s/valid_chain_p/normalise_chain/g

author: Linus Nordberg <linus@nordberg.se> 2015-03-20 17:24:48 +0100
committer: Linus Nordberg <linus@nordberg.se> 2015-03-20 17:24:48 +0100
commit: 7e1b8b876fbfe63243409daba60ffac3d78cdd44 (patch)
tree: 7abc6c9537c34103a9a2dea65d50df348f378a4a /src
parent: f98f39ea2e9ae9d701f79de1b45e21fa0e5fd995 (diff)
2 files changed, 30 insertions, 30 deletions
diff --git a/src/v1.erl b/src/v1.erl
index 6d13541..e672182 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -120,8 +120,8 @@ add_chain(Input, Type) ->
                     html("add-chain: invalid base64-encoded chain: ",
                          [ChainBase64]);
                 [LeafCert | CertChain] ->
-                    case x509:valid_chain_p(catlfish:known_roots(),
-                                            [LeafCert|CertChain]) of
+                    case x509:normalise_chain(catlfish:known_roots(),
+                                              [LeafCert|CertChain]) of
                         {ok, [Leaf | Chain]} ->
                             lager:info("adding ~p cert ~p",
                                        [Type, x509:cert_string(LeafCert)]),
diff --git a/src/x509.erl b/src/x509.erl
index 5abd853..43b90b3 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -2,7 +2,7 @@
 %%% See LICENSE for licensing information.
 
 -module(x509).
--export([valid_chain_p/2, cert_string/1, read_pemfiles_from_dir/1,
+-export([normalise_chain/2, cert_string/1, read_pemfiles_from_dir/1,
          self_signed/1, detox/2]).
 -include_lib("public_key/include/public_key.hrl").
 -include_lib("eunit/include/eunit.hrl").
@@ -15,10 +15,10 @@
 
 -define(MAX_CHAIN_LENGTH, 10).
 
--spec valid_chain_p([binary()], [binary()]) -> {ok, [binary()]} |
-                                               {error, reason()}.
-valid_chain_p(AcceptableRootCerts, CertChain) ->
-    case valid_chain_p(AcceptableRootCerts, CertChain, ?MAX_CHAIN_LENGTH) of
+-spec normalise_chain([binary()], [binary()]) -> {ok, [binary()]} |
+                                                 {error, reason()}.
+normalise_chain(AcceptableRootCerts, CertChain) ->
+    case normalise_chain(AcceptableRootCerts, CertChain, ?MAX_CHAIN_LENGTH) of
         {false, Reason} ->
             {error, Reason};
         {true, Root} ->
@@ -71,12 +71,12 @@ detox(LeafDer, ChainDer) ->
 %% amongst the acceptable root certs. Otherwise it contains exactly
 %% one element, a CA cert from the acceptable root certs signing the
 %% root of the chain.
--spec valid_chain_p([binary()], [binary()], integer()) ->
-                           {false, reason()} | {true, list()}.
-valid_chain_p(_, _, MaxChainLength) when MaxChainLength =< 0 ->
+-spec normalise_chain([binary()], [binary()], integer()) ->
+                             {false, reason()} | {true, list()}.
+normalise_chain(_, _, MaxChainLength) when MaxChainLength =< 0 ->
     %% Chain too long.
     {false, chain_too_long};
-valid_chain_p(AcceptableRootCerts, [TopCert], MaxChainLength) ->
+normalise_chain(AcceptableRootCerts, [TopCert], MaxChainLength) ->
     %% Check root of chain.
     case lists:member(TopCert, AcceptableRootCerts) of
         true ->
@@ -92,9 +92,9 @@ valid_chain_p(AcceptableRootCerts, [TopCert], MaxChainLength) ->
                 Root -> {true, [Root]}
             end
     end;
-valid_chain_p(AcceptableRootCerts, [BottomCert|Rest], MaxChainLength) ->
+normalise_chain(AcceptableRootCerts, [BottomCert|Rest], MaxChainLength) ->
     case signed_by_p(BottomCert, hd(Rest)) of
-        true -> valid_chain_p(AcceptableRootCerts, Rest, MaxChainLength - 1);
+        true -> normalise_chain(AcceptableRootCerts, Rest, MaxChainLength - 1);
         false -> {false, signature_mismatch}
     end.
 
