summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/catlfish.erl11
-rw-r--r--src/x509.erl9
2 files changed, 9 insertions, 11 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl
index 50811a1..2e5ffd4 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -87,6 +87,7 @@ deserialise_entry_type(<<0:16>>) ->
deserialise_entry_type(<<1:16>>) ->
precert_entry.
+-spec serialise_signature_type(certificate_timestamp|tree_hash) -> binary().
serialise_signature_type(certificate_timestamp) ->
<<0:8>>;
serialise_signature_type(tree_hash) ->
@@ -177,16 +178,6 @@ timestamped_entry(Timestamp, EntryType, LeafCert, CertChain) ->
entry_type = EntryType,
signed_entry = SignedEntry}.
-%% -spec serialise_logentry(integer(), binary(), [binary()]) -> binary().
-%% serialise_logentry(Timestamp, LeafCert, CertChain) ->
-%% list_to_binary(
-%% [<<Timestamp:64>>,
-%% list_to_binary(
-%% [encode_tls_vector(LeafCert, 3),
-%% encode_tls_vector(
-%% list_to_binary(
-%% [encode_tls_vector(X, 3) || X <- CertChain]), 3)])]).
-
-spec deserialise_mtl(binary()) -> mtl().
deserialise_mtl(Data) ->
<<LeafVersionBin:1/binary,
diff --git a/src/x509.erl b/src/x509.erl
index e8c4f2b..eae1468 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -28,6 +28,7 @@ normalise_chain(AcceptableRootCerts, CertChain) ->
{ok, CertChain ++ Root}
end.
+-spec cert_string(binary()) -> string().
cert_string(Der) ->
mochihex:to_hex(crypto:hash(sha, Der)).
@@ -54,8 +55,8 @@ read_pemfiles_from_dir(Dir) ->
self_signed(L) ->
lists:filter(fun(Cert) -> signed_by_p(Cert, Cert) end, L).
-%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash.
-spec detox(binary(), [binary()]) -> {binary(), binary()}.
+%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash.
detox(LeafDer, ChainDer) ->
detox_precert(LeafDer, nth(1, ChainDer), nth(2, ChainDer)).
@@ -117,6 +118,7 @@ signer(Cert, [H|T]) ->
signer(Cert, T)
end.
+-spec encoded_tbs_cert(binary()) -> binary().
%% Code from pubkey_cert:encoded_tbs_cert/1.
encoded_tbs_cert(DerCert) ->
{ok, PKIXCert} =
@@ -299,6 +301,7 @@ is_precert_signer(#'Certificate'{tbsCertificate = TBSCert}) ->
_ -> false
end.
+-spec is_ca(#'TBSCertificate'{}) -> binary().
is_ca(#'TBSCertificate'{extensions = Extensions}) ->
case pubkey_cert:select_extension(?'id-ce-basicConstraints', Extensions) of
#'Extension'{critical = true, extnValue = Val} ->
@@ -316,6 +319,7 @@ remove_poison_ext(#'Certificate'{tbsCertificate = TBSCert}) ->
pubkey_cert:extensions_list(TBSCert#'TBSCertificate'.extensions)),
TBSCert#'TBSCertificate'{extensions = Extensions}.
+-spec poisoned_leaf_p(binary()) -> boolean().
poisoned_leaf_p(#'Extension'{extnID = ?LEAF_POISON_OID,
critical = true,
extnValue = ?LEAF_POISON_VAL}) ->
@@ -324,10 +328,12 @@ poisoned_leaf_p(_) ->
false.
%%%% PEM files.
+-spec ders_from_pemfiles(string(), [string()]) -> [binary()].
ders_from_pemfiles(Dir, Filenames) ->
lists:flatten(
[ders_from_pemfile(filename:join(Dir, X)) || X <- Filenames]).
+-spec ders_from_pemfile(string()) -> [binary()].
ders_from_pemfile(Filename) ->
lager:debug("reading PEM from ~s", [Filename]),
PemBins = pems_from_file(Filename),
@@ -339,6 +345,7 @@ ders_from_pemfile(Filename) ->
end,
[der_from_pem(X) || X <- Pems].
+-spec der_from_pem(binary()) -> binary().
der_from_pem(Pem) ->
case Pem of
{_Type, Der, not_encrypted} ->