forked from cloudflare/plexi
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix wasm32 target Rename crates to use dash instead of underscore
- Loading branch information
Showing
8 changed files
with
234 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,130 @@ | ||
name: CI checks | ||
|
||
on: [push, pull_request] | ||
|
||
jobs: | ||
test: | ||
name: Test on ${{ matrix.os }} | ||
runs-on: ${{ matrix.os }} | ||
strategy: | ||
matrix: | ||
os: [ubuntu-latest, windows-latest, macOS-latest] | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
override: true | ||
- name: cargo fetch | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: fetch | ||
- name: Build tests | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: build | ||
args: --all --verbose --exclude plexi_cli --all-features --tests | ||
- name: Run tests | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: test | ||
args: --all --verbose --exclude plexi_cli --all-features | ||
|
||
build: | ||
name: Build target ${{ matrix.target }} | ||
runs-on: ubuntu-latest | ||
strategy: | ||
matrix: | ||
target: | ||
- wasm32-unknown-unknown | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
override: true | ||
- name: Add target | ||
run: rustup target add ${{ matrix.target }} | ||
- name: cargo fetch | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: fetch | ||
- name: Build for target | ||
working-directory: ./plexi_core | ||
run: cargo build --verbose --no-default-features --target ${{ matrix.target }} | ||
|
||
bitrot: | ||
name: Bitrot | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
override: true | ||
- name: cargo check | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: check | ||
args: --tests --examples --benches --all-features | ||
|
||
clippy: | ||
name: Clippy (1.76) | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
components: clippy | ||
override: true | ||
- name: Clippy check | ||
uses: actions-rs/clippy-check@v1 | ||
with: | ||
name: Clippy (1.76) | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
args: --all-features --all-targets -- -D warnings | ||
|
||
doc-links: | ||
name: Intra-doc links | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
override: true | ||
- name: cargo fetch | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: fetch | ||
|
||
# Ensure intra-documentation links all resolve correctly | ||
# Requires #![deny(intra_doc_link_resolution_failure)] in crates. | ||
- name: Check intra-doc links | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: doc | ||
args: --all --exclude plexi_cli --all-features --document-private-items | ||
|
||
fmt: | ||
name: Rustfmt | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: actions-rs/toolchain@v1 | ||
with: | ||
toolchain: 1.76 | ||
components: rustfmt | ||
override: true | ||
- name: Check formatting | ||
uses: actions-rs/cargo@v1 | ||
with: | ||
command: fmt | ||
args: --all -- --check |
File renamed without changes.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
# Plexi | ||
|
||
![Plexi banner](../docs/assets/plexi_banner.png) | ||
|
||
Plexi is a flexible auditor for [Key Transparency systems](https://blog.cloudflare.com/key-transparency). | ||
|
||
## Tables of Content | ||
|
||
* [Features](#features) | ||
* [Installation](#installation) | ||
* [Usage](#usage) | ||
* [Configure your auditor remote](#configure-your-auditor-remote) | ||
* [List monitored Logs](#list-monitored-logs) | ||
* [Audit a signature](#audit-a-signature) | ||
* [Conduct](#conduct) | ||
* [License](#license) | ||
|
||
## Features | ||
|
||
* Verify authenticity of a signature, to confirm it has been signed by a given public key | ||
* Verify the validity of [facebook/akd](https://github.com/facebook/akd) proofs | ||
* List Logs an Auditor monitors | ||
|
||
## Installation | ||
|
||
| Environment | CLI Command | | ||
|:--------------------------------------------------------------|:----------------------| | ||
| [Cargo](https://www.rust-lang.org/tools/install) (Rust 1.76+) | `cargo install plexi` | | ||
|
||
## Usage | ||
|
||
Use the `--help` option for more details about the commands and their options. | ||
|
||
```bash | ||
plexi [OPTIONS] <COMMAND> | ||
``` | ||
|
||
### Configure your auditor remote | ||
|
||
`plexi` does not come with a default remote auditor, and you will need to choose your own. | ||
|
||
You can do so either by passing `--remote-url=<REMOTE>` or setting the `PLEXI_REMOTE_URL` environment variable. | ||
|
||
A common remote is provided below: | ||
|
||
| Name | Remote | | ||
|:-----------|:------------------------------------------------| | ||
| Cloudflare | `https://plexi.key-transparency.cloudflare.com` | | ||
|
||
If you have deployed your own auditor, you can add a remote by filing a [GitHub issue](https://github.com/cloudflare/plexi/issues). | ||
|
||
### List monitored Logs | ||
|
||
An auditor monitors multiple Logs at once. To discover which Logs an auditor is monitoring, run the following: | ||
|
||
```shell | ||
plexi ls --remote-url 'https://plexi.key-transparency.cloudflare.com' | ||
whatsapp.key-transparency.v1 | ||
``` | ||
|
||
### Audit a signature | ||
|
||
The Key Transparency Auditor vouches for Log validity by ensuring epoch uniqueness. and verifying the associated proof | ||
|
||
`plexi audit` provides information about a given epoch and its validity. It can perform a local audit to confirm the auditor behaviour. | ||
|
||
For instance, to verify WhatsApp Log auditted by Cloudflare Auditor, run the following: | ||
```shell | ||
> plexi audit --remote-url 'https://plexi.key-transparency.cloudflare.com' --namespace 'whatsapp.key-transparency.v1' --long | ||
Namespace: whatsapp.key-transparency.v1 | ||
Ciphersuite: ed25519(protobuf) | ||
Timestamp: 2024-09-19T09:59:44Z | ||
Epoch height: 476847 | ||
Epoch digest: 9d217c91dc629d16a3b1379e8fd7c949c27b1b6038259e3918bd0da3cd6c34d1 | ||
Signature: e4c83e3091ba8764752120bd7a726a28759d25a01f39d07131d6ba66a913d58d8f0f48f63bc7e037cc5ddd81dc76acc847dbf8d02b2f55251e6f2b1f00191902 | ||
Verification: success | ||
``` | ||
|
||
## Conduct | ||
|
||
Plexi and Cloudflare OpenSource generally follows the [Contributor Covenant Code of Conduct](https://github.com/cloudflare/.github/blob/26b37ca2ba7ab3d91050ead9f2c0e30674d3b91e/CODE_OF_CONDUCT.md). Violating the CoC could result in a warning or a ban to Plexi or any and all repositories in the Cloudflare organization. | ||
|
||
## License | ||
This project is Licensed under [Apache License, Version 2.0](../LICENSE). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters