diff options
Diffstat (limited to 'src/sign.erl')
-rw-r--r-- | src/sign.erl | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/sign.erl b/src/sign.erl index b0916fd..167987d 100644 --- a/src/sign.erl +++ b/src/sign.erl @@ -8,7 +8,7 @@ %% API. -export([start_link/0, stop/0]). --export([sign_sct/1, sign_sth/1, get_pubkey/0, get_logid/0]). +-export([sign_sct/1, sign_sth/1, get_pubkey/0, get_logid/0, verify_sth/2]). -export([read_keyfile_ec/1]). %% API for tests. -export([read_keyfile_rsa/2]). @@ -111,19 +111,22 @@ public_key(#'RSAPrivateKey'{modulus = Mod, publicExponent = Exp}) -> remote_sign_request(URL, Request) -> case plop_httputil:request("signing", URL, [{"Content-Type", "text/json"}], list_to_binary(mochijson2:encode(Request))) of - {failure, StatusLine, RespHeaders, Body} -> + {failure, _StatusLine, _RespHeaders, _Body} -> lager:debug("auth check failed"), none; - {success, StatusLine, RespHeaders, Body} -> + {success, {_HttpVersion, StatusCode, _ReasonPhrase}, _RespHeaders, Body} when StatusCode == 200 -> lager:debug("auth check succeeded"), case (catch mochijson2:decode(Body)) of {error, E} -> + lager:error("json parse error: ~p", [E]), none; {struct, PropList} -> base64:decode(proplists:get_value(<<"result">>, PropList)) end; - {noauth, StatusLine, RespHeaders, Body} -> + {noauth, _StatusLine, _RespHeaders, _Body} -> lager:debug("no auth"), + none; + _ -> none end. @@ -163,6 +166,13 @@ get_logid() -> PubKeyfile = application:get_env(plop, log_public_key, none), read_keyfile_ec_logid(PubKeyfile). +verify_sth(STH, Signature) -> + lager:debug("verifying ~p: ~p", [STH, Signature]), + PubKeyfile = application:get_env(plop, log_public_key, none), + PublicKey = read_keyfile_ec(PubKeyfile), + public_key:verify(STH, sha256, Signature, PublicKey). + + %%%%%%%%%%%%%%%%%%%% %% gen_server callbacks. @@ -190,4 +200,6 @@ handle_call({get, pubkey}, _From, State) -> handle_call({sign, Data}, _From, State) -> %% FIXME: Merge RSA and DC. - {reply, signhash_ec(Data, State#state.privkey), State}. + Signature = signhash_ec(Data, State#state.privkey), + lager:debug("signing ~p: ~p", [Data, Signature]), + {reply, Signature, State}. |