@@ -414,21 +414,21 @@ valid_cert_test_() ->
               %% 'OTP-PUB-KEY':Func('OTP-X520countryname', Value0)
               %% FIXME: This error doesn't make much sense -- is my
               %% environment borked?
-              ?_assertMatch({true, _}, valid_chain_p(lists:nth(1, Chains),
-                                                     lists:nth(1, Chains), 10)),
+              ?_assertMatch({true, _}, normalise_chain(lists:nth(1, Chains),
+                                                       lists:nth(1, Chains), 10)),
               %% Self-signed so fail.
               ?_assertMatch({false, root_unknown},
-                            valid_chain_p(KnownRoots,
-                                          lists:nth(2, Chains), 10)),
+                            normalise_chain(KnownRoots,
+                                            lists:nth(2, Chains), 10)),
               %% Leaf signed by known CA, pass.
-              ?_assertMatch({true, _}, valid_chain_p(KnownRoots,
-                                                     lists:nth(3, Chains), 10)),
+              ?_assertMatch({true, _}, normalise_chain(KnownRoots,
+                                                       lists:nth(3, Chains), 10)),
               %% Proper 3-depth chain with root in KnownRoots, pass.
               %% Bug CATLFISH-19 --> [info] rejecting "3ee62cb678014c14d22ebf96f44cc899adea72f1": chain_broken
               %% leaf sha1: 3ee62cb678014c14d22ebf96f44cc899adea72f1
               %% leaf Subject: C=KR, O=Government of Korea, OU=Group of Server, OU=\xEA\xB5\x90\xEC\x9C\xA1\xEA\xB3\xBC\xED\x95\x99\xEA\xB8\xB0\xEC\x88\xA0\xEB\xB6\x80, CN=www.berea.ac.kr, CN=haksa.bits.ac.kr
-              ?_assertMatch({true, _}, valid_chain_p(KnownRoots,
-                                                     lists:nth(4, Chains), 3)),
+              ?_assertMatch({true, _}, normalise_chain(KnownRoots,
+                                                       lists:nth(4, Chains), 3)),
               %% Verify against self, pass.
               %% Bug CATLFISH-??, can't handle issuer keytype ECPoint.
               %% Issuer sha1: 6969562e4080f424a1e7199f14baf3ee58ab6abb
@@ -450,21 +450,21 @@ chain_test_() ->
 chain_test(C0, C1) ->
     [
      %% Root not in chain but in trust store.
-     ?_assertEqual({true, [C1]}, valid_chain_p([C1], [C0], 10)),
-     ?_assertEqual({true, [C1]}, valid_chain_p([C1], [C0], 2)),
+     ?_assertEqual({true, [C1]}, normalise_chain([C1], [C0], 10)),
+     ?_assertEqual({true, [C1]}, normalise_chain([C1], [C0], 2)),
      %% Chain too long.
-     ?_assertMatch({false, chain_too_long}, valid_chain_p([C1], [C0], 1)),
+     ?_assertMatch({false, chain_too_long}, normalise_chain([C1], [C0], 1)),
      %% Root in chain and in trust store.
-     ?_assertEqual({true, []}, valid_chain_p([C1], [C0, C1], 2)),
+     ?_assertEqual({true, []}, normalise_chain([C1], [C0, C1], 2)),
      %% Chain too long.
-     ?_assertMatch({false, chain_too_long}, valid_chain_p([C1], [C0, C1], 1)),
+     ?_assertMatch({false, chain_too_long}, normalise_chain([C1], [C0, C1], 1)),
      %% Root not in trust store.
-     ?_assertMatch({false, root_unknown}, valid_chain_p([], [C0, C1], 10)),
+     ?_assertMatch({false, root_unknown}, normalise_chain([], [C0, C1], 10)),
      %% Selfsigned. Actually OK.
-     ?_assertMatch({true, []}, valid_chain_p([C0], [C0], 10)),
-     ?_assertMatch({true, []}, valid_chain_p([C0], [C0], 1)),
+     ?_assertMatch({true, []}, normalise_chain([C0], [C0], 10)),
+     ?_assertMatch({true, []}, normalise_chain([C0], [C0], 1)),
      %% Max chain length 0 is not OK.
-     ?_assertMatch({false, chain_too_long}, valid_chain_p([C0], [C0], 0))
+     ?_assertMatch({false, chain_too_long}, normalise_chain([C0], [C0], 0))
     ].
 
 %%-spec read_certs(file:filename()) -> [string:string()].
author	Linus Nordberg <linus@nordberg.se>	2015-03-20 17:24:48 +0100
committer	Linus Nordberg <linus@nordberg.se>	2015-03-20 17:24:48 +0100
commit	7e1b8b876fbfe63243409daba60ffac3d78cdd44 (patch)
tree	7abc6c9537c34103a9a2dea65d50df348f378a4a /src
parent	f98f39ea2e9ae9d701f79de1b45e21fa0e5fd995 (diff)