diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/catlfish.erl | 44 | ||||
-rw-r--r-- | src/v1.erl | 2 |
2 files changed, 29 insertions, 17 deletions
diff --git a/src/catlfish.erl b/src/catlfish.erl index b6856b8..bd3c106 100644 --- a/src/catlfish.erl +++ b/src/catlfish.erl @@ -58,6 +58,15 @@ serialise_signature_type(certificate_timestamp) -> serialise_signature_type(tree_hash) -> <<1:8>>. +build_mtl(Timestamp, LeafCert) -> + TSE = #timestamped_entry{timestamp = Timestamp, + entry_type = x509_entry, + signed_entry = LeafCert}, + MTL = #mtl{leaf_version = v1, + leaf_type = timestamped_entry, + entry = TSE}, + serialise(MTL). + -spec add_chain(binary(), [binary()]) -> nonempty_string(). add_chain(LeafCert, CertChain) -> EntryHash = crypto:hash(sha256, LeafCert), @@ -76,8 +85,8 @@ add_chain(LeafCert, CertChain) -> ht:leaf_hash(serialise(MTL)), crypto:hash(sha256, LeafCert)), TSE; - {_Index, Entry} -> - <<Timestamp:64, _LogEntry>> = Entry, + {_Index, _MTLHash, Entry} -> + <<Timestamp:64, _LogEntry/binary>> = Entry, %% TODO: Perform a costly db consistency check against %% unpacked LogEntry (w/ LeafCert and CertChain) #timestamped_entry{timestamp = Timestamp, @@ -91,7 +100,7 @@ add_chain(LeafCert, CertChain) -> binary_to_list( jiffy:encode( {[{sct_version, ?PROTOCOL_VERSION}, - {id, base64:encode(plop:logid())}, + {id, base64:encode(plop:get_logid())}, {timestamp, TimestampedEntry#timestamped_entry.timestamp}, {extensions, base64:encode(<<>>)}, {signature, base64:encode(plop:serialise(SCT_sig))}]})). @@ -117,8 +126,9 @@ entry_and_proof(Index, TreeSize) -> jiffy:encode( case plop:inclusion_and_entry(Index, TreeSize) of {ok, {Entry, Path}} -> - {LeafCertVector, CertChainVector} = unpack_entry(Entry), - {[{leaf_input, base64:encode(LeafCertVector)}, + {Timestamp, LeafCertVector, CertChainVector} = unpack_entry(Entry), + MTL = build_mtl(Timestamp, LeafCertVector), + {[{leaf_input, base64:encode(MTL)}, {extra_data, base64:encode(CertChainVector)}, {audit_path, [base64:encode(X) || X <- Path]}]}; {notfound, Msg} -> @@ -128,25 +138,27 @@ entry_and_proof(Index, TreeSize) -> %% Private functions. unpack_entry(Entry) -> - %% FIXME: Do this with some beatiful binary matching. - LeafCertVectorLen = binary:decode_unsigned(binary_part(Entry, 0, 3)), - LeafCertVector = binary_part(Entry, 3, LeafCertVectorLen), - CertChainVectorPos = 3 + LeafCertVectorLen, - CertChainVector = binary_part( - Entry, CertChainVectorPos, - byte_size(Entry) - CertChainVectorPos), - {LeafCertVector, CertChainVector}. + <<Timestamp:64, LogEntry/binary>> = Entry, + {LeafCertVector, CertChainVector} = decode_tls_vector(LogEntry, 3), + {Timestamp, LeafCertVector, CertChainVector}. -spec x_entries([{non_neg_integer(), binary(), binary()}]) -> list(). x_entries([]) -> []; x_entries([H|T]) -> - {_Index, _Hash, Entry} = H, - {LeafCertVector, CertChainVector} = unpack_entry(Entry), - [{[{leaf_input, LeafCertVector}, {extra_data, CertChainVector}]} | + [_Index, _Hash, Entry] = H, + {Timestamp, LeafCertVector, CertChainVector} = unpack_entry(Entry), + MTL = build_mtl(Timestamp, LeafCertVector), + [{[{leaf_input, base64:encode(MTL)}, {extra_data, base64:encode(CertChainVector)}]} | x_entries(T)]. -spec encode_tls_vector(binary(), non_neg_integer()) -> binary(). encode_tls_vector(Binary, LengthLen) -> Length = byte_size(Binary), <<Length:LengthLen/integer-unit:8, Binary/binary>>. + +-spec decode_tls_vector(binary(), non_neg_integer()) -> {binary(), binary()}. +decode_tls_vector(Binary, LengthLen) -> + <<Length:LengthLen/integer-unit:8, Rest/binary>> = Binary, + <<ExtractedBinary:Length/binary-unit:8, Rest2/binary>> = Rest, + {ExtractedBinary, Rest2}. @@ -82,7 +82,7 @@ binary_to_list( jiffy:encode( case plop:inclusion(Hash, TreeSize) of - {ok, {Index, Path}} -> + {ok, Index, Path} -> {[{leaf_index, Index}, {audit_path, [base64:encode(X) || X <- Path]}]}; |