Add documentation considering duplicate certs

google · Jan 22, 2020 · 704e6dc · 704e6dc
1 parent 080951d
commit 704e6dc
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 0 deletions.
diff --git a/rootsanalyzer/rootsanalyzer.go b/rootsanalyzer/rootsanalyzer.go
@@ -99,6 +99,7 @@ func diffRootSets(old, new []*x509.Certificate) (added, removed []*x509.Certific
 		oldSet[string(cert.Raw)] = cert
 	}
 	// This algorithm assumes that there are no duplicates in new.
+	// TODO(RJPercival): Support old and new containing duplicate certificates.
 	for _, cert := range new {
 		certDER := string(cert.Raw)
 		if oldSet[certDER] != nil {

diff --git a/storage/storage.go b/storage/storage.go
@@ -39,6 +39,8 @@ type STHWriter interface {
 
 // RootsWriter is an interface for storing root certificates retrieved from a CT get-roots call.
 type RootsWriter interface {
+	// WriteRoots stores the fact that the given roots were received from a particular CT Log at the specified time.
+	// It will remove any duplicate certificates from roots before storing them.
 	WriteRoots(ctx context.Context, l *ctlog.Log, roots []*x509.Certificate, receivedAt time.Time) error
 }