diff options
| -rw-r--r-- | src/plop.erl | 57 | ||||
| -rw-r--r-- | src/plop.hrl | 36 | ||||
| -rw-r--r-- | src/test/plop_test.erl | 8 |
3 files changed, 47 insertions, 54 deletions
diff --git a/src/plop.erl b/src/plop.erl index 90a5249..4515d25 100644 --- a/src/plop.erl +++ b/src/plop.erl @@ -13,7 +13,8 @@ -export([start_link/0, start_link/2, stop/0]). -export([add/1, sth/0]). %% gen_server callbacks. --export([init/1, handle_call/3, terminate/2, handle_cast/2, handle_info/2, code_change/3]). +-export([init/1, handle_call/3, terminate/2, + handle_cast/2, handle_info/2, code_change/3]). -include("plop.hrl"). -include_lib("public_key/include/public_key.hrl"). @@ -79,22 +80,8 @@ handle_call(sth, _From, Plop = #plop{hashtree = Tree}) -> %%%%%%%%%%%%%%%%%%%% --spec serialise(plop_entry() | plop_data()) -> iolist(). -serialise(#plop_entry{type = EntryType, entry = Entry}) -> - [<<EntryType:16>>, Entry]; -serialise(#plop_data{version = Version, - signature_type = Sigtype, - timestamp = Timestamp, - entry = Entry}) -> - [<<Version:8, Sigtype:8, Timestamp:64>>, serialise(Entry)]. - %% @doc Signed Plop Timestamp according to RFC6962 3.2 and RFC5246 4.7. -spt(LogID, - PrivKey, - #plop_data{version = Version, % >= 1 - signature_type = Sigtype, % >= 0 - timestamp = Timestamp_in, - entry = Entry = #plop_entry{}}) when is_binary(LogID) -> +spt(LogID, PrivKey, Data = #plop_data{timestamp = Timestamp_in}) -> Timestamp = case Timestamp_in of now -> @@ -104,11 +91,7 @@ spt(LogID, + NowMicroSec / 1.0e3); _ -> Timestamp_in end, - BinToSign = list_to_binary( - serialise(#plop_data{version = Version, - signature_type = Sigtype, - timestamp = Timestamp, - entry = Entry})), + BinToSign = list_to_binary(serialise(Data)), %% Was going to just sign/3 the hash but looking at %% digitally_signed() in lib/ssl/src/ssl_handshake.erl it seems @@ -144,13 +127,31 @@ read_keyfile(Filename, Passphrase) -> public_key(#'RSAPrivateKey'{modulus = Mod, publicExponent = Exp}) -> #'RSAPublicKey'{modulus = Mod, publicExponent = Exp}. +-spec serialise(plop_data() | plop_entry()) -> iolist(). +serialise(#plop_data{version = Version, + signature_type = SigtypeAtom, + timestamp = Timestamp, + entry = Entry}) -> + Sigtype = signature_type(SigtypeAtom), + [<<Version:8, Sigtype:8, Timestamp:64>>, serialise(Entry)]; +serialise(#plop_entry{type = TypeAtom, data = Data}) -> + Type = entry_type(TypeAtom), + [<<Type:16>>, Data]. + +signature_type(certificate_timestamp) -> 0; +signature_type(tree_hash) -> 1; +signature_type(test) -> 2. +entry_type(x509) -> 0; +entry_type(precert) -> 1; +entry_type(test) -> 2. + %%%%%%%%%%%%%%%%%%%% %% Tests. serialise_test_() -> - Entry = #plop_entry{type = ?PLOP_ENTRY_TYPE_X509, entry = <<"foo">>}, - Entry_serialised = <<0:16, "foo">>, - [?_assertEqual(Entry_serialised, list_to_binary(serialise(Entry))), - ?_assertEqual(<<1:8, 0:8, 0:64, Entry_serialised/binary>>, - list_to_binary(serialise(#plop_data{signature_type = 0, - timestamp = 0, - entry = Entry})))]. + [?_assertEqual( + <<1:8, 0:8, 0:64, 0:16, "foo">>, + list_to_binary(serialise(#plop_data{ + signature_type = certificate_timestamp, + timestamp = 0, + entry = #plop_entry{type = x509, + data = <<"foo">>}})))]. diff --git a/src/plop.hrl b/src/plop.hrl index e96b401..bfd900b 100644 --- a/src/plop.hrl +++ b/src/plop.hrl @@ -1,27 +1,21 @@ -% TODO: move to plop.hrl? -%% -record(spt, { -%% version :: integer(), % 8_bit_int -%% logid :: binary(), % 32_bit_binary() sha256 hash -%% signed_data :: signed_data() -%% }). --define(PLOP_ENTRY_TYPE_X509, 0). --define(PLOP_ENTRY_TYPE_PRECERT, 1). --define(PLOP_ENTRY_TYPE_TEST, 2). --record(plop_entry, { - type = 0 :: integer(), % uint16 - entry = <<>> :: binary() - }). --type(plop_entry() :: #plop_entry{}). +%% A plop_entry has a type and some data. +%% A plop_data record has the meta data necessary for constructing a +%% signed timestamp. --define(PLOP_SIGTYPE_CERTIFICATE_TIMESTAMP, 0). --define(PLOP_SIGTYPE_TREE_HASH, 1). --define(PLOP_SIGTYPE_TEST, 2). -record(plop_data, { - version = 1 :: integer(), % uint8 - signature_type = 0 :: integer(), % uint8 - timestamp = now :: 'now' | integer(), % 'now' or uint64 + version = 1 :: integer(), + signature_type = certificate_timestamp :: certificate_timestamp | + tree_hash | + test, + timestamp = now :: 'now' | integer(), entry :: plop_entry() + }). +-record(plop_entry, { + type = x509 :: x509 | precert | test, + data = <<>> :: binary() }). + -type plop_data() :: #plop_data{}. +-type plop_entry() :: #plop_entry{}. --export_type([plop_entry/0, plop_data/0]). +-export_type([plop_data/0, plop_entry/0]). diff --git a/src/test/plop_test.erl b/src/test/plop_test.erl index 83b5240..b453301 100644 --- a/src/test/plop_test.erl +++ b/src/test/plop_test.erl @@ -34,11 +34,9 @@ test_add(_Pid) -> 84,193,120,213,10,25,198,189,197,147,117,151,103,12,6,1,80,37,237,125, 233,158,237,1,93,202,223,88,245,234,34,113,157,92,39,186,103,89,66,14, 78,168,208,141,78,183,57,28,196,252,251,249,153,203>>, - Entry = #plop_entry{type = ?PLOP_ENTRY_TYPE_TEST, - entry = <<"some data">>}, - PlopData = #plop_data{signature_type = ?PLOP_SIGTYPE_TEST, + Entry = #plop_entry{type = test, + data = <<"some data">>}, + PlopData = #plop_data{signature_type = test, timestamp = 4711, entry = Entry}, [?_assertEqual(TestVector, plop:add(PlopData))]. - -% Helpers. |