diff options
author | Linus Nordberg <linus@nordberg.se> | 2015-04-07 16:37:53 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordberg.se> | 2015-04-07 16:37:53 +0200 |
commit | 158e9f83d017ba87c3bdbbfe9a54d16bc7eb2311 (patch) | |
tree | 7c2f36c319894b7f415c5e0d2a762702198fc19a /verifycert.erl | |
parent | 2267289c354e440efecfb8a6e19cb965bd1bbbbc (diff) | |
parent | f364054054477ed7ac7c15dd1199b7bac2e1cef7 (diff) |
Merge branch 'mergeverify2'.
Minor tweaks on map/mergeverify2.
Diffstat (limited to 'verifycert.erl')
-rwxr-xr-x | verifycert.erl | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/verifycert.erl b/verifycert.erl new file mode 100755 index 0000000..b9a3753 --- /dev/null +++ b/verifycert.erl @@ -0,0 +1,41 @@ +#!/usr/bin/env escript +%% -*- erlang -*- +%%! -pa ebin -pa lib/catlfish-0.6.0-dev.ez/catlfish-0.6.0-dev/ebin -pa lib/lager-2.1.1.ez/lager-2.1.1/ebin + +write_reply(Bin) -> + Length = size(Bin), + file:write(standard_io, <<Length:32, Bin/binary>>). + +verify(RootCerts, DBEntry) -> + try + Chain = catlfish:chain_from_entry(DBEntry), + %% XXX: doesn't verify that MTL is derived from Chain + case x509:normalise_chain(RootCerts, Chain) of + {ok, _} -> + write_reply(<<0:8>>); + {error, Reason} -> + ReasonBin = list_to_binary(io_lib:format("~p", [Reason])), + write_reply(<<1:8, ReasonBin/binary>>) + end + catch + Type:What -> + [CrashFunction | Stack] = erlang:get_stacktrace(), + ErrorBin = list_to_binary(io_lib:format("Crash: ~p ~p~n~p~n~p~n", [Type, What, CrashFunction, Stack])), + write_reply(<<2:8, ErrorBin/binary>>) + end. + +loop(RootCerts) -> + {ok, LengthBin} = file:read(standard_io, 4), + <<Length:32>> = list_to_binary(LengthBin), + case Length of + 0 -> + none; + _ -> + {ok, DBEntry} = file:read(standard_io, Length), + verify(RootCerts, list_to_binary(DBEntry)), + loop(RootCerts) + end. + +main(_) -> + Certs = x509:read_pemfiles_from_dir("tests/known_roots/"), + loop(Certs). |