Skip to content
Snippets Groups Projects
Unverified Commit 5b530723 authored by Luke Hinds's avatar Luke Hinds Committed by GitHub
Browse files

Merge pull request #17 from dlorenc/proof 

Proof
parents 0f5db9dd fd863402
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
cmd/add.go
+ 0
1
View file @ 5b530723
...@@ -97,7 +97,6 @@ For more information, visit [domain]`, ...@@ -97,7 +97,6 @@ For more information, visit [domain]`,
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
fmt.Println(string(content)) fmt.Println(string(content))
}, },
} }
......
cmd/get.go
+ 45
2
View file @ 5b530723
...@@ -17,17 +17,32 @@ package cmd ...@@ -17,17 +17,32 @@ package cmd
import ( import (
"context" "context"
"crypto"
"crypto/x509"
"encoding/json"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"time" "time"
tcrypto "github.com/google/trillian/crypto"
tclient "github.com/google/trillian/client"
"github.com/google/trillian"
"github.com/google/trillian/merkle"
"github.com/google/trillian/merkle/rfc6962"
"github.com/projectrekor/rekor-cli/log" "github.com/projectrekor/rekor-cli/log"
"github.com/spf13/viper" "github.com/spf13/viper"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )
type getProofResponse struct {
Proof *trillian.GetInclusionProofByHashResponse
Key []byte
}
// getCmd represents the get command // getCmd represents the get command
var getCmd = &cobra.Command{ var getCmd = &cobra.Command{
Use: "get", Use: "get",
...@@ -38,7 +53,7 @@ For more information, visit [domain]`, ...@@ -38,7 +53,7 @@ For more information, visit [domain]`,
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
log := log.Logger log := log.Logger
rekorServer := viper.GetString("rekor_server") rekorServer := viper.GetString("rekor_server")
url := rekorServer + "/api/v1/get" url := rekorServer + "/api/v1/getproof"
linkfile := viper.GetString("linkfile") linkfile := viper.GetString("linkfile")
// Set Context with Timeout for connects to thde log rpc server // Set Context with Timeout for connects to thde log rpc server
...@@ -63,12 +78,40 @@ For more information, visit [domain]`, ...@@ -63,12 +78,40 @@ For more information, visit [domain]`,
defer response.Body.Close() defer response.Body.Close()
content, err := ioutil.ReadAll(response.Body) content, err := ioutil.ReadAll(response.Body)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
fmt.Println(string(content)) fmt.Println(string(content))
resp := getProofResponse{}
if err := json.Unmarshal(content, &resp); err != nil {
log.Fatal(err)
}
pub, err := x509.ParsePKIXPublicKey(resp.Key)
if err != nil {
log.Fatal(err)
}
f, err := ioutil.ReadFile(linkfile)
if err != nil {
log.Fatal(err)
}
leafHash := rfc6962.DefaultHasher.HashLeaf(f)
verifier := tclient.NewLogVerifier(rfc6962.DefaultHasher, pub, crypto.SHA256)
root, err := tcrypto.VerifySignedLogRoot(verifier.PubKey, verifier.SigHash, resp.Proof.SignedLogRoot)
if err != nil {
log.Fatal(err)
}
v := merkle.NewLogVerifier(rfc6962.DefaultHasher)
proof := resp.Proof.Proof[0]
if err := v.VerifyInclusionProof(proof.LeafIndex, int64(root.TreeSize), proof.Hashes, root.RootHash, leafHash); err != nil {
log.Fatal(err)
}
log.Info("proof correct!")
}, },
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment