String("hash_strategy", trillian.HashStrategy_RFC6962_SHA256.String(), "Hash strategy (aka preimage protection) of the new tree")
 	hashAlgorithm      = flag.String("hash_algorithm", sigpb.DigitallySigned_SHA256.String(), "Hash algorithm of the new tree")
 	signatureAlgorithm = flag.String("signature_algorithm", sigpb.DigitallySigned_ECDSA.String(), "Signature algorithm of the new tree")
 	displayName        = flag.String("display_name", "", "Display name of the new tree")
@@ -105,11  104,6 @@ func newRequest() (*trillian.CreateTreeRequest, error) {
 		return nil, fmt.Errorf("unknown TreeType: %v", *treeType)
 	}
 
-	hs, ok := trillian.HashStrategy_value[*hashStrategy]
-	if !ok {
-		return nil, fmt.Errorf("unknown HashStrategy: %v", *hashStrategy)
-	}
-
 	ha, ok := sigpb.DigitallySigned_HashAlgorithm_value[*hashAlgorithm]
 	if !ok {
 		return nil, fmt.Errorf("unknown HashAlgorithm: %v", *hashAlgorithm)
@@ -123,7  117,6 @@ func newRequest() (*trillian.CreateTreeRequest, error) {
 	ctr := &trillian.CreateTreeRequest{Tree: &trillian.Tree{
 		TreeState:          trillian.TreeState(ts),
 		TreeType:           trillian.TreeType(tt),
-		HashStrategy:       trillian.HashStrategy(hs),
 		HashAlgorithm:      sigpb.DigitallySigned_HashAlgorithm(ha),
 		SignatureAlgorithm: sigpb.DigitallySigned_SignatureAlgorithm(sa),
 		DisplayName:        *displayName,

diff --git a/cmd/createtree/main_test.go b/cmd/createtree/main_test.go
@@ -37,7  37,6 @@ import (
 var defaultTree = &trillian.Tree{
 	TreeState:          trillian.TreeState_ACTIVE,
 	TreeType:           trillian.TreeType_LOG,
-	HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 	HashAlgorithm:      sigpb.DigitallySigned_SHA256,
 	SignatureAlgorithm: sigpb.DigitallySigned_ECDSA,
 	PrivateKey:         mustMarshalAny(&emptypb.Empty{}),

diff --git a/docs/api.md b/docs/api.md
@@ -706,7  706,6 @@ not created dynamically.
 | tree_id | [int64](#int64) |  | ID of the tree. Readonly. |
 | tree_state | [TreeState](#trillian.TreeState) |  | State of the tree. Trees are ACTIVE after creation. At any point the tree may transition between ACTIVE, DRAINING and FROZEN states. |
 | tree_type | [TreeType](#trillian.TreeType) |  | Type of the tree. Readonly after Tree creation. Exception: Can be switched from PREORDERED_LOG to LOG if the Tree is and remains in the FROZEN state. |
-| hash_strategy | [HashStrategy](#trillian.HashStrategy) |  | Hash strategy to be used by the tree. Readonly. |
 | hash_algorithm | [sigpb.DigitallySigned.HashAlgorithm](#sigpb.DigitallySigned.HashAlgorithm) |  | Hash algorithm to be used by the tree. Readonly. |
 | signature_algorithm | [sigpb.DigitallySigned.SignatureAlgorithm](#sigpb.DigitallySigned.SignatureAlgorithm) |  | Signature algorithm to be used by the tree. Readonly. |
 | display_name | [string](#string) |  | Display name of the tree. Optional. |

diff --git a/integration/storagetest/logtests.go b/integration/storagetest/logtests.go
@@ -201,9  201,8 @@ func (*logTests) TestReadWriteTransaction(ctx context.Context, t *testing.T, s s
 
 func logTree(logID int64) *trillian.Tree {
 	return &trillian.Tree{
-		TreeId:       logID,
-		TreeType:     trillian.TreeType_LOG,
-		HashStrategy: trillian.HashStrategy_RFC6962_SHA256,
 		TreeId:   logID,
 		TreeType: trillian.TreeType_LOG,
 	}
 }
 

diff --git a/log/sequencer_manager.go b/log/sequencer_manager.go
@@ -54,10  54,6 @@ func (s *SequencerManager) ExecutePass(ctx context.Context, logID int64, info *O
 	}
 	ctx = trees.NewContext(ctx, tree)
 
