Add MakeMerkleTreeBuilder

This commit is contained in:
Andrew Ayer 2016-11-25 20:13:17 -08:00
parent adce61e035
commit 0bd48084f0
1 changed files with 35 additions and 0 deletions

View File

@ -14,6 +14,7 @@ package certspotter
import ( import (
// "container/list" // "container/list"
"bytes"
"crypto" "crypto"
"errors" "errors"
"fmt" "fmt"
@ -232,6 +233,40 @@ func (s *Scanner) CheckConsistency(first *ct.SignedTreeHead, second *ct.SignedTr
return valid, treeBuilder, proof, nil return valid, treeBuilder, proof, nil
} }
func (s *Scanner) MakeMerkleTreeBuilder(sth *ct.SignedTreeHead) (*MerkleTreeBuilder, error) {
if sth.TreeSize == 0 {
return &MerkleTreeBuilder{}, nil
}
entries, err := s.logClient.GetEntries(int64(sth.TreeSize - 1), int64(sth.TreeSize - 1))
if err != nil {
return nil, err
}
if len(entries) == 0 {
return nil, fmt.Errorf("Log did not return entry %d", sth.TreeSize - 1)
}
leafHash := hashLeaf(entries[0].LeafBytes)
var builder *MerkleTreeBuilder
if sth.TreeSize > 1 {
auditPath, _, err := s.logClient.GetAuditProof(leafHash, sth.TreeSize)
if err != nil {
return nil, err
}
reverseHashes(auditPath)
builder = &MerkleTreeBuilder{size: sth.TreeSize - 1, stack: auditPath}
} else {
builder = &MerkleTreeBuilder{size: 0}
}
builder.Add(leafHash)
if !bytes.Equal(builder.CalculateRoot(), sth.SHA256RootHash[:]) {
return nil, fmt.Errorf("Calculated root hash does not match signed tree head at size %d", sth.TreeSize)
}
return builder, nil
}
func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCallback, treeBuilder *MerkleTreeBuilder) error { func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCallback, treeBuilder *MerkleTreeBuilder) error {
s.Log("Starting scan...") s.Log("Starting scan...")