aboutsummaryrefslogtreecommitdiff
path: root/client/verify.go
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-03 16:45:51 +0100
committerRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-03 16:45:51 +0100
commit2ad1e255d7909376bec16dc874e51be5b2629273 (patch)
tree12d10c8925875423ecd6529e00f4dbe73fe3181c /client/verify.go
parent14dd503f7612e18091e82b3b0a3ec381604d60df (diff)
added client-side consistency proof verification
Diffstat (limited to 'client/verify.go')
-rw-r--r--client/verify.go19
1 files changed, 18 insertions, 1 deletions
diff --git a/client/verify.go b/client/verify.go
index 3668bf2..b5257ac 100644
--- a/client/verify.go
+++ b/client/verify.go
@@ -44,7 +44,24 @@ func VerifySignedTreeHeadV1(sth *stfe.StItem, scheme tls.SignatureScheme, key cr
return nil
}
-// VerifyInclusionProofV1 verifies that an inclusion proof is valid
+// VerifyConsistencyProofV1 verifies that a consistency proof is valid without
+// checking any sth signature
+func VerifyConsistencyProofV1(proof, first, second *stfe.StItem) error {
+ path := make([][]byte, 0, len(proof.ConsistencyProofV1.ConsistencyPath))
+ for _, nh := range proof.ConsistencyProofV1.ConsistencyPath {
+ path = append(path, nh.Data)
+ }
+ return merkle.NewLogVerifier(rfc6962.DefaultHasher).VerifyConsistencyProof(
+ int64(proof.ConsistencyProofV1.TreeSize1),
+ int64(proof.ConsistencyProofV1.TreeSize2),
+ first.SignedTreeHeadV1.TreeHead.RootHash.Data,
+ second.SignedTreeHeadV1.TreeHead.RootHash.Data,
+ path,
+ )
+}
+
+// VerifyInclusionProofV1 verifies that an inclusion proof is valid without checking
+// any sth signature
func VerifyInclusionProofV1(proof *stfe.StItem, rootHash, leafHash []byte) error {
path := make([][]byte, 0, len(proof.InclusionProofV1.InclusionPath))
for _, nh := range proof.InclusionProofV1.InclusionPath {