From 5c7a5be8f161684ae2d9d0868c35d623e127a327 Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Sat, 20 Sep 2014 00:28:46 +0200
Subject: Decode chain in 'add-chain' properly.

---
 src/v1.erl | 27 ++++++++++++++++-----------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/src/v1.erl b/src/v1.erl
index d6b833b..0f9a7bc 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -18,17 +18,22 @@
 'add-chain'(SessionID, _Env, Input) ->
     Res = case (catch jiffy:decode(Input)) of
               {error, E} -> html("add-chain: bad input:", E);
-              {[{<<"chain">>, Chain}]} ->
-                  Entry = #plop_entry{type = x509,
-                                      data = list_to_binary(Chain)},
-                  SPT = plop:add(#timestamped_entry{entry = Entry}),
-                  R = [{sct_version, ?PROTOCOL_VERSION},
-                       {id, base64:encode(SPT#spt.logid)},
-                       {timestamp, SPT#spt.timestamp},
-                       {extensions, base64:encode("")},
-                       {signature, base64:encode(
-                                     plop:serialise(SPT#spt.signature))}],
-                  binary_to_list(jiffy:encode({R}));
+              {[{<<"chain">>, ChainBase64}]} ->
+                  case (catch base64:decode(ChainBase64)) of
+                      {'EXIT', _} ->
+                          html("add-chain: invalid base64-encoded chain: ",
+                               [ChainBase64]);
+                      Chain ->
+                          Entry = #plop_entry{type = x509, data = Chain},
+                          SPT = plop:add(#timestamped_entry{entry = Entry}),
+                          R = [{sct_version, ?PROTOCOL_VERSION},
+                               {id, base64:encode(SPT#spt.logid)},
+                               {timestamp, SPT#spt.timestamp},
+                               {extensions, base64:encode("")},
+                               {signature, base64:encode(
+                                             plop:serialise(SPT#spt.signature))}],
+                          binary_to_list(jiffy:encode({R}))
+                  end;
               _ -> html("add-chain: missing input: chain", Input)
           end,
     deliver(SessionID, Res).
-- 
cgit v1.1