summaryrefslogtreecommitdiff
path: root/src/catlfish.erl
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2015-07-17 18:54:33 +0200
committerLinus Nordberg <linus@nordu.net>2015-07-17 18:54:33 +0200
commitb61ad04f22e580e6c651ecbef8abfd26d8c8b71f (patch)
treed2017427f59ab64e8cf05d20021cc976b401bf6e /src/catlfish.erl
parent61ace729ada4de8e6c0e84500e70392f495dbc67 (diff)
Verify entries properly. Maybe.gaol
Diffstat (limited to 'src/catlfish.erl')
-rw-r--r--src/catlfish.erl17
1 files changed, 6 insertions, 11 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl
index 35cee4e..5f0c328 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -293,20 +293,15 @@ verify_entry(Entry) ->
RootCerts = known_roots(),
verify_entry(Entry, RootCerts).
-verify_entry(Entry, RootCerts) ->
+verify_entry(Entry, _RootCerts) ->
{MTL, ExtraData} = mtl_and_extra_from_entry(Entry),
Chain = chain_from_mtl_extradata(MTL, ExtraData),
- case x509:normalise_chain(RootCerts, Chain) of
- {ok, [LeafCert|CertChain]} ->
- case verify_mtl(MTL, LeafCert, CertChain) of
- ok ->
- {ok, ht:leaf_hash(serialise(MTL))};
- error ->
- {error, "MTL verification failed"}
- end;
- {error, Reason} ->
- {error, Reason}
+ case verify_mtl(MTL, Chain, []) of
+ ok ->
+ {ok, ht:leaf_hash(serialise(MTL))};
+ error ->
+ {error, "MTL verification failed"}
end.
entryhash_from_entry(Entry) ->