WriteCertRepository: avoid serializing precerts twice
With pre-certs, Chain[0] is the pre-cert itself.
This commit is contained in:
parent
a79cc26570
commit
1dcbe91877
|
@ -249,9 +249,9 @@ func WriteCertRepository (repoPath string, entry *ct.LogEntry) (bool, string, er
|
||||||
fingerprint := sha256hex(getRaw(entry))
|
fingerprint := sha256hex(getRaw(entry))
|
||||||
prefixPath := filepath.Join(repoPath, fingerprint[0:2])
|
prefixPath := filepath.Join(repoPath, fingerprint[0:2])
|
||||||
var filenameSuffix string
|
var filenameSuffix string
|
||||||
if entry.Precert != nil {
|
if entry.Leaf.TimestampedEntry.EntryType == ct.PrecertLogEntryType {
|
||||||
filenameSuffix = ".precert.pem"
|
filenameSuffix = ".precert.pem"
|
||||||
} else if entry.X509Cert != nil {
|
} else if entry.Leaf.TimestampedEntry.EntryType == ct.X509LogEntryType {
|
||||||
filenameSuffix = ".cert.pem"
|
filenameSuffix = ".cert.pem"
|
||||||
}
|
}
|
||||||
if err := os.Mkdir(prefixPath, 0777); err != nil && !os.IsExist(err) {
|
if err := os.Mkdir(prefixPath, 0777); err != nil && !os.IsExist(err) {
|
||||||
|
@ -266,10 +266,12 @@ func WriteCertRepository (repoPath string, entry *ct.LogEntry) (bool, string, er
|
||||||
return false, path, fmt.Errorf("Failed to open %s for writing: %s", path, err)
|
return false, path, fmt.Errorf("Failed to open %s for writing: %s", path, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: getRaw(entry)}); err != nil {
|
if entry.Leaf.TimestampedEntry.EntryType == ct.X509LogEntryType {
|
||||||
|
if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: entry.Leaf.TimestampedEntry.X509Entry}); err != nil {
|
||||||
file.Close()
|
file.Close()
|
||||||
return false, path, fmt.Errorf("Error writing to %s: %s", path, err)
|
return false, path, fmt.Errorf("Error writing to %s: %s", path, err)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
for _, chainCert := range entry.Chain {
|
for _, chainCert := range entry.Chain {
|
||||||
if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: chainCert}); err != nil {
|
if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: chainCert}); err != nil {
|
||||||
file.Close()
|
file.Close()
|
||||||
|
|
Loading…
Reference in New Issue