From 293b1df48c6d376dee0f1f2512486b8a68488a9c Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Tue, 18 Nov 2014 10:58:21 +0100 Subject: Entry hash runs over leaf plus chain. Closes CATLFISH-5. --- src/catlfish.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/catlfish.erl b/src/catlfish.erl index 3ca190a..98ec4dd 100644 --- a/src/catlfish.erl +++ b/src/catlfish.erl @@ -71,7 +71,7 @@ build_mtl(Timestamp, LeafCert) -> -spec add_chain(binary(), [binary()]) -> nonempty_string(). add_chain(LeafCert, CertChain) -> - EntryHash = crypto:hash(sha256, LeafCert), + EntryHash = crypto:hash(sha256, [LeafCert | CertChain]), TimestampedEntry = case plop:get(EntryHash) of notfound -> @@ -85,7 +85,7 @@ add_chain(LeafCert, CertChain) -> ok = plop:add( serialise_logentry(Timestamp, LeafCert, CertChain), ht:leaf_hash(serialise(MTL)), - crypto:hash(sha256, LeafCert)), + EntryHash), TSE; {_Index, _MTLHash, Entry} -> <> = Entry, -- cgit v1.1