summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/catlfish.erl44
-rw-r--r--src/v1.erl2
2 files changed, 29 insertions, 17 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl
index b6856b8..bd3c106 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -58,6 +58,15 @@ serialise_signature_type(certificate_timestamp) ->
serialise_signature_type(tree_hash) ->
<<1:8>>.
+build_mtl(Timestamp, LeafCert) ->
+ TSE = #timestamped_entry{timestamp = Timestamp,
+ entry_type = x509_entry,
+ signed_entry = LeafCert},
+ MTL = #mtl{leaf_version = v1,
+ leaf_type = timestamped_entry,
+ entry = TSE},
+ serialise(MTL).
+
-spec add_chain(binary(), [binary()]) -> nonempty_string().
add_chain(LeafCert, CertChain) ->
EntryHash = crypto:hash(sha256, LeafCert),
@@ -76,8 +85,8 @@ add_chain(LeafCert, CertChain) ->
ht:leaf_hash(serialise(MTL)),
crypto:hash(sha256, LeafCert)),
TSE;
- {_Index, Entry} ->
- <<Timestamp:64, _LogEntry>> = Entry,
+ {_Index, _MTLHash, Entry} ->
+ <<Timestamp:64, _LogEntry/binary>> = Entry,
%% TODO: Perform a costly db consistency check against
%% unpacked LogEntry (w/ LeafCert and CertChain)
#timestamped_entry{timestamp = Timestamp,
@@ -91,7 +100,7 @@ add_chain(LeafCert, CertChain) ->
binary_to_list(
jiffy:encode(
{[{sct_version, ?PROTOCOL_VERSION},
- {id, base64:encode(plop:logid())},
+ {id, base64:encode(plop:get_logid())},
{timestamp, TimestampedEntry#timestamped_entry.timestamp},
{extensions, base64:encode(<<>>)},
{signature, base64:encode(plop:serialise(SCT_sig))}]})).
@@ -117,8 +126,9 @@ entry_and_proof(Index, TreeSize) ->
jiffy:encode(
case plop:inclusion_and_entry(Index, TreeSize) of
{ok, {Entry, Path}} ->
- {LeafCertVector, CertChainVector} = unpack_entry(Entry),
- {[{leaf_input, base64:encode(LeafCertVector)},
+ {Timestamp, LeafCertVector, CertChainVector} = unpack_entry(Entry),
+ MTL = build_mtl(Timestamp, LeafCertVector),
+ {[{leaf_input, base64:encode(MTL)},
{extra_data, base64:encode(CertChainVector)},
{audit_path, [base64:encode(X) || X <- Path]}]};
{notfound, Msg} ->
@@ -128,25 +138,27 @@ entry_and_proof(Index, TreeSize) ->
%% Private functions.
unpack_entry(Entry) ->
- %% FIXME: Do this with some beatiful binary matching.
- LeafCertVectorLen = binary:decode_unsigned(binary_part(Entry, 0, 3)),
- LeafCertVector = binary_part(Entry, 3, LeafCertVectorLen),
- CertChainVectorPos = 3 + LeafCertVectorLen,
- CertChainVector = binary_part(
- Entry, CertChainVectorPos,
- byte_size(Entry) - CertChainVectorPos),
- {LeafCertVector, CertChainVector}.
+ <<Timestamp:64, LogEntry/binary>> = Entry,
+ {LeafCertVector, CertChainVector} = decode_tls_vector(LogEntry, 3),
+ {Timestamp, LeafCertVector, CertChainVector}.
-spec x_entries([{non_neg_integer(), binary(), binary()}]) -> list().
x_entries([]) ->
[];
x_entries([H|T]) ->
- {_Index, _Hash, Entry} = H,
- {LeafCertVector, CertChainVector} = unpack_entry(Entry),
- [{[{leaf_input, LeafCertVector}, {extra_data, CertChainVector}]} |
+ [_Index, _Hash, Entry] = H,
+ {Timestamp, LeafCertVector, CertChainVector} = unpack_entry(Entry),
+ MTL = build_mtl(Timestamp, LeafCertVector),
+ [{[{leaf_input, base64:encode(MTL)}, {extra_data, base64:encode(CertChainVector)}]} |
x_entries(T)].
-spec encode_tls_vector(binary(), non_neg_integer()) -> binary().
encode_tls_vector(Binary, LengthLen) ->
Length = byte_size(Binary),
<<Length:LengthLen/integer-unit:8, Binary/binary>>.
+
+-spec decode_tls_vector(binary(), non_neg_integer()) -> {binary(), binary()}.
+decode_tls_vector(Binary, LengthLen) ->
+ <<Length:LengthLen/integer-unit:8, Rest/binary>> = Binary,
+ <<ExtractedBinary:Length/binary-unit:8, Rest2/binary>> = Rest,
+ {ExtractedBinary, Rest2}.
diff --git a/src/v1.erl b/src/v1.erl
index b58516d..304b0a8 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -82,7 +82,7 @@
binary_to_list(
jiffy:encode(
case plop:inclusion(Hash, TreeSize) of
- {ok, {Index, Path}} ->
+ {ok, Index, Path} ->
{[{leaf_index, Index},
{audit_path,
[base64:encode(X) || X <- Path]}]};