Log some info about certs that don't parse and why.

Also move x509 specific code to the x509 module.
author: Linus Nordberg <linus@nordberg.se> 2014-11-05 13:02:16 +0100
committer: Linus Nordberg <linus@nordberg.se> 2014-11-05 13:02:52 +0100
commit: 3ef550cb6f1e8ac7e4142cc1620eb36be747b30d (patch)
tree: 2784673f9180b20dcc281a4be0fb96f1aa8ba7d1 /src/catlfish.erl
parent: f7939d1a4cf928440c5db3443283d4f149d30936 (diff)
1 files changed, 6 insertions, 8 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl
index 5d96278..3ca190a 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -216,7 +216,9 @@ ders_from_pemfiles(Dir, Filenames) ->
 
 ders_from_pemfile(Filename) ->
     Pems = case (catch public_key:pem_decode(pems_from_file(Filename))) of
-               {'EXIT', _} -> [];
+               {'EXIT', Reason} ->
+                   lager:info("badly encoded cert in ~p: ~p", [Filename, Reason]),
+                   [];
                P -> P
            end,
     [der_from_pem(X) || X <- Pems].
@@ -225,13 +227,9 @@ ders_from_pemfile(Filename) ->
 der_from_pem(Pem) ->
     case Pem of
         {_Type, Der, not_encrypted} ->
-            case (catch public_key:pkix_decode_cert(Der, otp)) of
-                {'EXIT', _} ->
-                    [];
-                #'OTPCertificate'{} ->
-                    Der;
-                _Unknown ->
-                    []
+            case x509:valid_cert_p(Der) of
+                true -> Der;
+                false -> []
             end;
         _ -> []
     end.
author	Linus Nordberg <linus@nordberg.se>	2014-11-05 13:02:16 +0100
committer	Linus Nordberg <linus@nordberg.se>	2014-11-05 13:02:52 +0100
commit	3ef550cb6f1e8ac7e4142cc1620eb36be747b30d (patch)
tree	2784673f9180b20dcc281a4be0fb96f1aa8ba7d1 /src/catlfish.erl
parent	f7939d1a4cf928440c5db3443283d4f149d30936 (diff)