From cb6485bb6075179dc2521b8e82db961deae74faf Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Sat, 21 May 2022 20:31:09 +0200 Subject: add proof verification to sigsum-debug --- cmd/sigsum-debug/head/consistency/consistency.go | 30 ++++++++++++++++++++++-- cmd/sigsum-debug/head/sign/sign.go | 2 +- cmd/sigsum-debug/leaf/hash/hash.go | 2 +- cmd/sigsum-debug/leaf/inclusion/inclusion.go | 28 +++++++++++++++++++++- internal/fmtio/fmtio.go | 2 +- 5 files changed, 58 insertions(+), 6 deletions(-) diff --git a/cmd/sigsum-debug/head/consistency/consistency.go b/cmd/sigsum-debug/head/consistency/consistency.go index 18fbdd6..c4feb94 100644 --- a/cmd/sigsum-debug/head/consistency/consistency.go +++ b/cmd/sigsum-debug/head/consistency/consistency.go @@ -1,9 +1,35 @@ package consistency import ( + "bytes" "fmt" + + "git.sigsum.org/sigsum-go/internal/fmtio" + "git.sigsum.org/sigsum-go/pkg/types" ) -func Main(args []string, oldSize, newSize uint64, oldRoot, newRoot string) error { - return fmt.Errorf("TODO") +func Main(args []string, optOldSize, optNewSize uint64, optOldRoot, optNewRoot string) error { + if len(args) != 0 { + return fmt.Errorf("trailing arguments: %v", args) + } + b, err := fmtio.BytesFromStdin() + if err != nil { + return fmt.Errorf("read: %w", err) + } + var proof types.ConsistencyProof + if err := proof.FromASCII(bytes.NewBuffer(b), optOldSize, optNewSize); err != nil { + return fmt.Errorf("parse proof: %w", err) + } + oldRoot, err := fmtio.HashFromHex(optOldRoot) + if err != nil { + return fmt.Errorf("parse old root: %w", err) + } + newRoot, err := fmtio.HashFromHex(optNewRoot) + if err != nil { + return fmt.Errorf("parse new root: %w", err) + } + if err := proof.Verify(&oldRoot, &newRoot); err != nil { + return fmt.Errorf("verify: %w", err) + } + return nil } diff --git a/cmd/sigsum-debug/head/sign/sign.go b/cmd/sigsum-debug/head/sign/sign.go index 572af9a..6369d21 100644 --- a/cmd/sigsum-debug/head/sign/sign.go +++ b/cmd/sigsum-debug/head/sign/sign.go @@ -22,7 +22,7 @@ func Main(args []string, optPrivateKey, optKeyHash string) error { if err != nil { return fmt.Errorf("parse private key: %v", err) } - keyHash, err := fmtio.KeyHashFromHex(optKeyHash) + keyHash, err := fmtio.HashFromHex(optKeyHash) if err != nil { return fmt.Errorf("parse key hash: %v", err) } diff --git a/cmd/sigsum-debug/leaf/hash/hash.go b/cmd/sigsum-debug/leaf/hash/hash.go index 4fd471c..a6fe1ad 100644 --- a/cmd/sigsum-debug/leaf/hash/hash.go +++ b/cmd/sigsum-debug/leaf/hash/hash.go @@ -18,7 +18,7 @@ func Main(args []string, optKeyHash, optSignature string, optShardHint uint64) e if err != nil { return fmt.Errorf("read stdin: %w", err) } - keyHash, err := fmtio.KeyHashFromHex(optKeyHash) + keyHash, err := fmtio.HashFromHex(optKeyHash) if err != nil { return fmt.Errorf("parse key hash: %w", err) } diff --git a/cmd/sigsum-debug/leaf/inclusion/inclusion.go b/cmd/sigsum-debug/leaf/inclusion/inclusion.go index f9aeb68..e70b3eb 100644 --- a/cmd/sigsum-debug/leaf/inclusion/inclusion.go +++ b/cmd/sigsum-debug/leaf/inclusion/inclusion.go @@ -1,9 +1,35 @@ package inclusion import ( + "bytes" "fmt" + + "git.sigsum.org/sigsum-go/internal/fmtio" + "git.sigsum.org/sigsum-go/pkg/types" ) func Main(args []string, optLeafHash, optRootHash string, optTreeSize uint64) error { - return fmt.Errorf("TODO") + if len(args) != 0 { + return fmt.Errorf("trailing arguments: %v", args) + } + b, err := fmtio.BytesFromStdin() + if err != nil { + return fmt.Errorf("read: %w", err) + } + var proof types.InclusionProof + if err := proof.FromASCII(bytes.NewBuffer(b), optTreeSize); err != nil { + return fmt.Errorf("parse proof: %w", err) + } + leafHash, err := fmtio.HashFromHex(optLeafHash) + if err != nil { + return fmt.Errorf("parse leaf hash: %w", err) + } + rootHash, err := fmtio.HashFromHex(optRootHash) + if err != nil { + return fmt.Errorf("parse root hash: %w", err) + } + if err := proof.Verify(&leafHash, &rootHash); err != nil { + return fmt.Errorf("verify: %w", err) + } + return nil } diff --git a/internal/fmtio/fmtio.go b/internal/fmtio/fmtio.go index 84b1265..9d86917 100644 --- a/internal/fmtio/fmtio.go +++ b/internal/fmtio/fmtio.go @@ -55,7 +55,7 @@ func PublicKeyFromHex(s string) (pub types.PublicKey, err error) { return } -func KeyHashFromHex(s string) (h merkle.Hash, err error) { +func HashFromHex(s string) (h merkle.Hash, err error) { b, err := hex.Deserialize(s) if err != nil { return h, err -- cgit v1.2.3