Rename 'unhashed' data tile to 'auxiliary'

Author: lukevalenta

crates/generic_log_worker/src/ctlog.rs

@@ -420,19 +420,19 @@ impl SequenceState {
                 },
             );
 
-            // Fetch and store the right-most unhashed tile, if configured.
-            if let Some(path_elem) = L::Pending::UNHASHED_TILE_PATH {
-                let unhashed_tile = level0_tile.with_data_path(path_elem);
-                let unhashed_tile_bytes = object
-                    .fetch(&unhashed_tile.path())
+            // Fetch and store the right-most auxiliary tile, if configured.
+            if let Some(path_elem) = L::Pending::AUX_TILE_PATH {
+                let aux_tile = level0_tile.with_data_path(path_elem);
+                let aux_tile_bytes = object
+                    .fetch(&aux_tile.path())
                     .await?
-                    .ok_or(anyhow!("no unhashed tile in object storage"))?;
+                    .ok_or(anyhow!("no auxiliary tile in object storage"))?;
 
                 edge_tiles.insert(
                     UNHASHED_TILE_LEVEL_KEY,
                     TileWithBytes {
-                        tile: unhashed_tile,
-                        b: unhashed_tile_bytes,
+                        tile: aux_tile,
+                        b: aux_tile_bytes,
                     },
                 );
             }
@@ -636,12 +636,12 @@ async fn sequence_entries<L: LogEntry>(
         }
     }
 
-    // Load the current partial unhashed tile, if configured.
-    let mut unhashed_tile = Vec::new();
-    if L::Pending::UNHASHED_TILE_PATH.is_some() {
+    // Load the current partial auxiliary tile, if configured.
+    let mut aux_tile = Vec::new();
+    if L::Pending::AUX_TILE_PATH.is_some() {
         if let Some(t) = edge_tiles.get(&UNHASHED_TILE_LEVEL_KEY) {
             if t.tile.width() < TlogTile::FULL_WIDTH {
-                unhashed_tile.clone_from(&t.b);
+                aux_tile.clone_from(&t.b);
             }
         }
     }
@@ -657,9 +657,9 @@ async fn sequence_entries<L: LogEntry>(
         cache_metadata.push((entry.lookup_key(), metadata));
         sequenced_metadata.push((sender, metadata));
 
-        // Write to the unhashed tile, if configured.
-        if L::Pending::UNHASHED_TILE_PATH.is_some() {
-            unhashed_tile.extend(entry.unhashed_entry());
+        // Write to the auxiliary tile, if configured.
+        if L::Pending::AUX_TILE_PATH.is_some() {
+            aux_tile.extend(entry.aux_entry());
         }
 
         let sequenced_entry = L::new(entry, metadata);
@@ -702,7 +702,7 @@ async fn sequence_entries<L: LogEntry>(
                 &mut edge_tiles,
                 &mut tile_uploads,
                 std::mem::take(&mut data_tile),
-                std::mem::take(&mut unhashed_tile),
+                std::mem::take(&mut aux_tile),
             );
         }
     }
@@ -718,7 +718,7 @@ async fn sequence_entries<L: LogEntry>(
             &mut edge_tiles,
             &mut tile_uploads,
             std::mem::take(&mut data_tile),
-            std::mem::take(&mut unhashed_tile),
+            std::mem::take(&mut aux_tile),
         );
     }
 
@@ -870,14 +870,14 @@ async fn sequence_entries<L: LogEntry>(
     Ok(())
 }
 
-// Stage a data tile, and if configured an unhashed tile.
+// Stage a data tile, and if configured an auxiliary tile.
 // This is used as a helper function for [`sequence_entries`].
 fn stage_data_tile<L: LogEntry>(
     n: u64,
     edge_tiles: &mut HashMap<u8, TileWithBytes>,
     tile_uploads: &mut Vec<UploadAction>,
     data_tile: Vec<u8>,
-    unhashed_tile: Vec<u8>,
+    aux_tile: Vec<u8>,
 ) {
     let tile = TlogTile::from_index(tlog_tiles::stored_hash_index(0, n - 1))
         .with_data_path(L::Pending::DATA_TILE_PATH);
@@ -893,19 +893,19 @@ fn stage_data_tile<L: LogEntry>(
         data: data_tile,
         opts: OPTS_DATA_TILE.clone(),
     });
-    if let Some(path_elem) = L::Pending::UNHASHED_TILE_PATH {
+    if let Some(path_elem) = L::Pending::AUX_TILE_PATH {
         let tile =
             TlogTile::from_index(tlog_tiles::stored_hash_index(0, n - 1)).with_data_path(path_elem);
         edge_tiles.insert(
             UNHASHED_TILE_LEVEL_KEY,
             TileWithBytes {
                 tile,
-                b: unhashed_tile.clone(),
+                b: aux_tile.clone(),
             },
         );
         tile_uploads.push(UploadAction {
             key: tile.path(),
-            data: unhashed_tile,
+            data: aux_tile,
             opts: OPTS_DATA_TILE.clone(),
         });
     }

crates/mtc_api/src/lib.rs

@@ -56,10 +56,10 @@ impl PendingLogEntry for MtcPendingLogEntry {
     const DATA_TILE_PATH: PathElem = TlogTilesPendingLogEntry::DATA_TILE_PATH;
 
