Add proof spec verification code

Author: ethanfrey

go/ops.go

@@ -27,6 +27,22 @@ func WrapInner(inner *InnerOp) *ProofOp {
 	}
 }
 
+func asLeaf(op *ProofOp) (*LeafOp, error) {
+	leaf, ok := op.Op.(*ProofOp_Leaf)
+	if !ok {
+		return nil, fmt.Errorf("op is not leaf")
+	}
+	return leaf.Leaf, nil
+}
+
+func asInner(op *ProofOp) (*InnerOp, error) {
+	inner, ok := op.Op.(*ProofOp_Inner)
+	if !ok {
+		return nil, fmt.Errorf("op is not inner")
+	}
+	return inner.Inner, nil
+}
+
 func (op *ProofOp) Apply(args ...[]byte) ([]byte, error) {
 	o := op.Op
 	switch o.(type) {

go/proof.go

@@ -1,6 +1,9 @@
 package proofs
 
-import fmt "fmt"
+import (
+	"bytes"
+	"fmt"
+)
 
 // Calculate determines the root hash that matches the given proof.
 // You must validate the result is what you have in a header.
@@ -10,19 +13,71 @@ func (p *ExistenceProof) Calculate() ([]byte, error) {
 		return nil, fmt.Errorf("Existence Proof needs at least one step")
 	}
 
-	first, rem := p.Steps[0], p.Steps[1:]
-	// first step takes the key and value as input
-	res, err := first.Apply(p.Key, p.Value)
+	leaf, inners := p.Steps[0], p.Steps[1:]
+	// leaf step takes the key and value as input
+	res, err := leaf.Apply(p.Key, p.Value)
 	if err != nil {
 		return nil, err
 	}
 
 	// the rest just take the output of the last step (reducing it)
-	for _, step := range rem {
+	for _, step := range inners {
 		res, err = step.Apply(res)
 		if err != nil {
 			return nil, err
 		}
 	}
 	return res, nil
 }
+
+func (p *ExistenceProof) ValidSpec(spec *ProofSpec) error {
+	if len(p.Steps) == 0 {
+		return fmt.Errorf("Existence Proof needs at least one step")
+	}
+
+	leafOp, inners := p.Steps[0], p.Steps[1:]
+	leaf, err := asLeaf(leafOp)
+	if err != nil {
+		return err
+	}
+	err = p.checkLeaf(leaf, spec.LeafSpec)
+	if err != nil {
+		return err
+	}
+	for _, innerOp := range inners {
+		inner, err := asInner(innerOp)
+		if err != nil {
+			return err
+		}
+		if err := p.checkInner(inner, spec.LeafSpec.Prefix); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (p *ExistenceProof) checkLeaf(leaf *LeafOp, spec *LeafOp) error {
+	if leaf.Hash != spec.Hash {
+		return fmt.Errorf("Unexpected HashOp: %d", leaf.Hash)
+	}
+	if leaf.PrehashKey != spec.PrehashKey {
+		return fmt.Errorf("Unexpected PrehashKey: %d", leaf.PrehashKey)
+	}
+	if leaf.PrehashValue != spec.PrehashValue {
+		return fmt.Errorf("Unexpected PrehashValue: %d", leaf.PrehashValue)
+	}
+	if leaf.Length != spec.Length {
+		return fmt.Errorf("Unexpected LengthOp: %d", leaf.Length)
+	}
+	if !bytes.HasPrefix(leaf.Prefix, spec.Prefix) {
+		return fmt.Errorf("Leaf Prefix doesn't start with %X", spec.Prefix)
+	}
+	return nil
+}
+
+func (p *ExistenceProof) checkInner(inner *InnerOp, leafPrefix []byte) error {
+	if bytes.HasPrefix(inner.Prefix, leafPrefix) {
+		return fmt.Errorf("Inner Prefix starts with %X", leafPrefix)
+	}
+	return nil
+}

go/proofs.pb.go

@@ -142,7 +142,4 @@ message ProofSpec {
   // any field in the ExistenceProof must be the same as in this spec.
   // except Prefix, which is just the first bytes of prefix (spec can be longer) 
   LeafOp leaf_spec = 1;
-  // the minimum length of a prefix in an InnerOp
-  // note that the prefix *must not* start with the same bytes as leaf_spec.prefix
-  int32 min_inner_prefix = 2;
 }