Google Git
Sign in
fuchsia / third_party / android / platform / external / avb / 0f8a71ca0d3ea172f57d3075a13dea65900b21f2^1..0f8a71ca0d3ea172f57d3075a13dea65900b21f2 / .
commit0f8a71ca0d3ea172f57d3075a13dea65900b21f2[log] [tgz]
authorJay Hou <jayhou@google.com>Tue Apr 05 20:01:14 2022 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Tue Apr 05 20:01:14 2022 +0000
tree1d6b18e0acaeee7938092042a927d29410c3acd5
parent6e440dc8ae7d13ffe76112632eb0267eb88eb9cb [diff]
parente0390aea76d68d8b8a615a10b840aa319daf21f1 [diff]
Refactor helper fuction to internal tiles package. am: 2f8e79327c am: 6fff6a0c7d am: c2abba1fcf am: e0390aea76

Original change: https://android-review.googlesource.com/c/platform/external/avb/+/2055334

Change-Id: Iaaa96dbf4ed2107d82f17a89cc6c3032a9d18e8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

diff --git a/tools/transparency/verify/cmd/verifier/verifier.go b/tools/transparency/verify/cmd/verifier/verifier.go
index d565f63..44ee32f 100644
--- a/tools/transparency/verify/cmd/verifier/verifier.go
+++ b/tools/transparency/verify/cmd/verifier/verifier.go

@@ -21,7 +21,6 @@
 
 import (
 	"bytes"
-	"crypto/sha256"
 	"flag"
 	"log"
 	"os"
@@ -96,7 +95,7 @@
 		log.Fatalf("error in tlog.ProveRecord: %v", err)
 	}
 
-	leafHash, err := payloadHash(payloadBytes)
+	leafHash, err := tiles.PayloadHash(payloadBytes)
 	if err != nil {
 		log.Fatalf("error hashing payload: %v", err)
 	}
@@ -108,12 +107,3 @@
 	}
 }
 
-// payloadHash returns the hash of the payload.
-func payloadHash(p []byte) (tlog.Hash, error) {
-	l := append([]byte{LeafHashPrefix}, p...)
-	h := sha256.Sum256(l)
-
-	var hash tlog.Hash
-	copy(hash[:], h[:])
-	return hash, nil
-}

diff --git a/tools/transparency/verify/internal/tiles/reader.go b/tools/transparency/verify/internal/tiles/reader.go
index b0993f1..f998f54 100644
--- a/tools/transparency/verify/internal/tiles/reader.go
+++ b/tools/transparency/verify/internal/tiles/reader.go

@@ -2,6 +2,7 @@
 package tiles
 
 import (
+	"crypto/sha256"
 	"errors"
 	"fmt"
 	"io"
@@ -20,6 +21,13 @@
 	URL string
 }
 
+
+// Domain separation prefix for Merkle tree hashing with second preimage
+// resistance similar to that used in RFC 6962.
+const (
+	leafHashPrefix = 0
+)
+
 // ReadHashes implements tlog.HashReader's ReadHashes.
 // See: https://pkg.go.dev/golang.org/x/mod/sumdb/tlog#HashReader.
 func (h HashReader) ReadHashes(indices []int64) ([]tlog.Hash, error) {
@@ -104,3 +112,13 @@
 
 	return io.ReadAll(resp.Body)
 }
+
+// PayloadHash returns the hash of the payload.
+func PayloadHash(p []byte) (tlog.Hash, error) {
+	l := append([]byte{leafHashPrefix}, p...)
+	h := sha256.Sum256(l)
+
+	var hash tlog.Hash
+	copy(hash[:], h[:])
+	return hash, nil
+}