Skip to content

Add FindTiledLog* functions #1763

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
phbnf merged 3 commits into from
Feb 23, 2026
+131 −9
Merged

Add FindTiledLog* functions #1763

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
27d257d
Add Find* functions for tiled logs
robstradling Feb 18, 2026
8af13e2
Clarify that the FindLog* functions only look for RFC 6962 logs
robstradling Feb 18, 2026
4746f4e
Update CHANGELOG.md
robstradling Feb 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@
* [CTFE] Add a /log.v3.json endpoint to help satisfy a requirement of the Chrome CT Log Policy by @robstradling in https://github.com/google/certificate-transparency-go/pull/1703
* [preloader] add continuous mode.
* [CTFE] Enforce max request body size using `http.MaxBytesHandler`.
* Support tiled logs in the loglist3 logfilter functions by @robstradling in https://github.com/google/certificate-transparency-go/pull/1762
* Add FindTiledLog* functions by @robstradling in https://github.com/google/certificate-transparency-go/pull/1763


## v1.3.2

Expand Down
137 changes: 128 additions & 9 deletions loglist3/loglist3.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,7 @@ func NewFromSignedJSON(llData, rawSig []byte, pubKey crypto.PublicKey) (*LogList
return NewFromJSON(llData)
}

// FindLogByName returns all logs whose names contain the given string.
// FindLogByName returns all RFC 6962 logs whose names contain the given string.
func (ll *LogList) FindLogByName(name string) []*Log {
name = strings.ToLower(name)
var results []*Log
Expand All @@ -315,7 +315,7 @@ func (ll *LogList) FindLogByName(name string) []*Log {
return results
}

// FindLogByURL finds the log with the given URL.
// FindLogByURL finds the RFC 6962 log with the given URL.
func (ll *LogList) FindLogByURL(url string) *Log {
for _, op := range ll.Operators {
for _, log := range op.Logs {
Expand All @@ -328,7 +328,7 @@ func (ll *LogList) FindLogByURL(url string) *Log {
return nil
}

// FindLogByKeyHash finds the log with the given key hash.
// FindLogByKeyHash finds the RFC 6962 log with the given key hash.
func (ll *LogList) FindLogByKeyHash(keyhash [sha256.Size]byte) *Log {
for _, op := range ll.Operators {
for _, log := range op.Logs {
Expand All @@ -340,7 +340,8 @@ func (ll *LogList) FindLogByKeyHash(keyhash [sha256.Size]byte) *Log {
return nil
}

// FindLogByKeyHashPrefix finds all logs whose key hash starts with the prefix.
// FindLogByKeyHashPrefix finds all RFC 6962 logs whose key hash starts with
// the prefix.
func (ll *LogList) FindLogByKeyHashPrefix(prefix string) []*Log {
var results []*Log
for _, op := range ll.Operators {
Expand All @@ -354,7 +355,7 @@ func (ll *LogList) FindLogByKeyHashPrefix(prefix string) []*Log {
return results
}

// FindLogByKey finds the log with the given DER-encoded key.
// FindLogByKey finds the RFC 6962 log with the given DER-encoded key.
func (ll *LogList) FindLogByKey(key []byte) *Log {
for _, op := range ll.Operators {
for _, log := range op.Logs {
Expand All @@ -368,10 +369,10 @@ func (ll *LogList) FindLogByKey(key []byte) *Log {

var hexDigits = regexp.MustCompile("^[0-9a-fA-F]+$")

// FuzzyFindLog tries to find logs that match the given unspecified input,
// whose format is unspecified. This generally returns a single log, but
// if text input that matches multiple log descriptions is provided, then
// multiple logs may be returned.
// FuzzyFindLog tries to find RFC 6962 logs that match the given unspecified
// input, whose format is unspecified. This generally returns a single RFC 6962
// log, but if text input that matches multiple RFC 6962 log descriptions is
// provided, then multiple RFC 6962 logs may be returned.
func (ll *LogList) FuzzyFindLog(input string) []*Log {
input = strings.Trim(input, " \t")
if logs := ll.FindLogByName(input); len(logs) > 0 {
Expand Down Expand Up @@ -417,6 +418,124 @@ func (ll *LogList) FuzzyFindLog(input string) []*Log {
return nil
}

