diff --git a/client/log_verifier.go b/client/log_verifier.go index 7dd5a4b383..3154e1412a 100644 --- a/client/log_verifier.go +++ b/client/log_verifier.go @@ -21,6 +21,7 @@ import ( "github.com/google/trillian" "github.com/google/trillian/types" "github.com/transparency-dev/merkle" + "github.com/transparency-dev/merkle/proof" "github.com/transparency-dev/merkle/rfc6962" ) @@ -30,15 +31,11 @@ import ( type LogVerifier struct { // hasher is the hash strategy used to compute nodes in the Merkle tree. hasher merkle.LogHasher - v merkle.LogVerifier } // NewLogVerifier returns an object that can verify output from Trillian Logs. func NewLogVerifier(hasher merkle.LogHasher) *LogVerifier { - return &LogVerifier{ - hasher: hasher, - v: merkle.NewLogVerifier(hasher), - } + return &LogVerifier{hasher: hasher} } // NewLogVerifierFromTree creates a new LogVerifier using the algorithms @@ -73,7 +70,7 @@ func (c *LogVerifier) VerifyRoot(trusted *types.LogRootV1, newRoot *trillian.Sig // Implicitly trust the first root we get. if trusted.TreeSize != 0 { // Verify consistency proof. - if err := c.v.VerifyConsistency(trusted.TreeSize, r.TreeSize, trusted.RootHash, r.RootHash, consistency); err != nil { + if err := proof.VerifyConsistency(c.hasher, trusted.TreeSize, r.TreeSize, consistency, trusted.RootHash, r.RootHash); err != nil { return nil, fmt.Errorf("failed to verify consistency proof from %d->%d %x->%x: %v", trusted.TreeSize, r.TreeSize, trusted.RootHash, r.RootHash, err) } } @@ -82,15 +79,15 @@ func (c *LogVerifier) VerifyRoot(trusted *types.LogRootV1, newRoot *trillian.Sig // VerifyInclusionByHash verifies that the inclusion proof for the given Merkle leafHash // matches the given trusted root. -func (c *LogVerifier) VerifyInclusionByHash(trusted *types.LogRootV1, leafHash []byte, proof *trillian.Proof) error { +func (c *LogVerifier) VerifyInclusionByHash(trusted *types.LogRootV1, leafHash []byte, pf *trillian.Proof) error { if trusted == nil { return fmt.Errorf("VerifyInclusionByHash() error: trusted == nil") } - if proof == nil { + if pf == nil { return fmt.Errorf("VerifyInclusionByHash() error: proof == nil") } - return c.v.VerifyInclusion(uint64(proof.LeafIndex), trusted.TreeSize, leafHash, proof.Hashes, trusted.RootHash) + return proof.VerifyInclusion(c.hasher, uint64(pf.LeafIndex), trusted.TreeSize, leafHash, pf.Hashes, trusted.RootHash) } // BuildLeaf runs the leaf hasher over data and builds a leaf. diff --git a/docs/merkletree/treetex/main.go b/docs/merkletree/treetex/main.go index 8fd7cf982d..d843716a92 100644 --- a/docs/merkletree/treetex/main.go +++ b/docs/merkletree/treetex/main.go @@ -253,7 +253,7 @@ func perfectInner(prefix string, id compact.NodeID, top bool, nodeText nodeTextF // renderTree renders a tree node and recurses if necessary. func renderTree(prefix string, size uint64, nodeText, dataText nodeTextFunc) { // Get root IDs of all perfect subtrees. - ids := compact.RangeNodes(0, size) + ids := compact.RangeNodes(0, size, nil) for i, id := range ids { if i+1 < len(ids) { ephem := id.Parent() @@ -314,7 +314,7 @@ func modifyRangeNodeInfo() error { }) } - for _, id := range compact.RangeNodes(l, r) { + for _, id := range compact.RangeNodes(l, r, nil) { modifyNodeInfo(id, func(n *nodeInfo) { n.rangeIndices = append(n.rangeIndices, ri) }) diff --git a/go.mod b/go.mod index 496d10bab4..a529a466fd 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/prometheus/client_golang v1.12.1 github.com/prometheus/client_model v0.2.0 github.com/pseudomuto/protoc-gen-doc v1.5.1 - github.com/transparency-dev/merkle v0.0.0-20220411132142-cfdaeb1822ee + github.com/transparency-dev/merkle v0.0.0-20220425113829-c120179f55ad go.etcd.io/etcd/client/v3 v3.5.2 