diff options
author | Magnus Ahltorp <map@kth.se> | 2015-03-04 17:12:30 +0100 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2015-03-04 17:12:30 +0100 |
commit | 15249d58b7a23bf323aa9b4865e1265e50917dd2 (patch) | |
tree | 9cd2859af1346901ff80f595a28c97ba91f3b360 /src/frontend.erl | |
parent | 9eaa1ef1b558043b809fd7c7f869128c186ec0e9 (diff) |
Save STH instead of calculating a new one each time.
Verify incoming STH.
Diffstat (limited to 'src/frontend.erl')
-rw-r--r-- | src/frontend.erl | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/src/frontend.erl b/src/frontend.erl index b2244de..68039c2 100644 --- a/src/frontend.erl +++ b/src/frontend.erl @@ -45,18 +45,30 @@ request(post, "ct/frontend/sendsth", Input) -> {struct, PropList} -> OldSize = db:size(), Treesize = proplists:get_value(<<"tree_size">>, PropList), + Timestamp = proplists:get_value(<<"timestamp">>, PropList), RootHash = base64:decode(proplists:get_value(<<"sha256_root_hash">>, PropList)), + Signature = base64:decode(proplists:get_value(<<"tree_head_signature">>, PropList)), Indexsize = db:indexsize(), if Treesize < OldSize -> html("Size is older than current size", OldSize); - Treesize == OldSize -> - success({[{result, <<"ok">>}]}); + Treesize == 0, OldSize == 0 -> + lager:debug("both old and new size is 0, saving sth"), + OwnRootHash = ht:root(-1), + case {plop:verify_sth(Treesize, Timestamp, RootHash, Signature), OwnRootHash} of + {true, RootHash} -> + ok = plop:save_sth({struct, PropList}), + success({[{result, <<"ok">>}]}); + {false, RootHash} -> + html("Verification failed", hex:bin_to_hexstr(RootHash)); + _ -> + html("Root hash not the same", hex:bin_to_hexstr(OwnRootHash)) + end; Treesize > Indexsize -> html("Has too few entries", Indexsize); true -> - NewEntries = db:leafhash_for_indices(OldSize, Treesize - 1), + NewEntries = get_new_entries(OldSize, Treesize), lager:debug("old size: ~p new size: ~p entries: ~p", [OldSize, Treesize, NewEntries]), @@ -66,10 +78,13 @@ request(post, "ct/frontend/sendsth", Input) -> [] -> ht:load_tree(Treesize - 1), OwnRootHash = ht:root(Treesize - 1), - case OwnRootHash of - RootHash -> + case {plop:verify_sth(Treesize, Timestamp, RootHash, Signature), OwnRootHash} of + {true, RootHash} -> ok = db:set_treesize(Treesize), + ok = plop:save_sth({struct, PropList}), success({[{result, <<"ok">>}]}); + {false, RootHash} -> + html("Verification failed", hex:bin_to_hexstr(RootHash)); _ -> html("Root hash not the same", hex:bin_to_hexstr(OwnRootHash)) end; @@ -91,6 +106,12 @@ request(get, "ct/frontend/missingentries", _Query) -> success({[{result, <<"ok">>}, {entries, lists:map(fun (Entry) -> base64:encode(Entry) end, Missing)}]}). + +get_new_entries(OldSize, Treesize) when OldSize < Treesize -> + db:leafhash_for_indices(OldSize, Treesize - 1); +get_new_entries(OldSize, Treesize) when OldSize == Treesize -> + []. + check_entries(Entries, Start, End) -> lists:foldl(fun ({Hash, Index}, Acc) -> case check_entry(Hash, Index) of |