diff --git a/bao/bao.go b/bao/bao.go index 9e5e87b..21b9b40 100644 --- a/bao/bao.go +++ b/bao/bao.go @@ -22,6 +22,39 @@ var pluginBin []byte var bao Bao var client *plugin.Client +var _ io.ReadCloser = (*Verifier)(nil) + +var ErrVerifyFailed = errors.New("verification failed") + +type Verifier struct { + r io.ReadCloser + proof Result + read uint64 +} + +func (v Verifier) Read(p []byte) (n int, err error) { + var buf [VERIFY_CHUNK_SIZE]byte + + n, err = io.ReadAtLeast(v.r, buf[:], VERIFY_CHUNK_SIZE) + if err != nil { + return 0, err + } + + if !bao.Verify(buf[:n], v.read, v.proof.Proof, v.proof.Hash) { + return 0, ErrVerifyFailed + } + + v.read += uint64(n) + + copy(p, buf[:n]) + + return n, nil +} + +func (v Verifier) Close() error { + return v.r.Close() +} + func init() { temp, err := os.CreateTemp(os.TempDir(), "bao") if err != nil { @@ -110,3 +143,7 @@ func Hash(r io.Reader) (*Result, error) { return &result, nil } + +func NewVerifier(r io.ReadCloser, proof Result) *Verifier { + return &Verifier{r: r, proof: proof} +}