diff options
Diffstat (limited to 'src/v1.erl')
| -rw-r--r-- | src/v1.erl | 27 |
1 files changed, 18 insertions, 9 deletions
@@ -9,8 +9,6 @@ 'get-sth-consistency'/3, 'get-proof-by-hash'/3, 'get-entries'/3, 'get-roots'/3, 'get-entry-and-proof'/3]). --include("$CTROOT/plop/include/plop.hrl"). - %% Public functions, i.e. part of URL. 'add-chain'(SessionID, _Env, Input) -> R = case (catch jiffy:decode(Input)) of @@ -22,7 +20,17 @@ html("add-chain: invalid base64-encoded chain: ", [ChainBase64]); [LeafCert | CertChain] -> - catlfish:add_chain(LeafCert, CertChain); + Roots = catlfish:known_roots(), + case x509:normalise_chain(Roots, [LeafCert|CertChain]) of + {ok, [Leaf | Chain]} -> + io:format("[info] adding ~p~n", + [x509:cert_string(LeafCert)]), + catlfish:add_chain(Leaf, Chain); + {Err, Msg} -> + io:format("[info] rejecting ~p: ~p~n", + [x509:cert_string(LeafCert), Err]), + html("add-chain: ", [Msg, Err]) + end; Invalid -> html("add-chain: chain is not a list: ", [Invalid]) end; @@ -34,11 +42,10 @@ niy(SessionID). 'get-sth'(SessionID, _Env, _Input) -> - #sth{ - treesize = Treesize, - timestamp = Timestamp, - roothash = Roothash, - signature = Signature} = plop:sth(), + { Treesize, + Timestamp, + Roothash, + Signature} = plop:sth(), R = [{tree_size, Treesize}, {timestamp, Timestamp}, {sha256_root_hash, base64:encode(Roothash)}, @@ -125,7 +132,9 @@ deliver(SessionID, R). 'get-roots'(SessionID, _Env, _Input) -> - R = [{certificates, []}], % NIY. + R = [{certificates, + [base64:encode(Der) || + Der <- catlfish:update_known_roots()]}], deliver(SessionID, binary_to_list(jiffy:encode({R}))). %% Private functions. |