// FindTiledLogByName returns all tiled logs whose names contain the given
// string.
func (ll *LogList) FindTiledLogByName(name string) []*TiledLog {
name = strings.ToLower(name)
var results []*TiledLog
for _, op := range ll.Operators {
for _, log := range op.TiledLogs {
if strings.Contains(strings.ToLower(log.Description), name) {
results = append(results, log)
}
}
}
return results
}

// FindTiledLogByURL finds the tiled log with the given URL.
func (ll *LogList) FindTiledLogByURL(url string) *TiledLog {
for _, op := range ll.Operators {
for _, log := range op.TiledLogs {
// Don't count trailing slashes
if strings.TrimRight(log.SubmissionURL, "/") == strings.TrimRight(url, "/") {
return log
} else if strings.TrimRight(log.MonitoringURL, "/") == strings.TrimRight(url, "/") {
return log
}
}
}
return nil
}

// FindTiledLogByKeyHash finds the tiled log with the given key hash.
func (ll *LogList) FindTiledLogByKeyHash(keyhash [sha256.Size]byte) *TiledLog {
for _, op := range ll.Operators {
for _, log := range op.TiledLogs {
if bytes.Equal(log.LogID, keyhash[:]) {
return log
}
}
}
return nil
}

// FindTiledLogByKeyHashPrefix finds all tiled logs whose key hash starts with
// the prefix.
func (ll *LogList) FindTiledLogByKeyHashPrefix(prefix string) []*TiledLog {
var results []*TiledLog
for _, op := range ll.Operators {
for _, log := range op.TiledLogs {
hh := hex.EncodeToString(log.LogID[:])
if strings.HasPrefix(hh, prefix) {
results = append(results, log)
}
}
}
return results
}

// FindTiledLogByKey finds the tiled log with the given DER-encoded key.
func (ll *LogList) FindTiledLogByKey(key []byte) *TiledLog {
for _, op := range ll.Operators {
for _, log := range op.TiledLogs {
if bytes.Equal(log.Key[:], key) {
return log
}
}
}
return nil
}

// FuzzyFindTiledLog tries to find tiled logs that match the given unspecified
// input, whose format is unspecified. This generally returns a single tiled
// log, but if text input that matches multiple tiled log descriptions is
// provided, then multiple tiled logs may be returned.
func (ll *LogList) FuzzyFindTiledLog(input string) []*TiledLog {
input = strings.Trim(input, " \t")
if logs := ll.FindTiledLogByName(input); len(logs) > 0 {
return logs
}
if log := ll.FindTiledLogByURL(input); log != nil {
return []*TiledLog{log}
}
// Try assuming the input is binary data of some form. First base64:
if data, err := base64.StdEncoding.DecodeString(input); err == nil {
if len(data) == sha256.Size {
var hash [sha256.Size]byte
copy(hash[:], data)
if log := ll.FindTiledLogByKeyHash(hash); log != nil {
return []*TiledLog{log}
}
}
if log := ll.FindTiledLogByKey(data); log != nil {
return []*TiledLog{log}
}
}
// Now hex, but strip all internal whitespace first.
input = stripInternalSpace(input)
if data, err := hex.DecodeString(input); err == nil {
if len(data) == sha256.Size {
var hash [sha256.Size]byte
copy(hash[:], data)
if log := ll.FindTiledLogByKeyHash(hash); log != nil {
return []*TiledLog{log}
}
}
if log := ll.FindTiledLogByKey(data); log != nil {
return []*TiledLog{log}
}
}
// Finally, allow hex strings with an odd number of digits.
if hexDigits.MatchString(input) {
if logs := ll.FindTiledLogByKeyHashPrefix(input); len(logs) > 0 {
return logs
}
}

return nil
}

func stripInternalSpace(input string) string {
return strings.Map(func(r rune) rune {
if !unicode.IsSpace(r) {
Expand Down
Loading