From e2959d506de6067afe494315c3621b33613b5414 Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Date: Mon, 15 Mar 2021 20:18:29 +0100
Subject: added option to run with unregistered namespaces

Also a few minor fixes such that server binary starts again.
---
 request.go | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

(limited to 'request.go')

diff --git a/request.go b/request.go
index 5bee672..7c95f34 100644
--- a/request.go
+++ b/request.go
@@ -19,9 +19,15 @@ func (lp *LogParameters) parseAddEntryV1Request(r *http.Request) (*types.StItem,
 	}
 
 	// Check that submitter namespace is valid
-	if namespace, ok := lp.Submitters.Find(&item.SignedChecksumV1.Signature.Namespace); !ok {
-		return nil, fmt.Errorf("unknown namespace: %v", item.SignedChecksumV1.Signature.Namespace)
-	} else if msg, err := types.Marshal(item.SignedChecksumV1.Data); err != nil {
+	namespace := &item.SignedChecksumV1.Signature.Namespace
+	if lp.SubmitterPolicy {
+		var ok bool
+		if namespace, ok = lp.Submitters.Find(namespace); !ok {
+			return nil, fmt.Errorf("unknown submitter namespace: %v", namespace)
+		}
+	}
+	// Check that namespace signed add-entry request
+	if msg, err := types.Marshal(item.SignedChecksumV1.Data); err != nil {
 		return nil, fmt.Errorf("Marshal: %v", err) // should never happen
 	} else if err := namespace.Verify(msg, item.SignedChecksumV1.Signature.Signature); err != nil {
 		return nil, fmt.Errorf("Verify: %v", err)
@@ -37,13 +43,20 @@ func (lp *LogParameters) parseAddCosignatureV1Request(r *http.Request) (*types.S
 	if item.Format != types.StFormatCosignedTreeHeadV1 {
 		return nil, fmt.Errorf("invalid StItem format: %v", item.Format)
 	}
-
-	// Check that witness namespace is valid
 	if got, want := len(item.CosignedTreeHeadV1.Cosignatures), 1; got != want {
 		return nil, fmt.Errorf("invalid number of cosignatures: %d", got)
-	} else if namespace, ok := lp.Witnesses.Find(&item.CosignedTreeHeadV1.Cosignatures[0].Namespace); !ok {
-		return nil, fmt.Errorf("unknown witness: %v", item.CosignedTreeHeadV1.Cosignatures[0].Namespace)
-	} else if msg, err := types.Marshal(*types.NewSignedTreeHeadV1(&item.CosignedTreeHeadV1.SignedTreeHead.TreeHead, &item.CosignedTreeHeadV1.SignedTreeHead.Signature).SignedTreeHeadV1); err != nil {
+	}
+
+	// Check that witness namespace is valid
+	namespace := &item.CosignedTreeHeadV1.Cosignatures[0].Namespace
+	if lp.WitnessPolicy {
+		var ok bool
+		if namespace, ok = lp.Witnesses.Find(namespace); !ok {
+			return nil, fmt.Errorf("unknown witness namespace: %v", namespace)
+		}
+	}
+	// Check that namespace signed add-cosignature request
+	if msg, err := types.Marshal(*types.NewSignedTreeHeadV1(&item.CosignedTreeHeadV1.SignedTreeHead.TreeHead, &item.CosignedTreeHeadV1.SignedTreeHead.Signature).SignedTreeHeadV1); err != nil {
 		return nil, fmt.Errorf("Marshal: %v", err) // should never happen
 	} else if err := namespace.Verify(msg, item.CosignedTreeHeadV1.Cosignatures[0].Signature); err != nil {
 		return nil, fmt.Errorf("Verify: %v", err)
-- 
cgit v1.2.3