diff options
| author | Linus Nordberg <linus@nordu.net> | 2016-03-27 19:27:30 +0200 |
|---|---|---|
| committer | Linus Nordberg <linus@nordu.net> | 2016-04-07 16:06:12 +0200 |
| commit | 0573cda1b335a9dfbcc33d5b61964dcaae2ed165 (patch) | |
| tree | a02169dd7464a54a5b8abf6dc4862f8f64982198 /src/v1.erl | |
| parent | e6b1d5a4a8227603eaeb986e9594b595e847832b (diff) | |
WIP
Diffstat (limited to 'src/v1.erl')
| -rw-r--r-- | src/v1.erl | 55 |
1 files changed, 31 insertions, 24 deletions
@@ -1,4 +1,4 @@ -%%% Copyright (c) 2014-2015, NORDUnet A/S. +%%% Copyright (c) 2014-2016, NORDUnet A/S. %%% See LICENSE for licensing information. %%% @doc Certificate Transparency (RFC 6962) @@ -7,7 +7,7 @@ %% API (URL) -export([request/4]). --define(APPURL_CT_V1, "open/gaol/v1"). +-define(APPURL_CT_V1, "dt/v1"). check_valid_sth() -> case plop:sth() of @@ -30,9 +30,9 @@ check_valid_sth() -> end. %% Public functions, i.e. part of URL. -request(post, ?APPURL_CT_V1, "add-blob", Input) -> +request(post, ?APPURL_CT_V1, "add-ds-rr", Input) -> check_valid_sth(), - add_blob(Input); + add_ds(Input); request(get, ?APPURL_CT_V1, "get-sth", _Query) -> check_valid_sth(), @@ -147,29 +147,36 @@ internalerror(Text) -> "~s~n" ++ "</body></html>~n", [Text])}. --spec add_blob(any()) -> any(). -add_blob(Input) -> +-spec add_ds(any()) -> any(). +add_ds(Input) -> case (catch mochijson2:decode(Input)) of {error, E} -> - err400("add-blob: bad input:", E); - {struct, [{<<"blob">>, Blob}]} -> - case (catch base64:decode(Blob)) of - {'EXIT', _} -> - err400("add-blob: invalid base64-encoded blob", Blob); - DecodedBlob -> - add_blob_helper(DecodedBlob, - application:get_env(catlfish, - max_submit_size, - 0)) + err400("add-ds-rr: bad input:", E); + {struct, [{<<"chain">>, List}]} -> + case decode_chain(List) of + {invalid, ErrText} -> + err400(io:format("add-ds-rr: ~p", [ErrText]), List); + [DSRR, DSRRSIG | SupportRRs] -> + add_ds_helper(DSRR, DSRRSIG, SupportRRs); + _ -> + err400("add-ds-rr: missing one or more entries", List) end; _ -> - err400("add-blob: missing input: blob", Input) + err400("add-ds-rr: missing input: chain", Input) end. -add_blob_helper(Blob, MaxSize) when MaxSize == 0 -> - success(catlfish:add_chain(Blob, [], normal)); -add_blob_helper(Blob, MaxSize) when erlang:size(Blob) =< MaxSize -> - add_blob_helper(Blob, 0); -add_blob_helper(Blob, MaxSize) -> - err400(io_lib:format("add-blob: blob too large (~p > ~p)", - [erlang:size(Blob), MaxSize]), Blob). +decode_chain(List) -> + case (catch [base64:decode(X) || X <- List]) of + {'EXIT', _} -> + {invalid, "invalid base64-encoding"}; + L -> + L + end. + +add_ds_helper(DSRR, DSRRSIG, Support) -> + case dnssecport:dnssec_validate([DSRR, DSRRSIG], Support) of + ok -> + success(catlfish:add_chain(DSRR, [DSRRSIG | Support], normal)); + _ -> + err400("add-ds-rr: invalid DS record", [DSRR, DSRRSIG | Support]) + end. |