summaryrefslogtreecommitdiff
path: root/src/x509.erl
diff options
context:
space:
mode:
Diffstat (limited to 'src/x509.erl')
-rw-r--r--src/x509.erl9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/x509.erl b/src/x509.erl
index e8c4f2b..eae1468 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -28,6 +28,7 @@ normalise_chain(AcceptableRootCerts, CertChain) ->
{ok, CertChain ++ Root}
end.
+-spec cert_string(binary()) -> string().
cert_string(Der) ->
mochihex:to_hex(crypto:hash(sha, Der)).
@@ -54,8 +55,8 @@ read_pemfiles_from_dir(Dir) ->
self_signed(L) ->
lists:filter(fun(Cert) -> signed_by_p(Cert, Cert) end, L).
-%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash.
-spec detox(binary(), [binary()]) -> {binary(), binary()}.
+%% @doc Return the detoxed cet in LeafDer and the issuer leaf hash.
detox(LeafDer, ChainDer) ->
detox_precert(LeafDer, nth(1, ChainDer), nth(2, ChainDer)).
@@ -117,6 +118,7 @@ signer(Cert, [H|T]) ->
signer(Cert, T)
end.
+-spec encoded_tbs_cert(binary()) -> binary().
%% Code from pubkey_cert:encoded_tbs_cert/1.
encoded_tbs_cert(DerCert) ->
{ok, PKIXCert} =
@@ -299,6 +301,7 @@ is_precert_signer(#'Certificate'{tbsCertificate = TBSCert}) ->
_ -> false
end.
+-spec is_ca(#'TBSCertificate'{}) -> binary().
is_ca(#'TBSCertificate'{extensions = Extensions}) ->
case pubkey_cert:select_extension(?'id-ce-basicConstraints', Extensions) of
#'Extension'{critical = true, extnValue = Val} ->
@@ -316,6 +319,7 @@ remove_poison_ext(#'Certificate'{tbsCertificate = TBSCert}) ->
pubkey_cert:extensions_list(TBSCert#'TBSCertificate'.extensions)),
TBSCert#'TBSCertificate'{extensions = Extensions}.
+-spec poisoned_leaf_p(binary()) -> boolean().
poisoned_leaf_p(#'Extension'{extnID = ?LEAF_POISON_OID,
critical = true,
extnValue = ?LEAF_POISON_VAL}) ->
@@ -324,10 +328,12 @@ poisoned_leaf_p(_) ->
false.
%%%% PEM files.
+-spec ders_from_pemfiles(string(), [string()]) -> [binary()].
ders_from_pemfiles(Dir, Filenames) ->
lists:flatten(
[ders_from_pemfile(filename:join(Dir, X)) || X <- Filenames]).
+-spec ders_from_pemfile(string()) -> [binary()].
ders_from_pemfile(Filename) ->
lager:debug("reading PEM from ~s", [Filename]),
PemBins = pems_from_file(Filename),
@@ -339,6 +345,7 @@ ders_from_pemfile(Filename) ->
end,
[der_from_pem(X) || X <- Pems].
+-spec der_from_pem(binary()) -> binary().
der_from_pem(Pem) ->
case Pem of
{_Type, Der, not_encrypted} ->