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return 0, fmt.Errorf("unknown hash strategy for log %v: %s", logID, s)
-	}
-
 	sequencer := NewSequencer(rfc6962.DefaultHasher, info.TimeSource, s.registry.LogStorage, s.registry.MetricFactory, s.registry.QuotaManager)
 
 	maxRootDuration := tree.MaxRootDuration.AsDuration()

diff --git a/server/admin/admin_server.go b/server/admin/admin_server.go
@@ -85,12  85,7 @@ func (s *Server) CreateTree(ctx context.Context, req *trillian.CreateTreeRequest
 	if err := s.validateAllowedTreeType(tree.TreeType); err != nil {
 		return nil, status.Error(codes.InvalidArgument, err.Error())
 	}
-	switch tree.TreeType {
-	case trillian.TreeType_LOG, trillian.TreeType_PREORDERED_LOG:
-		if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-			return nil, status.Errorf(codes.InvalidArgument, "unknown hash strategy: %s", s)
-		}
-	default:
 	if tree.TreeType != trillian.TreeType_LOG && tree.TreeType != trillian.TreeType_PREORDERED_LOG {
 		return nil, status.Errorf(codes.InvalidArgument, "invalid tree type: %v", tree.TreeType)
 	}
 

diff --git a/server/admin/admin_server_test.go b/server/admin/admin_server_test.go
@@ -326,9  326,6 @@ func TestServer_CreateTree(t *testing.T) {
 	invalidHashAlgo := proto.Clone(validTree).(*trillian.Tree)
 	invalidHashAlgo.HashAlgorithm = sigpb.DigitallySigned_NONE
 
-	invalidHashStrategy := proto.Clone(validTree).(*trillian.Tree)
-	invalidHashStrategy.HashStrategy = trillian.HashStrategy_UNKNOWN_HASH_STRATEGY
-
 	invalidSignatureAlgo := proto.Clone(validTree).(*trillian.Tree)
 	invalidSignatureAlgo.SignatureAlgorithm = sigpb.DigitallySigned_ANONYMOUS
 
@@ -428,11  425,6 @@ func TestServer_CreateTree(t *testing.T) {
 			req:     &trillian.CreateTreeRequest{Tree: invalidHashAlgo},
 			wantErr: "unexpected hash algorithm",
 		},
-		{
-			desc:    "invalidHashStrategy",
-			req:     &trillian.CreateTreeRequest{Tree: invalidHashStrategy},
-			wantErr: "unknown hash strategy",
-		},
 		{
 			desc:    "invalidSignatureAlgo",
 			req:     &trillian.CreateTreeRequest{Tree: invalidSignatureAlgo},

diff --git a/server/log_rpc_server.go b/server/log_rpc_server.go
@@ -559,9  559,6 @@ func (t *TrillianLogRPCServer) getTreeAndHasher(ctx context.Context, treeID int6
 	if err != nil {
 		return nil, nil, err
 	}
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return nil, nil, fmt.Errorf("unknown hash strategy: %s", s)
-	}
 	return tree, rfc6962.DefaultHasher, nil
 }
 

diff --git a/storage/cloudspanner/admin.go b/storage/cloudspanner/admin.go
@@ -54,13  54,6 @@ var (
 		trillian.TreeType_LOG:            spannerpb.TreeType_LOG,
 		trillian.TreeType_PREORDERED_LOG: spannerpb.TreeType_PREORDERED_LOG,
 	}
-	hashStrategyMap = map[trillian.HashStrategy]spannerpb.HashStrategy{
-		trillian.HashStrategy_RFC6962_SHA256:        spannerpb.HashStrategy_RFC_6962,
-		trillian.HashStrategy_TEST_MAP_HASHER:       spannerpb.HashStrategy_TEST_MAP_HASHER,
-		trillian.HashStrategy_OBJECT_RFC6962_SHA256: spannerpb.HashStrategy_OBJECT_RFC6962_SHA256,
-		trillian.HashStrategy_CONIKS_SHA512_256:     spannerpb.HashStrategy_CONIKS_SHA512_256,
-		trillian.HashStrategy_CONIKS_SHA256:         spannerpb.HashStrategy_CONIKS_SHA256,
-	}
 	hashAlgMap = map[sigpb.DigitallySigned_HashAlgorithm]spannerpb.HashAlgorithm{
 		sigpb.DigitallySigned_SHA256: spannerpb.HashAlgorithm_SHA256,
 	}
@@ -71,7  64,6 @@ var (
 
 	treeStateReverseMap    = reverseTreeStateMap(treeStateMap)
 	treeTypeReverseMap     = reverseTreeTypeMap(treeTypeMap)
-	hashStrategyReverseMap = reverseHashStrategyMap(hashStrategyMap)
 	hashAlgReverseMap      = reverseHashAlgMap(hashAlgMap)
 	signatureAlgReverseMap = reverseSignatureAlgMap(signatureAlgMap)
 )
@@ -100,17  92,6 @@ func reverseTreeTypeMap(m map[trillian.TreeType]spannerpb.TreeType) map[spannerp
 	return reverse
 }
 
