Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve filenames of unverified STHs 

Include the tree size in plain decimal, since it's more user-friendly.

Don't include tree size in hash (redundant now that we're storing it
outside of hash) or version (implied by signature).
This commit is contained in:
Andrew Ayer 2017-01-06 12:51:10 -08:00
parent 1719aa5d8e
commit d8b1877e8d
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/log_state.go
View File

@ -16,6 +16,7 @@ import (
"fmt" "fmt"
"os" "os"
"path/filepath" "path/filepath"
"strconv"
"strings" "strings"
"software.sslmate.com/src/certspotter" "software.sslmate.com/src/certspotter"
@ -31,15 +32,13 @@ func sthFilename (sth *ct.SignedTreeHead) string {
hasher := sha256.New() hasher := sha256.New()
switch sth.Version { switch sth.Version {
case ct.V1: case ct.V1:
binary.Write(hasher, binary.LittleEndian, sth.Version)
binary.Write(hasher, binary.LittleEndian, sth.TreeSize)
binary.Write(hasher, binary.LittleEndian, sth.Timestamp) binary.Write(hasher, binary.LittleEndian, sth.Timestamp)
binary.Write(hasher, binary.LittleEndian, sth.SHA256RootHash) binary.Write(hasher, binary.LittleEndian, sth.SHA256RootHash)
default: default:
panic(fmt.Sprintf("Unsupported STH version %d", sth.Version)) panic(fmt.Sprintf("Unsupported STH version %d", sth.Version))
} }
// For 6962-bis, we will need to handle a variable-length root hash, and include the signature in the filename hash (since signatures must be deterministic) // For 6962-bis, we will need to handle a variable-length root hash, and include the signature in the filename hash (since signatures must be deterministic)
return base64.RawURLEncoding.EncodeToString(hasher.Sum(nil)) return strconv.FormatUint(sth.TreeSize, 10) + "-" + base64.RawURLEncoding.EncodeToString(hasher.Sum(nil))
} }
func makeLogStateDir (logStatePath string) error { func makeLogStateDir (logStatePath string) error {