diff options
author | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-05-21 20:31:09 +0200 |
---|---|---|
committer | Rasmus Dahlberg <rasmus@mullvad.net> | 2022-06-21 19:46:54 +0200 |
commit | cb6485bb6075179dc2521b8e82db961deae74faf (patch) | |
tree | bf05c3d83686cc056b3ef41b90a37a07b4269833 /cmd | |
parent | bbd6591c4f87b3f2c3e870b6418c6234d90a82e6 (diff) |
add proof verification to sigsum-debug
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/sigsum-debug/head/consistency/consistency.go | 30 | ||||
-rw-r--r-- | cmd/sigsum-debug/head/sign/sign.go | 2 | ||||
-rw-r--r-- | cmd/sigsum-debug/leaf/hash/hash.go | 2 | ||||
-rw-r--r-- | cmd/sigsum-debug/leaf/inclusion/inclusion.go | 28 |
4 files changed, 57 insertions, 5 deletions
diff --git a/cmd/sigsum-debug/head/consistency/consistency.go b/cmd/sigsum-debug/head/consistency/consistency.go index 18fbdd6..c4feb94 100644 --- a/cmd/sigsum-debug/head/consistency/consistency.go +++ b/cmd/sigsum-debug/head/consistency/consistency.go @@ -1,9 +1,35 @@ package consistency import ( + "bytes" "fmt" + + "git.sigsum.org/sigsum-go/internal/fmtio" + "git.sigsum.org/sigsum-go/pkg/types" ) -func Main(args []string, oldSize, newSize uint64, oldRoot, newRoot string) error { - return fmt.Errorf("TODO") +func Main(args []string, optOldSize, optNewSize uint64, optOldRoot, optNewRoot string) error { + if len(args) != 0 { + return fmt.Errorf("trailing arguments: %v", args) + } + b, err := fmtio.BytesFromStdin() + if err != nil { + return fmt.Errorf("read: %w", err) + } + var proof types.ConsistencyProof + if err := proof.FromASCII(bytes.NewBuffer(b), optOldSize, optNewSize); err != nil { + return fmt.Errorf("parse proof: %w", err) + } + oldRoot, err := fmtio.HashFromHex(optOldRoot) + if err != nil { + return fmt.Errorf("parse old root: %w", err) + } + newRoot, err := fmtio.HashFromHex(optNewRoot) + if err != nil { + return fmt.Errorf("parse new root: %w", err) + } + if err := proof.Verify(&oldRoot, &newRoot); err != nil { + return fmt.Errorf("verify: %w", err) + } + return nil } diff --git a/cmd/sigsum-debug/head/sign/sign.go b/cmd/sigsum-debug/head/sign/sign.go index 572af9a..6369d21 100644 --- a/cmd/sigsum-debug/head/sign/sign.go +++ b/cmd/sigsum-debug/head/sign/sign.go @@ -22,7 +22,7 @@ func Main(args []string, optPrivateKey, optKeyHash string) error { if err != nil { return fmt.Errorf("parse private key: %v", err) } - keyHash, err := fmtio.KeyHashFromHex(optKeyHash) + keyHash, err := fmtio.HashFromHex(optKeyHash) if err != nil { return fmt.Errorf("parse key hash: %v", err) } diff --git a/cmd/sigsum-debug/leaf/hash/hash.go b/cmd/sigsum-debug/leaf/hash/hash.go index 4fd471c..a6fe1ad 100644 --- a/cmd/sigsum-debug/leaf/hash/hash.go +++ b/cmd/sigsum-debug/leaf/hash/hash.go @@ -18,7 +18,7 @@ func Main(args []string, optKeyHash, optSignature string, optShardHint uint64) e if err != nil { return fmt.Errorf("read stdin: %w", err) } - keyHash, err := fmtio.KeyHashFromHex(optKeyHash) + keyHash, err := fmtio.HashFromHex(optKeyHash) if err != nil { return fmt.Errorf("parse key hash: %w", err) } diff --git a/cmd/sigsum-debug/leaf/inclusion/inclusion.go b/cmd/sigsum-debug/leaf/inclusion/inclusion.go index f9aeb68..e70b3eb 100644 --- a/cmd/sigsum-debug/leaf/inclusion/inclusion.go +++ b/cmd/sigsum-debug/leaf/inclusion/inclusion.go @@ -1,9 +1,35 @@ package inclusion import ( + "bytes" "fmt" + + "git.sigsum.org/sigsum-go/internal/fmtio" + "git.sigsum.org/sigsum-go/pkg/types" ) func Main(args []string, optLeafHash, optRootHash string, optTreeSize uint64) error { - return fmt.Errorf("TODO") + if len(args) != 0 { + return fmt.Errorf("trailing arguments: %v", args) + } + b, err := fmtio.BytesFromStdin() + if err != nil { + return fmt.Errorf("read: %w", err) + } + var proof types.InclusionProof + if err := proof.FromASCII(bytes.NewBuffer(b), optTreeSize); err != nil { + return fmt.Errorf("parse proof: %w", err) + } + leafHash, err := fmtio.HashFromHex(optLeafHash) + if err != nil { + return fmt.Errorf("parse leaf hash: %w", err) + } + rootHash, err := fmtio.HashFromHex(optRootHash) + if err != nil { + return fmt.Errorf("parse root hash: %w", err) + } + if err := proof.Verify(&leafHash, &rootHash); err != nil { + return fmt.Errorf("verify: %w", err) + } + return nil } |