From 0cd966dd8405df6244db051faf5ebc112e1c5a1e Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Date: Thu, 5 Nov 2020 19:23:40 +0100
Subject: fixed get-entries output and client-side verification

---
 client/verify.go | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'client/verify.go')

diff --git a/client/verify.go b/client/verify.go
index 8d64211..d9c18bf 100644
--- a/client/verify.go
+++ b/client/verify.go
@@ -12,6 +12,7 @@ import (
 	"github.com/system-transparency/stfe"
 )
 
+// VerifySignedDebugInfoV1 verifies an SDI signature
 func VerifySignedDebugInfoV1(sdi *stfe.StItem, scheme tls.SignatureScheme, key crypto.PublicKey, message []byte) error {
 	if err := supportedScheme(scheme, key); err != nil {
 		return err
@@ -31,13 +32,27 @@ func VerifySignedTreeHeadV1(sth *stfe.StItem, scheme tls.SignatureScheme, key cr
 	if err := supportedScheme(scheme, key); err != nil {
 		return err
 	}
-
 	if !ed25519.Verify(key.(ed25519.PublicKey), serialized, sth.SignedTreeHeadV1.Signature) {
 		return fmt.Errorf("bad signature")
 	}
 	return nil
 }
 
+// VerifyChecksumV1 verifies a checksum signature
+func VerifyChecksumV1(checksum *stfe.StItem, key crypto.PublicKey, signature []byte, scheme tls.SignatureScheme) error {
+	serialized, err := checksum.Marshal()
+	if err != nil {
+		return fmt.Errorf("failed marshaling StItem: %v", err)
+	}
+	if err := supportedScheme(scheme, key); err != nil {
+		return err
+	}
+	if !ed25519.Verify(key.(ed25519.PublicKey), serialized, signature) {
+		return fmt.Errorf("bad signature")
+	}
+	return nil
+}
+
 // VerifyConsistencyProofV1 verifies that a consistency proof is valid without
 // checking any sth signature
 func VerifyConsistencyProofV1(proof, first, second *stfe.StItem) error {
-- 
cgit v1.2.3