diff options
-rw-r--r-- | src/catlfish.erl | 11 | ||||
-rw-r--r-- | src/x509.erl | 9 |
2 files changed, 9 insertions, 11 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl index 50811a1..2e5ffd4 100644 --- a/src/catlfish.erl +++ b/src/catlfish.erl @@ -87,6 +87,7 @@ deserialise_entry_type(<<0:16>>) -> deserialise_entry_type(<<1:16>>) -> precert_entry. +-spec serialise_signature_type(certificate_timestamp|tree_hash) -> binary(). serialise_signature_type(certificate_timestamp) -> <<0:8>>; serialise_signature_type(tree_hash) -> @@ -177,16 +178,6 @@ timestamped_entry(Timestamp, EntryType, LeafCert, CertChain) -> entry_type = EntryType, signed_entry = SignedEntry}. -%% -spec serialise_logentry(integer(), binary(), [binary()]) -> binary(). -%% serialise_logentry(Timestamp, LeafCert, CertChain) -> -%% list_to_binary( -%% [<<Timestamp:64>>, -%% list_to_binary( -%% [encode_tls_vector(LeafCert, 3), -%% encode_tls_vector( -%% list_to_binary( -%% [encode_tls_vector(X, 3) || X <- CertChain]), 3)])]). - -spec deserialise_mtl(binary()) -> mtl(). deserialise_mtl(Data) -> <<LeafVersionBin:1/binary, diff --git a/src/x509.erl b/src/x509.erl index e8c4f2b..eae1468 100644 --- a/src/x509.erl +++ b/src/x509.erl @@ -28,6 +28,7 @@ normalise_chain(AcceptableRootCerts, CertChain) -> {ok, CertChain ++ Root} end. +-spec cert_string(binary()) -> string(). cert_string(Der) -> mochihex:to_hex(crypto:hash(sha, Der)). @@ -54,8 +55,8 @@ read_pemfiles_from_dir(Dir) -> self_signed(L) -> lists:filter(fun(Cert) -> signed_by_p(Cert, Cert) end, L). -%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash. -spec detox(binary(), [binary()]) -> {binary(), binary()}. +%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash. detox(LeafDer, ChainDer) -> detox_precert(LeafDer, nth(1, ChainDer), nth(2, ChainDer)). @@ -117,6 +118,7 @@ signer(Cert, [H|T]) -> signer(Cert, T) end. +-spec encoded_tbs_cert(binary()) -> binary(). %% Code from pubkey_cert:encoded_tbs_cert/1. encoded_tbs_cert(DerCert) -> {ok, PKIXCert} = @@ -299,6 +301,7 @@ is_precert_signer(#'Certificate'{tbsCertificate = TBSCert}) -> _ -> false end. +-spec is_ca(#'TBSCertificate'{}) -> binary(). is_ca(#'TBSCertificate'{extensions = Extensions}) -> case pubkey_cert:select_extension(?'id-ce-basicConstraints', Extensions) of #'Extension'{critical = true, extnValue = Val} -> @@ -316,6 +319,7 @@ remove_poison_ext(#'Certificate'{tbsCertificate = TBSCert}) -> pubkey_cert:extensions_list(TBSCert#'TBSCertificate'.extensions)), TBSCert#'TBSCertificate'{extensions = Extensions}. +-spec poisoned_leaf_p(binary()) -> boolean(). poisoned_leaf_p(#'Extension'{extnID = ?LEAF_POISON_OID, critical = true, extnValue = ?LEAF_POISON_VAL}) -> @@ -324,10 +328,12 @@ poisoned_leaf_p(_) -> false. %%%% PEM files. +-spec ders_from_pemfiles(string(), [string()]) -> [binary()]. ders_from_pemfiles(Dir, Filenames) -> lists:flatten( [ders_from_pemfile(filename:join(Dir, X)) || X <- Filenames]). +-spec ders_from_pemfile(string()) -> [binary()]. ders_from_pemfile(Filename) -> lager:debug("reading PEM from ~s", [Filename]), PemBins = pems_from_file(Filename), @@ -339,6 +345,7 @@ ders_from_pemfile(Filename) -> end, [der_from_pem(X) || X <- Pems]. +-spec der_from_pem(binary()) -> binary(). der_from_pem(Pem) -> case Pem of {_Type, Der, not_encrypted} -> |