Use ct.SHA256Hash for log ID rather than []byte

This commit is contained in:
Andrew Ayer 2021-04-30 17:04:16 -04:00
parent 2cccf67601
commit a147970db8
5 changed files with 16 additions and 16 deletions

View File

@ -162,7 +162,7 @@ func (state *State) SaveCert(isPrecert bool, certs [][]byte) (bool, string, erro
}
func (state *State) OpenLogState(logInfo *loglist.Log) (*LogState, error) {
return OpenLogState(filepath.Join(state.path, "logs", base64.RawURLEncoding.EncodeToString(logInfo.LogID)))
return OpenLogState(filepath.Join(state.path, "logs", base64.RawURLEncoding.EncodeToString(logInfo.LogID[:])))
}
func (state *State) GetLegacySTH(logInfo *loglist.Log) (*ct.SignedTreeHead, error) {

View File

@ -10,7 +10,6 @@
package loglist
import (
"encoding/base64"
"time"
)
@ -25,7 +24,7 @@ func (list *List) AllLogs() []*Log {
}
func (log *Log) LogIDString() string {
return base64.StdEncoding.EncodeToString(log.LogID)
return log.LogID.Base64String()
}
func (log *Log) AcceptsExpiration(expiration time.Time) bool {

View File

@ -11,6 +11,8 @@ package loglist
import (
"time"
"software.sslmate.com/src/certspotter/ct"
)
type List struct {
@ -26,7 +28,7 @@ type Operator struct {
type Log struct {
Key []byte `json:"key"`
LogID []byte `json:"log_id"`
LogID ct.SHA256Hash `json:"log_id"`
MMD int `json:"mmd"`
URL string `json:"url"`
Description string `json:"description"`

View File

@ -10,7 +10,6 @@
package loglist
import (
"bytes"
"crypto/sha256"
"fmt"
)
@ -35,7 +34,7 @@ func (operator *Operator) Validate() error {
func (log *Log) Validate() error {
realLogID := sha256.Sum256(log.Key)
if !bytes.Equal(log.LogID, realLogID[:]) {
if log.LogID != realLogID {
return fmt.Errorf("log ID does not match log key")
}
return nil

View File

@ -63,7 +63,7 @@ type Scanner struct {
// Public key of the log
publicKey crypto.PublicKey
LogId []byte
LogId ct.SHA256Hash
// Client used to talk to the CT log instance
logClient *client.LogClient
@ -207,7 +207,7 @@ func (s *Scanner) GetSTH() (*ct.SignedTreeHead, error) {
return nil, errors.New("STH signature is invalid: " + err.Error())
}
}
copy(latestSth.LogID[:], s.LogId)
latestSth.LogID = s.LogId
return latestSth, nil
}
@ -311,7 +311,7 @@ func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCall
// Creates a new Scanner instance using |client| to talk to the log, and taking
// configuration options from |opts|.
func NewScanner(logUri string, logId []byte, publicKey crypto.PublicKey, opts *ScannerOptions) *Scanner {
func NewScanner(logUri string, logId ct.SHA256Hash, publicKey crypto.PublicKey, opts *ScannerOptions) *Scanner {
var scanner Scanner
scanner.LogUri = logUri
scanner.LogId = logId