summaryrefslogtreecommitdiff
path: root/verifycert.erl
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2015-05-29 18:15:22 +0200
committerMagnus Ahltorp <map@kth.se>2015-05-29 18:15:22 +0200
commit4dad3a362533c17a30d501f98698ae04aa029e7c (patch)
tree1efca49eb3c28fb4e356edc7c4e525492c45579b /verifycert.erl
parent42eebf1c68849b1367a8e87757f8019732058c50 (diff)
Add verification of whole entry. Implement library call for plop verification.frontendverify
Diffstat (limited to 'verifycert.erl')
-rwxr-xr-xverifycert.erl8
1 files changed, 3 insertions, 5 deletions
diff --git a/verifycert.erl b/verifycert.erl
index f2f679d..e7cdd86 100755
--- a/verifycert.erl
+++ b/verifycert.erl
@@ -1,6 +1,6 @@
#!/usr/bin/env escript
%% -*- erlang -*-
-%%! -pa lib/catlfish-0.8.0-dev.ez/catlfish-0.8.0-dev/ebin -pa lib/lager-2.1.1.ez/lager-2.1.1/ebin
+%%! -pa lib/catlfish-0.8.0-dev.ez/catlfish-0.8.0-dev/ebin -pa lib/lager-2.1.1.ez/lager-2.1.1/ebin -pa lib/plop-0.7.0.ez/plop-0.7.0/ebin
write_reply(Bin) ->
Length = size(Bin),
@@ -8,10 +8,8 @@ write_reply(Bin) ->
verify(RootCerts, DBEntry) ->
try
- Chain = catlfish:chain_from_entry(DBEntry),
- %% XXX: doesn't verify that MTL is derived from Chain
- case x509:normalise_chain(RootCerts, Chain) of
- {ok, _} ->
+ case catlfish:verify_entry(DBEntry, RootCerts) of
+ {ok, _MTLHash} ->
write_reply(<<0:8>>);
{error, Reason} ->
ReasonBin = list_to_binary(io_lib:format("~p", [Reason])),