aboutsummaryrefslogtreecommitdiff
path: root/client/verify.go
diff options
context:
space:
mode:
Diffstat (limited to 'client/verify.go')
-rw-r--r--client/verify.go59
1 files changed, 0 insertions, 59 deletions
diff --git a/client/verify.go b/client/verify.go
index d9c18bf..3ce02e7 100644
--- a/client/verify.go
+++ b/client/verify.go
@@ -1,58 +1,11 @@
package client
import (
- "fmt"
-
- "crypto"
- "crypto/ed25519"
- "crypto/tls"
-
"github.com/google/trillian/merkle"
"github.com/google/trillian/merkle/rfc6962"
"github.com/system-transparency/stfe"
)
-// VerifySignedDebugInfoV1 verifies an SDI signature
-func VerifySignedDebugInfoV1(sdi *stfe.StItem, scheme tls.SignatureScheme, key crypto.PublicKey, message []byte) error {
- if err := supportedScheme(scheme, key); err != nil {
- return err
- }
- if !ed25519.Verify(key.(ed25519.PublicKey), message, sdi.SignedDebugInfoV1.Signature) {
- return fmt.Errorf("bad signature")
- }
- return nil
-}
-
-// VerifySignedTreeHeadV1 verifies an STH signature
-func VerifySignedTreeHeadV1(sth *stfe.StItem, scheme tls.SignatureScheme, key crypto.PublicKey) error {
- serialized, err := sth.SignedTreeHeadV1.TreeHead.Marshal()
- if err != nil {
- return fmt.Errorf("failed marshaling tree head: %v", err)
- }
- if err := supportedScheme(scheme, key); err != nil {
- return err
- }
- if !ed25519.Verify(key.(ed25519.PublicKey), serialized, sth.SignedTreeHeadV1.Signature) {
- return fmt.Errorf("bad signature")
- }
- return nil
-}
-
-// VerifyChecksumV1 verifies a checksum signature
-func VerifyChecksumV1(checksum *stfe.StItem, key crypto.PublicKey, signature []byte, scheme tls.SignatureScheme) error {
- serialized, err := checksum.Marshal()
- if err != nil {
- return fmt.Errorf("failed marshaling StItem: %v", err)
- }
- if err := supportedScheme(scheme, key); err != nil {
- return err
- }
- if !ed25519.Verify(key.(ed25519.PublicKey), serialized, signature) {
- return fmt.Errorf("bad signature")
- }
- return nil
-}
-
// VerifyConsistencyProofV1 verifies that a consistency proof is valid without
// checking any sth signature
func VerifyConsistencyProofV1(proof, first, second *stfe.StItem) error {
@@ -84,15 +37,3 @@ func VerifyInclusionProofV1(proof *stfe.StItem, rootHash, leafHash []byte) error
leafHash,
)
}
-
-// supportedScheme checks whether the client library supports the log's
-// signature scheme and public key type
-func supportedScheme(scheme tls.SignatureScheme, key crypto.PublicKey) error {
- if _, ok := key.(ed25519.PublicKey); ok && scheme == tls.Ed25519 {
- return nil
- }
- switch t := key.(type) {
- default:
- return fmt.Errorf("unsupported scheme(%v) and key(%v)", scheme, t)
- }
-}