     /// MTC publishes unauthenticated bootstrap data at 'bootstrap'.
-    const UNHASHED_TILE_PATH: Option<PathElem> = Some(PathElem::Custom("bootstrap"));
+    const AUX_TILE_PATH: Option<PathElem> = Some(PathElem::Custom("bootstrap"));
 
     /// Returns the serialized bootstrap data.
-    fn unhashed_entry(&self) -> &[u8] {
+    fn aux_entry(&self) -> &[u8] {
         &self.bootstrap
     }
 
@@ -280,20 +280,22 @@ pub fn validate_chain(
         None => return Err(MtcError::EmptyChain),
     };
 
-    if validity.not_after.to_unix_duration().gt(&leaf
-        .tbs_certificate
-        .validity
-        .not_after
-        .to_unix_duration())
-    {
-        validity.not_after = leaf.tbs_certificate.validity.not_after;
-    }
-
     // TODO actually validate chain
-    let _chain = iter
+    let chain = iter
         .map(|x| Certificate::from_der(x))
         .collect::<Result<Vec<Certificate>, der::Error>>()?;
 
+    for cert in std::iter::once(&leaf).chain(&chain) {
+        if validity.not_after.to_unix_duration().gt(&cert
+            .tbs_certificate
+            .validity
+            .not_after
+            .to_unix_duration())
+        {
+            validity.not_after = cert.tbs_certificate.validity.not_after;
+        }
+    }
+
     let mut bootstrap = Vec::new();
     bootstrap.write_length_prefixed(&raw_chain[0], 3)?;
     bootstrap.write_length_prefixed(

crates/static_ct_api/src/static_ct.rs

@@ -163,12 +163,12 @@ impl PendingLogEntry for StaticCTPendingLogEntry {
     /// The data tile path in static-ct-api is 'data'.
     const DATA_TILE_PATH: PathElem = PathElem::Data;
 
-    /// No unhashed data published in static-ct-api. (Rather, the unhashed
-    /// `chain_fingerprints` is included in the data tile directly.)
-    const UNHASHED_TILE_PATH: Option<PathElem> = None;
+    /// No auxiliary data tile published in static-ct-api. (Rather, the
+    /// auxiliary `chain_fingerprints` is included in the data tile directly.)
+    const AUX_TILE_PATH: Option<PathElem> = None;
 
     /// Unused in static-ct-api.
-    fn unhashed_entry(&self) -> &[u8] {
+    fn aux_entry(&self) -> &[u8] {
         unimplemented!()
     }
 

crates/tlog_tiles/src/entries.rs

@@ -26,14 +26,15 @@ pub trait PendingLogEntry: core::fmt::Debug + Clone + Serialize + DeserializeOwn
     /// The path to write data tiles in the object store, which is 'entries' for tlog-tiles.
     const DATA_TILE_PATH: PathElem;
 
-    /// If configured, the path to write unhashed data associated with the entry
-    /// to the object store. This is unused in tlog-tiles and static-ct-api, but
-    /// is used for publishing 'bootstrap' certificiate chains in MTC.
-    const UNHASHED_TILE_PATH: Option<PathElem>;
+    /// If configured, the path to write auxiliary data associated with the
+    /// entry to the object store. This is unused in tlog-tiles and
+    /// static-ct-api, but is used for publishing 'bootstrap' certificiate
+    /// chains in MTC.
+    const AUX_TILE_PATH: Option<PathElem>;
 
-    /// Returns the unhashed data for this entry, if configured. It is an error
-    /// to call this function if `UNHASHED_PATH` is not specified.
-    fn unhashed_entry(&self) -> &[u8];
+    /// Returns the auxiliary data for this entry, if configured. It is an error
+    /// to call this function if [`AUX_TILE_PATH`] is not specified.
+    fn aux_entry(&self) -> &[u8];
 
     /// The lookup key belonging to this pending log entry.
     fn lookup_key(&self) -> LookupKey;
@@ -121,11 +122,11 @@ impl PendingLogEntry for TlogTilesPendingLogEntry {
     /// The data tile path in tlog-tiles is 'entries'.
     const DATA_TILE_PATH: PathElem = PathElem::Entries;
 
-    /// No unhashed data published in tlog-tiles.
-    const UNHASHED_TILE_PATH: Option<PathElem> = None;
+    /// No auxiliary data tile published in tlog-tiles.
+    const AUX_TILE_PATH: Option<PathElem> = None;
 
     /// Unused in tlog-tiles.
-    fn unhashed_entry(&self) -> &[u8] {
+    fn aux_entry(&self) -> &[u8] {
         unimplemented!()
     }