diff options
Diffstat (limited to 'x509.go')
| -rw-r--r-- | x509.go | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -11,6 +11,8 @@ import ( "crypto/x509" "encoding/pem" "io/ioutil" + + "github.com/google/certificate-transparency-go/tls" ) // LoadTrustAnchors loads a list of PEM-encoded certificates from file @@ -121,3 +123,17 @@ func GenV1SDI(ld *LogParameters, leaf []byte) (StItem, error) { } return NewSignedDebugInfoV1(ld.LogId, []byte("reserved"), sig), nil } + +func GenV1STH(ld *LogParameters, th TreeHeadV1) (StItem, error) { + serialized, err := tls.Marshal(th) + if err != nil { + return StItem{}, fmt.Errorf("failed tls marshaling tree head: %v", err) + } + + // Note that ed25519 does not use the passed io.Reader + sig, err := ld.Signer.Sign(rand.Reader, serialized, crypto.Hash(0)) + if err != nil { + return StItem{}, fmt.Errorf("ed25519 signature failed: %v", err) + } + return NewSignedTreeHeadV1(th, ld.LogId, sig), nil +} |