Accept any kind of submitted data, not only X.509 certificate chains.

Have add_chain() take a blob instead of a cert leaf and a chain.
Rename ct/v1/add-chain -> add-blob.
Remove ct/v1/add-pre-chain.
Remove chain checking code.
Generate allowed_client config matching new HTTP API.

1 files changed, 5 insertions, 5 deletions

diff --git a/src/catlfish.erl b/src/catlfish.erl
index 4bf1cdf..7a28f9f 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -2,7 +2,7 @@
 %%% See LICENSE for licensing information.
 
 -module(catlfish).
--export([add_chain/3, entries/2, entry_and_proof/2]).
+-export([add_chain/2, entries/2, entry_and_proof/2]).
 -export([known_roots/0, update_known_roots/0]).
 -export([init_cache_table/0]).
 -export([entryhash_from_entry/1, verify_entry/1, verify_entry/2]).
@@ -131,15 +131,15 @@ add_to_db(Type, LeafCert, CertChain, EntryHash) ->
 get_ratelimit_token(Type) ->
     ratelimit:get_token(Type).
 
--spec add_chain(binary(), [binary()], normal|precert) -> {[{_,_},...]}.
-add_chain(LeafCert, CertChain, Type) ->
-    EntryHash = crypto:hash(sha256, [LeafCert | CertChain]),
+-spec add_chain(binary(), normal) -> {[{_,_},...]}.
+add_chain(Blob, Type) ->
+    EntryHash = crypto:hash(sha256, Blob),
     {TimestampedEntry, Hash} =
         case plop:get(EntryHash) of
             notfound ->
                 case get_ratelimit_token(add_chain) of
                     ok ->
-                        add_to_db(Type, LeafCert, CertChain, EntryHash);
+                        add_to_db(Type, Blob, [], EntryHash);
                     _ ->
                         exit({internalerror, "Rate limiting"})
                 end;