-func reverseHashStrategyMap(m map[trillian.HashStrategy]spannerpb.HashStrategy) map[spannerpb.HashStrategy]trillian.HashStrategy {
-	reverse := make(map[spannerpb.HashStrategy]trillian.HashStrategy)
-	for k, v := range m {
-		if x, ok := reverse[v]; ok {
-			glog.Fatalf("Duplicate values for key %v: %v and %v", v, x, k)
-		}
-		reverse[v] = k
-	}
-	return reverse
-}
-
 func reverseHashAlgMap(m map[sigpb.DigitallySigned_HashAlgorithm]spannerpb.HashAlgorithm) map[spannerpb.HashAlgorithm]sigpb.DigitallySigned_HashAlgorithm {
 	reverse := make(map[spannerpb.HashAlgorithm]sigpb.DigitallySigned_HashAlgorithm)
 	for k, v := range m {
@@ -406,11  387,6 @@ func newTreeInfo(tree *trillian.Tree, treeID int64, now time.Time) (*spannerpb.T
 		return nil, status.Errorf(codes.Internal, "unexpected TreeType: %s", tree.TreeType)
 	}
 
-	hs, ok := hashStrategyMap[tree.HashStrategy]
-	if !ok {
-		return nil, status.Errorf(codes.Internal, "unexpected HashStrategy: %s", tree.HashStrategy)
-	}
-
 	ha, ok := hashAlgMap[tree.HashAlgorithm]
 	if !ok {
 		return nil, status.Errorf(codes.Internal, "unexpected HashAlgorithm: %s", tree.HashAlgorithm)
@@ -432,7  408,6 @@ func newTreeInfo(tree *trillian.Tree, treeID int64, now time.Time) (*spannerpb.T
 		Description:           tree.Description,
 		TreeState:             ts,
 		TreeType:              tt,
-		HashStrategy:          hs,
 		HashAlgorithm:         ha,
 		SignatureAlgorithm:    sa,
 		CreateTimeNanos:       now.UnixNano(),
@@ -655,12  630,6 @@ func toTrillianTree(info *spannerpb.TreeInfo) (*trillian.Tree, error) {
 	}
 	tree.TreeType = tt
 
-	hs, ok := hashStrategyReverseMap[info.HashStrategy]
-	if !ok {
-		return nil, status.Errorf(codes.Internal, "unexpected HashStrategy: %s", info.HashStrategy)
-	}
-	tree.HashStrategy = hs
-
 	ha, ok := hashAlgReverseMap[info.HashAlgorithm]
 	if !ok {
 		return nil, status.Errorf(codes.Internal, "unexpected HashAlgorithm: %s", info.HashAlgorithm)

diff --git a/storage/cloudspanner/log_storage.go b/storage/cloudspanner/log_storage.go
@@ -158,9  158,6 @@ func (ls *logStorage) Snapshot(ctx context.Context) (storage.ReadOnlyLogTX, erro
 }
 
 func newLogCache(tree *trillian.Tree) (*cache.SubtreeCache, error) {
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return nil, fmt.Errorf("unknown hash strategy: %s", s)
-	}
 	return cache.NewLogSubtreeCache(defLogStrata, rfc6962.DefaultHasher), nil
 }
 

diff --git a/storage/memory/log_storage.go b/storage/memory/log_storage.go
@@ -152,9  152,6 @@ func (m *memoryLogStorage) beginInternal(ctx context.Context, tree *trillian.Tre
 	once.Do(func() {
 		createMetrics(m.metricFactory)
 	})
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return nil, fmt.Errorf("unknown hash strategy: %s", s)
-	}
 
 	stCache := cache.NewLogSubtreeCache(defaultLogStrata, rfc6962.DefaultHasher)
 	ttx, err := m.TreeStorage.beginTreeTX(ctx, tree.TreeId, rfc6962.DefaultHasher.Size(), stCache, readonly)

diff --git a/storage/mysql/admin_storage.go b/storage/mysql/admin_storage.go
@@ -293,7  293,7 @@ func (t *adminTX) CreateTree(ctx context.Context, tree *trillian.Tree) (*trillia
 		newTree.TreeId,
 		newTree.TreeState.String(),
 		newTree.TreeType.String(),
-		newTree.HashStrategy.String(),
 		"RFC6962_SHA256",
 		newTree.HashAlgorithm.String(),
 		newTree.SignatureAlgorithm.String(),
 		newTree.DisplayName,

