Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor cleanup to improve encapsulation

This commit is contained in:
Andrew Ayer 2016-02-18 10:23:07 -08:00
parent b47d35a005
commit e91d7bacbd
3 changed files with 11 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
auditing.go
View File

@ -13,7 +13,7 @@ func reverseHashes (hashes []ct.MerkleTreeNode) {
} }
} }
func VerifyConsistencyProof (proof ct.ConsistencyProof, first *ct.SignedTreeHead, second *ct.SignedTreeHead) (bool, []ct.MerkleTreeNode) { func VerifyConsistencyProof (proof ct.ConsistencyProof, first *ct.SignedTreeHead, second *ct.SignedTreeHead) (bool, *MerkleTreeBuilder) {
if second.TreeSize < first.TreeSize { if second.TreeSize < first.TreeSize {
// Can't be consistent if tree got smaller // Can't be consistent if tree got smaller
return false, nil return false, nil
@ -97,7 +97,7 @@ func VerifyConsistencyProof (proof ct.ConsistencyProof, first *ct.SignedTreeHead
reverseHashes(leftHashes) reverseHashes(leftHashes)
return true, leftHashes return true, &MerkleTreeBuilder{stack: leftHashes, size: first.TreeSize}
} }
func hashLeaf (leafBytes []byte) ct.MerkleTreeNode { func hashLeaf (leafBytes []byte) ct.MerkleTreeNode {
@ -120,13 +120,6 @@ type MerkleTreeBuilder struct {
size uint64 // number of hashes added so far size uint64 // number of hashes added so far
} }
func ResumedMerkleTreeBuilder (hashes []ct.MerkleTreeNode, size uint64) *MerkleTreeBuilder {
return &MerkleTreeBuilder{
stack: hashes,
size: size,
}
}
func (builder *MerkleTreeBuilder) Add (hash ct.MerkleTreeNode) { func (builder *MerkleTreeBuilder) Add (hash ct.MerkleTreeNode) {
builder.stack = append(builder.stack, hash) builder.stack = append(builder.stack, hash)
builder.size++ builder.size++

10
cmd/common.go
View File

@ -13,7 +13,6 @@ import (
"path/filepath" "path/filepath"
"src.agwa.name/ctwatch" "src.agwa.name/ctwatch"
"github.com/google/certificate-transparency/go/client"
) )
var batchSize = flag.Int("batch_size", 1000, "Max number of entries to request at per call to get-entries") var batchSize = flag.Int("batch_size", 1000, "Max number of entries to request at per call to get-entries")
@ -133,14 +132,13 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
os.Exit(3) os.Exit(3)
} }
logClient := client.New(logUri)
opts := ctwatch.ScannerOptions{ opts := ctwatch.ScannerOptions{
BatchSize: *batchSize, BatchSize: *batchSize,
NumWorkers: *numWorkers, NumWorkers: *numWorkers,
ParallelFetch: *parallelFetch, ParallelFetch: *parallelFetch,
Quiet: !*verbose, Quiet: !*verbose,
} }
scanner := ctwatch.NewScanner(logUri, logKey, logClient, opts) scanner := ctwatch.NewScanner(logUri, logKey, opts)
latestSTH, err := scanner.GetSTH() latestSTH, err := scanner.GetSTH()
if err != nil { if err != nil {
@ -161,7 +159,9 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
if latestSTH.TreeSize > startIndex { if latestSTH.TreeSize > startIndex {
var treeBuilder *ctwatch.MerkleTreeBuilder var treeBuilder *ctwatch.MerkleTreeBuilder
if prevSTH != nil { if prevSTH != nil {
valid, nodes, err := scanner.CheckConsistency(prevSTH, latestSTH) var valid bool
var err error
valid, treeBuilder, err = scanner.CheckConsistency(prevSTH, latestSTH)
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "%s: Error fetching consistency proof: %s: %s\n", os.Args[0], logUri, err) fmt.Fprintf(os.Stderr, "%s: Error fetching consistency proof: %s: %s\n", os.Args[0], logUri, err)
exitCode = 1 exitCode = 1
@ -172,8 +172,6 @@ func Main (argStateDir string, processCallback ctwatch.ProcessCallback) {
exitCode = 1 exitCode = 1
continue continue
} }
treeBuilder = ctwatch.ResumedMerkleTreeBuilder(nodes, prevSTH.TreeSize)
} else { } else {
treeBuilder = &ctwatch.MerkleTreeBuilder{} treeBuilder = &ctwatch.MerkleTreeBuilder{}
} }

10
scanner.go
View File

@ -185,7 +185,7 @@ func (s *Scanner) GetSTH() (*ct.SignedTreeHead, error) {
return latestSth, nil return latestSth, nil
} }
func (s *Scanner) CheckConsistency(first *ct.SignedTreeHead, second *ct.SignedTreeHead) (bool, []ct.MerkleTreeNode, error) { func (s *Scanner) CheckConsistency(first *ct.SignedTreeHead, second *ct.SignedTreeHead) (bool, *MerkleTreeBuilder, error) {
var proof ct.ConsistencyProof var proof ct.ConsistencyProof
if first.TreeSize > second.TreeSize { if first.TreeSize > second.TreeSize {
@ -203,8 +203,8 @@ func (s *Scanner) CheckConsistency(first *ct.SignedTreeHead, second *ct.SignedTr
} }
} }
valid, builderNodes := VerifyConsistencyProof(proof, first, second) valid, treeBuilder := VerifyConsistencyProof(proof, first, second)
return valid, builderNodes, nil return valid, treeBuilder, nil
} }
func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCallback, treeBuilder *MerkleTreeBuilder) error { func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCallback, treeBuilder *MerkleTreeBuilder) error {
@ -268,11 +268,11 @@ func (s *Scanner) Scan(startIndex int64, endIndex int64, processCert ProcessCall
// Creates a new Scanner instance using |client| to talk to the log, and taking // Creates a new Scanner instance using |client| to talk to the log, and taking
// configuration options from |opts|. // configuration options from |opts|.
func NewScanner(logUri string, publicKey crypto.PublicKey, client *client.LogClient, opts ScannerOptions) *Scanner { func NewScanner(logUri string, publicKey crypto.PublicKey, opts ScannerOptions) *Scanner {
var scanner Scanner var scanner Scanner
scanner.LogUri = logUri scanner.LogUri = logUri
scanner.publicKey = publicKey scanner.publicKey = publicKey
scanner.logClient = client scanner.logClient = client.New(logUri)
scanner.opts = opts scanner.opts = opts
return &scanner return &scanner
} }