diff options
author | Jay Hou <jayhou@google.com> | 2022-04-05 20:01:14 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-04-05 20:01:14 +0000 |
commit | 0f8a71ca0d3ea172f57d3075a13dea65900b21f2 (patch) | |
tree | 1d6b18e0acaeee7938092042a927d29410c3acd5 | |
parent | 6e440dc8ae7d13ffe76112632eb0267eb88eb9cb (diff) | |
parent | e0390aea76d68d8b8a615a10b840aa319daf21f1 (diff) | |
download | avb-0f8a71ca0d3ea172f57d3075a13dea65900b21f2.tar.gz |
Refactor helper fuction to internal tiles package. am: 2f8e79327c am: 6fff6a0c7d am: c2abba1fcf am: e0390aea76
Original change: https://android-review.googlesource.com/c/platform/external/avb/+/2055334
Change-Id: Iaaa96dbf4ed2107d82f17a89cc6c3032a9d18e8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | tools/transparency/verify/cmd/verifier/verifier.go | 12 | ||||
-rw-r--r-- | tools/transparency/verify/internal/tiles/reader.go | 18 |
2 files changed, 19 insertions, 11 deletions
diff --git a/tools/transparency/verify/cmd/verifier/verifier.go b/tools/transparency/verify/cmd/verifier/verifier.go index d565f63..44ee32f 100644 --- a/tools/transparency/verify/cmd/verifier/verifier.go +++ b/tools/transparency/verify/cmd/verifier/verifier.go @@ -21,7 +21,6 @@ package main import ( "bytes" - "crypto/sha256" "flag" "log" "os" @@ -96,7 +95,7 @@ func main() { log.Fatalf("error in tlog.ProveRecord: %v", err) } - leafHash, err := payloadHash(payloadBytes) + leafHash, err := tiles.PayloadHash(payloadBytes) if err != nil { log.Fatalf("error hashing payload: %v", err) } @@ -108,12 +107,3 @@ func main() { } } -// payloadHash returns the hash of the payload. -func payloadHash(p []byte) (tlog.Hash, error) { - l := append([]byte{LeafHashPrefix}, p...) - h := sha256.Sum256(l) - - var hash tlog.Hash - copy(hash[:], h[:]) - return hash, nil -} diff --git a/tools/transparency/verify/internal/tiles/reader.go b/tools/transparency/verify/internal/tiles/reader.go index b0993f1..f998f54 100644 --- a/tools/transparency/verify/internal/tiles/reader.go +++ b/tools/transparency/verify/internal/tiles/reader.go @@ -2,6 +2,7 @@ package tiles import ( + "crypto/sha256" "errors" "fmt" "io" @@ -20,6 +21,13 @@ type HashReader struct { URL string } + +// Domain separation prefix for Merkle tree hashing with second preimage +// resistance similar to that used in RFC 6962. +const ( + leafHashPrefix = 0 +) + // ReadHashes implements tlog.HashReader's ReadHashes. // See: https://pkg.go.dev/golang.org/x/mod/sumdb/tlog#HashReader. func (h HashReader) ReadHashes(indices []int64) ([]tlog.Hash, error) { @@ -104,3 +112,13 @@ func readFromURL(base, suffix string) ([]byte, error) { return io.ReadAll(resp.Body) } + +// PayloadHash returns the hash of the payload. +func PayloadHash(p []byte) (tlog.Hash, error) { + l := append([]byte{leafHashPrefix}, p...) + h := sha256.Sum256(l) + + var hash tlog.Hash + copy(hash[:], h[:]) + return hash, nil +} |