Refactor helper fuction to internal tiles package. am: 2f8e79327c am: 6fff6a0c7d am: c2abba1fcf am: e0390aea76
Original change: https://android-review.googlesource.com/c/platform/external/avb/+/2055334
Change-Id: Iaaa96dbf4ed2107d82f17a89cc6c3032a9d18e8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/tools/transparency/verify/cmd/verifier/verifier.go b/tools/transparency/verify/cmd/verifier/verifier.go
index d565f63..44ee32f 100644
--- a/tools/transparency/verify/cmd/verifier/verifier.go
+++ b/tools/transparency/verify/cmd/verifier/verifier.go
@@ -21,7 +21,6 @@
import (
"bytes"
- "crypto/sha256"
"flag"
"log"
"os"
@@ -96,7 +95,7 @@
log.Fatalf("error in tlog.ProveRecord: %v", err)
}
- leafHash, err := payloadHash(payloadBytes)
+ leafHash, err := tiles.PayloadHash(payloadBytes)
if err != nil {
log.Fatalf("error hashing payload: %v", err)
}
@@ -108,12 +107,3 @@
}
}
-// payloadHash returns the hash of the payload.
-func payloadHash(p []byte) (tlog.Hash, error) {
- l := append([]byte{LeafHashPrefix}, p...)
- h := sha256.Sum256(l)
-
- var hash tlog.Hash
- copy(hash[:], h[:])
- return hash, nil
-}
diff --git a/tools/transparency/verify/internal/tiles/reader.go b/tools/transparency/verify/internal/tiles/reader.go
index b0993f1..f998f54 100644
--- a/tools/transparency/verify/internal/tiles/reader.go
+++ b/tools/transparency/verify/internal/tiles/reader.go
@@ -2,6 +2,7 @@
package tiles
import (
+ "crypto/sha256"
"errors"
"fmt"
"io"
@@ -20,6 +21,13 @@
URL string
}
+
+// Domain separation prefix for Merkle tree hashing with second preimage
+// resistance similar to that used in RFC 6962.
+const (
+ leafHashPrefix = 0
+)
+
// ReadHashes implements tlog.HashReader's ReadHashes.
// See: https://pkg.go.dev/golang.org/x/mod/sumdb/tlog#HashReader.
func (h HashReader) ReadHashes(indices []int64) ([]tlog.Hash, error) {
@@ -104,3 +112,13 @@
return io.ReadAll(resp.Body)
}
+
+// PayloadHash returns the hash of the payload.
+func PayloadHash(p []byte) (tlog.Hash, error) {
+ l := append([]byte{leafHashPrefix}, p...)
+ h := sha256.Sum256(l)
+
+ var hash tlog.Hash
+ copy(hash[:], h[:])
+ return hash, nil
+}