go.etcd.io/etcd/etcdctl/v3 v3.5.2 go.etcd.io/etcd/server/v3 v3.5.2 diff --git a/go.sum b/go.sum index 424be215c5..d1f95e324b 100644 --- a/go.sum +++ b/go.sum @@ -794,8 +794,8 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20200427203606-3cfed13b9966/go.mod h1 github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802 h1:uruHq4dN7GR16kFc5fp3d1RIYzJW5onx8Ybykw2YQFA= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4= -github.com/transparency-dev/merkle v0.0.0-20220411132142-cfdaeb1822ee h1:zki8y/aKV+yDMeBy1Pd6LeC9msxz33cWj9QYXMqcOVA= -github.com/transparency-dev/merkle v0.0.0-20220411132142-cfdaeb1822ee/go.mod h1:B8FIw5LTq6DaULoHsVFRzYIUDkl8yuSwCdZnOZGKL/A= +github.com/transparency-dev/merkle v0.0.0-20220425113829-c120179f55ad h1:82yvTO+VijfWulMsMQvqQSZ0zNEAgmEUeBG+ArrO9Js= +github.com/transparency-dev/merkle v0.0.0-20220425113829-c120179f55ad/go.mod h1:B8FIw5LTq6DaULoHsVFRzYIUDkl8yuSwCdZnOZGKL/A= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= diff --git a/integration/log.go b/integration/log.go index bc9a651a49..37b2107bef 100644 --- a/integration/log.go +++ b/integration/log.go @@ -29,8 +29,8 @@ import ( "github.com/google/trillian/client/backoff" "github.com/google/trillian/internal/merkle/inmemory" "github.com/google/trillian/types" - "github.com/transparency-dev/merkle" "github.com/transparency-dev/merkle/compact" + "github.com/transparency-dev/merkle/proof" "github.com/transparency-dev/merkle/rfc6962" ) @@ -466,9 +466,8 @@ func checkInclusionProofsAtIndex(index int64, logID int64, tree *inmemory.Tree, // Verify inclusion proof. root := tree.HashAt(uint64(treeSize)) - verifier := merkle.NewLogVerifier(rfc6962.DefaultHasher) merkleLeafHash := tree.LeafHash(uint64(index)) - if err := verifier.VerifyInclusion(uint64(index), uint64(treeSize), merkleLeafHash, resp.Proof.Hashes, root); err != nil { + if err := proof.VerifyInclusion(rfc6962.DefaultHasher, uint64(index), uint64(treeSize), merkleLeafHash, resp.Proof.Hashes, root); err != nil { return err } } @@ -502,11 +501,10 @@ func checkConsistencyProof(consistParams consistencyProofParams, treeID int64, t return fmt.Errorf("requested tree size %d > available tree size %d", req.SecondTreeSize, root.TreeSize) } - verifier := merkle.NewLogVerifier(rfc6962.DefaultHasher) root1 := tree.HashAt(uint64(req.FirstTreeSize)) root2 := tree.HashAt(uint64(req.SecondTreeSize)) - return verifier.VerifyConsistency(uint64(req.FirstTreeSize), uint64(req.SecondTreeSize), - root1, root2, resp.Proof.Hashes) + return proof.VerifyConsistency(rfc6962.DefaultHasher, uint64(req.FirstTreeSize), uint64(req.SecondTreeSize), + resp.Proof.Hashes, root1, root2) } func buildMemoryMerkleTree(leafMap map[int64]*trillian.LogLeaf, params TestParameters) (*inmemory.Tree, error) { diff --git a/internal/merkle/inmemory/tree.go b/internal/merkle/inmemory/tree.go index bf82eee2d6..a6a8de4ece 100644 --- a/internal/merkle/inmemory/tree.go +++ b/internal/merkle/inmemory/tree.go @@ -86,7 +86,7 @@ func (t *Tree) HashAt(size uint64) []byte { if size == 0 { return t.hasher.EmptyRoot() } - hashes := t.getNodes(compact.RangeNodes(0, size)) + hashes := t.getNodes(compact.RangeNodes(0, size, nil)) hash := hashes[len(hashes)-1] for i := len(hashes) - 2; i >= 0; i-- { diff --git a/log/sequencer.go b/log/sequencer.go index 25c65f37eb..a34debef1d 100644 --- a/log/sequencer.go +++ b/log/sequencer.go @@ -105,7 +105,7 @@ func initCompactRangeFromStorage(ctx context.Context, root *types.LogRootV1, tx return fact.NewEmptyRange(0), nil } - ids := compact.RangeNodes(0, root.TreeSize) + ids := compact.RangeNodes(0, root.TreeSize, nil) nodes, err := tx.GetMerkleNodes(ctx, ids) if err != nil { return nil, fmt.Errorf("failed to read tree nodes: %v", err)