1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package client
import (
"fmt"
"crypto"
"crypto/ed25519"
"crypto/tls"
"github.com/google/trillian/merkle"
"github.com/google/trillian/merkle/rfc6962"
"github.com/system-transparency/stfe"
)
// TODO: fix so that publicKey is already passed as crypto.PublicKey
//k, err := x509.ParsePKIXPublicKey(publicKey)
//if err != nil {
// return fmt.Errorf("failed parsing public key: %v", err)
//}
func VerifySignedDebugInfoV1(sdi *stfe.StItem, scheme tls.SignatureScheme, key crypto.PublicKey, message []byte) error {
if err := supportedScheme(scheme, key); err != nil {
return err
}
if !ed25519.Verify(key.(ed25519.PublicKey), message, sdi.SignedDebugInfoV1.Signature) {
return fmt.Errorf("bad signature")
}
return nil
}
// VerifySignedTreeHeadV1 verifies an STH signature
func VerifySignedTreeHeadV1(sth *stfe.StItem, scheme tls.SignatureScheme, key crypto.PublicKey) error {
serialized, err := sth.SignedTreeHeadV1.TreeHead.Marshal()
if err != nil {
return fmt.Errorf("failed marshaling tree head: %v", err)
}
if err := supportedScheme(scheme, key); err != nil {
return err
}
if !ed25519.Verify(key.(ed25519.PublicKey), serialized, sth.SignedTreeHeadV1.Signature) {
return fmt.Errorf("bad signature")
}
return nil
}
// VerifyInclusionProofV1 verifies that an inclusion proof is valid
func VerifyInclusionProofV1(proof *stfe.StItem, rootHash, leafHash []byte) error {
path := make([][]byte, 0, len(proof.InclusionProofV1.InclusionPath))
for _, nh := range proof.InclusionProofV1.InclusionPath {
path = append(path, nh.Data)
}
return merkle.NewLogVerifier(rfc6962.DefaultHasher).VerifyInclusionProof(int64(proof.InclusionProofV1.LeafIndex), int64(proof.InclusionProofV1.TreeSize), path, rootHash, leafHash)
}
// supportedScheme checks whether the client library supports the log's
// signature scheme and public key type
func supportedScheme(scheme tls.SignatureScheme, key crypto.PublicKey) error {
if _, ok := key.(ed25519.PublicKey); ok && scheme == tls.Ed25519 {
return nil
}
switch t := key.(type) {
default:
return fmt.Errorf("unsupported scheme(%v) and key(%v)", scheme, t)
}
}
|
