Skip to content
Permalink
Browse files

Remove objecthash dependency (#1441)

The last use of object hash was used to pin the config in the
gobindclient. Rather than hashing the config, future versions of the
client should either build in a static config, or supply it direclty
  • Loading branch information
gdbelvin committed Jan 23, 2020
1 parent ad57ca8 commit d8831a262e161cf6ea967e1c1a8d1da3988fe249
Showing with 3 additions and 22 deletions.
  1. +3 −19 core/client/gobindclient/client.go
  2. +0 −1 go.mod
  3. +0 −2 go.sum
@@ -17,7 +17,6 @@
package gobindclient

import (
"bytes"
"context"
"crypto/tls"
"crypto/x509"
@@ -32,7 +31,6 @@ import (
"github.com/google/keytransparency/core/client/tracker"
"github.com/google/keytransparency/core/client/verifier"

"github.com/benlaurie/objecthash/go/objecthash"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"

@@ -72,7 +70,7 @@ func SetTimeout(ms int32) {
}

// AddKtServer creates a new grpc client to handle connections to the ktURL server and adds it to the global map of clients.
func AddKtServer(ktURL string, insecureTLS bool, ktTLSCertPEM []byte, directoryInfoHash []byte) error {
func AddKtServer(ktURL string, insecureTLS bool, ktTLSCertPEM []byte) error {
if _, exists := clients[ktURL]; exists {
return fmt.Errorf("the KtServer connection for %v already exists", ktURL)
}
@@ -93,22 +91,8 @@ func AddKtServer(ktURL string, insecureTLS bool, ktTLSCertPEM []byte, directoryI
return fmt.Errorf("error getting config: %v", err)
}

if len(directoryInfoHash) == 0 {
Vlog.Print("Warning: no directoryInfoHash provided. Key material from the server will be trusted.")
} else {
cj, err := objecthash.CommonJSONify(config)
if err != nil {
return fmt.Errorf("commonJSONify(): %v", err)
}
got, err := objecthash.ObjectHash(cj)
if err != nil {
return fmt.Errorf("objectHash(): %v", err)
}
if !bytes.Equal(got[:], directoryInfoHash) {
return fmt.Errorf("server %v returned a directoryInfoResponse inconsistent with the provided directoryInfoHash",
ktURL)
}
}
// TODO(gbelvin): Supply the config externally so that it can be built into the client.
Vlog.Print("Warning: Key material from the server will be trusted.")

client, err := client.NewFromConfig(ktClient, config,
func(lv *tclient.LogVerifier) verifier.LogTracker { return tracker.NewSynchronous(lv) },
1 go.mod
@@ -7,7 +7,6 @@ require (
cloud.google.com/go/spanner v1.1.0 // indirect
github.com/Masterminds/semver v1.5.0 // indirect
github.com/Masterminds/sprig v2.22.0+incompatible // indirect
github.com/benlaurie/objecthash v0.0.0-20180202135721-d1e3d6079fc1
github.com/bombsimon/wsl v1.2.8 // indirect
github.com/cespare/xxhash/v2 v2.1.1 // indirect
github.com/coreos/etcd v3.3.17+incompatible // indirect
2 go.sum
@@ -57,8 +57,6 @@ github.com/aws/aws-sdk-go v1.19.49 h1:GUlenK625g5iKrIiRcqRS/CvPMLc8kZRtMxXuXBhFx
github.com/aws/aws-sdk-go v1.19.49/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.25.39 h1:1xxya3nsUaFlEZuoE5PWsIEd47RoDV/kkOGt0qEuwNw=
github.com/aws/aws-sdk-go v1.25.39/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/benlaurie/objecthash v0.0.0-20180202135721-d1e3d6079fc1 h1:VRtJdDi2lqc3MFwmouppm2jlm6icF+7H3WYKpLENMTo=
github.com/benlaurie/objecthash v0.0.0-20180202135721-d1e3d6079fc1/go.mod h1:jvdWlw8vowVGnZqSDC7yhPd7AifQeQbRDkZcQXV2nRg=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=

0 comments on commit d8831a2

Please sign in to comment.
You can’t perform that action at this time.