summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2014-10-23 14:42:42 +0200
committerLinus Nordberg <linus@nordberg.se>2014-10-23 14:42:42 +0200
commitf0b40ee24cb2e95f3ce1a7d06473459f3de2b7d5 (patch)
tree1b2152955bc4a5f1374448f72457bd9ad18d5b28
parenta77e6b4a9b30588f48fc5cf81bdf4982ef85ce7a (diff)
Log (info) when adding and rejecting a certificate chain.validate-certchain
Writing to stdout for now, until we've decided on logging framework.
Diffstat
-rw-r--r--src/v1.erl4
-rw-r--r--src/x509.erl6
2 files changed, 9 insertions, 1 deletions
diff --git a/src/v1.erl b/src/v1.erl
index 46b5235..8c748e5 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -25,8 +25,12 @@
Roots = catlfish:known_roots(),
case x509:normalise_chain(Roots, [LeafCert|CertChain]) of
{ok, [Leaf | Chain]} ->
+ io:format("[info] adding ~p~n",
+ [x509:cert_string(LeafCert)]),
catlfish:add_chain(Leaf, Chain);
{Err, Msg} ->
+ io:format("[info] rejecting ~p: ~p~n",
+ [x509:cert_string(LeafCert), Err]),
html("add-chain: ", [Msg, Err])
end;
Invalid ->
diff --git a/src/x509.erl b/src/x509.erl
index 8b1211d..9b6b386 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -2,7 +2,7 @@
%%% See LICENSE for licensing information.
-module(x509).
--export([normalise_chain/2]).
+-export([normalise_chain/2, cert_string/1]).
-include_lib("public_key/include/public_key.hrl").
@@ -84,6 +84,10 @@ public_key(#'OTPCertificate'{
subjectPublicKey = Key}}}) ->
Key.
+cert_string(Der) ->
+ lists:flatten([io_lib:format("~2.16.0B", [X]) ||
+ X <- binary_to_list(crypto:hash(sha, Der))]).
+
%%%%%%%%%%%%%%%%%%%%
%% Precertificates according to draft-ietf-trans-rfc6962-bis-04.
generated by cgit v1.1 at 2024-12-26 18:01:22 +0000