diff --git a/storage/mysql/log_storage.go b/storage/mysql/log_storage.go
@@ -227,9  227,6 @@ func (m *mySQLLogStorage) beginInternal(ctx context.Context, tree *trillian.Tree
 	once.Do(func() {
 		createMetrics(m.metricFactory)
 	})
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		return nil, fmt.Errorf("unknown hash strategy: %s", s)
-	}
 
 	stCache := cache.NewLogSubtreeCache(defaultLogStrata, rfc6962.DefaultHasher)
 	ttx, err := m.beginTreeTx(ctx, tree, rfc6962.DefaultHasher.Size(), stCache)

diff --git a/storage/sql.go b/storage/sql.go
@@ -96,9  96,7 @@ func ReadTree(row Row) (*trillian.Tree, error) {
 	} else {
 		return nil, fmt.Errorf("unknown TreeType: %v", treeType)
 	}
-	if hs, ok := trillian.HashStrategy_value[hashStrategy]; ok {
-		tree.HashStrategy = trillian.HashStrategy(hs)
-	} else {
 	if hashStrategy != "RFC6962_SHA256" {
 		return nil, fmt.Errorf("unknown HashStrategy: %v", hashStrategy)
 	}
 	if ha, ok := spb.DigitallySigned_HashAlgorithm_value[hashAlgorithm]; ok {
@@ -115,7  113,6 @@ func ReadTree(row Row) (*trillian.Tree, error) {
 	// Let's make sure we didn't mismatch any of the casts above
 	ok := tree.TreeState.String() == treeState &&
 		tree.TreeType.String() == treeType &&
-		tree.HashStrategy.String() == hashStrategy &&
 		tree.HashAlgorithm.String() == hashAlgorithm &&
 		tree.SignatureAlgorithm.String() == signatureAlgorithm
 	if !ok {

diff --git a/storage/testonly/admin_storage_tester.go b/storage/testonly/admin_storage_tester.go
@@ -77,7  77,6 @@ var (
 	LogTree = &trillian.Tree{
 		TreeState:          trillian.TreeState_ACTIVE,
 		TreeType:           trillian.TreeType_LOG,
-		HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 		HashAlgorithm:      spb.DigitallySigned_SHA256,
 		SignatureAlgorithm: spb.DigitallySigned_ECDSA,
 		DisplayName:        "Llamas Log",
@@ -95,7  94,6 @@ var (
 	PreorderedLogTree = &trillian.Tree{
 		TreeState:          trillian.TreeState_ACTIVE,
 		TreeType:           trillian.TreeType_PREORDERED_LOG,
-		HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 		HashAlgorithm:      spb.DigitallySigned_SHA256,
 		SignatureAlgorithm: spb.DigitallySigned_ECDSA,
 		DisplayName:        "Pre-ordered Log",

diff --git a/storage/tools/dump_tree/dumplib.go b/storage/tools/dump_tree/dumplib.go
@@ -181,7  181,6 @@ func createTree(as storage.AdminStorage, ls storage.LogStorage) *trillian.Tree {
 		TreeType:           trillian.TreeType_LOG,
 		TreeState:          trillian.TreeState_ACTIVE,
 		HashAlgorithm:      sigpb.DigitallySigned_SHA256,
-		HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 		SignatureAlgorithm: sigpb.DigitallySigned_ECDSA,
 		PrivateKey:         privKey,
 		PublicKey:          &keyspb.PublicKey{Der: pubKey},
@@ -192,10  191,6 @@ func createTree(as storage.AdminStorage, ls storage.LogStorage) *trillian.Tree {
 		glog.Fatalf("Create tree: %v", err)
 	}
 
-	if s := tree.HashStrategy; s != trillian.HashStrategy_RFC6962_SHA256 {
-		glog.Fatalf("Unknown hash strategy: %s", s)
-	}
-
 	logRoot, err := (&types.LogRootV1{RootHash: rfc6962.DefaultHasher.EmptyRoot()}).MarshalBinary()
 	if err != nil {
 		glog.Fatalf("MarshalBinary: %v", err)

