consolidated methods

Signed-off-by: Victor Embacher <[email protected]>
sigstore · Jul 26, 2023 · 900423e · 900423e
1 parent c1eadee
commit 900423e
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 19 deletions.
diff --git a/src/rekor/models/checkpoint.rs b/src/rekor/models/checkpoint.rs
@@ -1,7 +1,7 @@
 use crate::crypto::merkle::{MerkleProofVerifier, Rfc6269Default};
 use crate::crypto::{CosignVerificationKey, Signature};
 use crate::errors::SigstoreError;
-use crate::errors::SigstoreError::{ConsistencyProofError, UnexpectedError};
+use crate::errors::SigstoreError::ConsistencyProofError;
 use crate::rekor::models::checkpoint::ParseCheckpointError::*;
 use base64::prelude::BASE64_STANDARD;
 use base64::Engine;
@@ -158,7 +158,7 @@ impl SignedCheckpoint {
     }
 
     /// Checks if the checkpoint and inclusion proof are valid together.
-    pub(crate) fn valid_consistency_proof(
+    pub(crate) fn is_valid_for_proof(
         &self,
         proof_root_hash: &Output<Rfc6269Default>,
         proof_tree_size: u64,
@@ -173,18 +173,6 @@ impl SignedCheckpoint {
         )
         .map_err(ConsistencyProofError)
     }
-
-    /// Verifies that the checkpoint can be used for an inclusion proof with this root hash.
-    pub(crate) fn valid_inclusion_proof(
-        &self,
-        proof_root_hash: &Output<Rfc6269Default>,
-    ) -> Result<(), SigstoreError> {
-        Rfc6269Default::verify_match(proof_root_hash, &self.note.hash.into()).map_err(|_| {
-            UnexpectedError(
-                "consistency proof root hash does not match checkpoint root hash".to_string(),
-            )
-        })
-    }
 }
 
 impl Serialize for SignedCheckpoint {

diff --git a/src/rekor/models/inclusion_proof.rs b/src/rekor/models/inclusion_proof.rs
@@ -80,7 +80,7 @@ impl InclusionProof {
         let root_hash = hex_to_hash_output(&self.root_hash)?;
 
         // check if the inclusion and checkpoint match
-        checkpoint.valid_inclusion_proof(&root_hash)?;
+        checkpoint.is_valid_for_proof(&root_hash, self.tree_size as u64)?;
 
         Rfc6269Default::verify_inclusion(
             self.log_index as usize,

diff --git a/src/rekor/models/log_info.rs b/src/rekor/models/log_info.rs
@@ -59,10 +59,8 @@ impl LogInfo {
         // verify checkpoint is signed by log
         self.signed_tree_head.verify_signature(rekor_key)?;
 
-        self.signed_tree_head.valid_consistency_proof(
-            &hex_to_hash_output(&self.root_hash)?,
-            self.tree_size as u64,
-        )?;
+        self.signed_tree_head
+            .is_valid_for_proof(&hex_to_hash_output(&self.root_hash)?, self.tree_size as u64)?;
         consistency_proof.verify(old_size, old_root, self.tree_size as _)?;
         Ok(())
     }