diff --git a/storage/tree_validation.go b/storage/tree_validation.go
@@ -39,8  39,6 @@ func ValidateTreeForCreation(ctx context.Context, tree *trillian.Tree) error {
 		return status.Errorf(codes.InvalidArgument, "invalid tree_state: %s", tree.TreeState)
 	case tree.TreeType == trillian.TreeType_UNKNOWN_TREE_TYPE:
 		return status.Errorf(codes.InvalidArgument, "invalid tree_type: %s", tree.TreeType)
-	case tree.HashStrategy == trillian.HashStrategy_UNKNOWN_HASH_STRATEGY:
-		return status.Errorf(codes.InvalidArgument, "invalid hash_strategy: %s", tree.HashStrategy)
 	case tree.HashAlgorithm == sigpb.DigitallySigned_NONE:
 		return status.Errorf(codes.InvalidArgument, "invalid hash_algorithm: %s", tree.HashAlgorithm)
 	case tree.SignatureAlgorithm == sigpb.DigitallySigned_ANONYMOUS:
@@ -94,8  92,6 @@ func ValidateTreeForUpdate(ctx context.Context, storedTree, newTree *trillian.Tr
 		if err := validateTreeTypeUpdate(storedTree, newTree); err != nil {
 			return err
 		}
-	case storedTree.HashStrategy != newTree.HashStrategy:
-		return status.Error(codes.InvalidArgument, "readonly field changed: hash_strategy")
 	case storedTree.HashAlgorithm != newTree.HashAlgorithm:
 		return status.Error(codes.InvalidArgument, "readonly field changed: hash_algorithm")
 	case storedTree.SignatureAlgorithm != newTree.SignatureAlgorithm:

diff --git a/storage/tree_validation_test.go b/storage/tree_validation_test.go
@@ -72,9  72,6 @@ func TestValidateTreeForCreation(t *testing.T) {
 	invalidType := newTree()
 	invalidType.TreeType = trillian.TreeType_UNKNOWN_TREE_TYPE
 
-	invalidHashStrategy := newTree()
-	invalidHashStrategy.HashStrategy = trillian.HashStrategy_UNKNOWN_HASH_STRATEGY
-
 	invalidHashAlgorithm := newTree()
 	invalidHashAlgorithm.HashAlgorithm = sigpb.DigitallySigned_NONE
 
@@ -152,11  149,6 @@ func TestValidateTreeForCreation(t *testing.T) {
 			tree:    invalidType,
 			wantErr: true,
 		},
-		{
-			desc:    "invalidHashStrategy",
-			tree:    invalidHashStrategy,
-			wantErr: true,
-		},
 		{
 			desc:    "invalidHashAlgorithm",
 			tree:    invalidHashAlgorithm,
@@ -370,13  362,6 @@ func TestValidateTreeForUpdate(t *testing.T) {
 			},
 			wantErr: true,
 		},
-		{
-			desc: "HashStrategy",
-			updatefn: func(tree *trillian.Tree) {
-				tree.HashStrategy = trillian.HashStrategy_UNKNOWN_HASH_STRATEGY
-			},
-			wantErr: true,
-		},
 		{
 			desc: "HashAlgorithm",
 			updatefn: func(tree *trillian.Tree) {
@@ -451,7  436,6 @@ func newTree() *trillian.Tree {
 	return &trillian.Tree{
 		TreeState:          trillian.TreeState_ACTIVE,
 		TreeType:           trillian.TreeType_LOG,
-		HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 		HashAlgorithm:      sigpb.DigitallySigned_SHA256,
 		SignatureAlgorithm: sigpb.DigitallySigned_ECDSA,
 		DisplayName:        "Llamas Log",

diff --git a/testonly/mdm/mdmtest/main.go b/testonly/mdm/mdmtest/main.go
@@ -96,7  96,6 @@ func innerMain(ctx context.Context) error {
 			Tree: &trillian.Tree{
 				TreeState:          trillian.TreeState_ACTIVE,
 				TreeType:           trillian.TreeType_LOG,
-				HashStrategy:       trillian.HashStrategy_RFC6962_SHA256,
 				HashAlgorithm:      sigpb.DigitallySigned_SHA256,
 				SignatureAlgorithm: sigpb.DigitallySigned_ECDSA,
 				DisplayName:        fmt.Sprintf("mdmtest-%d", time.Now().UnixNano()/int64(time.Second)),

diff --git a/trees/trees_test.go b/trees/trees_test.go
@@ -344,7  344,6 @@ func TestSigner(t *testing.T) {
 		t.Run(test.desc, func(t *testing.T) {
 			tree := proto.Clone(testonly.LogTree).(*trillian.Tree)
 			tree.HashAlgorithm = sigpb.DigitallySigned_SHA256
-			tree.HashStrategy = trillian.HashStrategy_RFC6962_SHA256
 			tree.SignatureAlgorithm = test.sigAlgo
 
 			wantKeyProto, err := tree.PrivateKey.UnmarshalNew()