ziggi/certmanager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
a75bc364f11a3740af9ab195fcd6937be12a11ba
certmanager/internal/logic/issuer.go
Олег Бородин a75bc364f1 working changes
2024-07-31 22:20:18 +02:00

239 lines
5.9 KiB
Go
Raw Blame History

package logic
import (
"context"
"fmt"
"crypto/x509"
"encoding/base64"
"encoding/pem"
cmapi "certmanager/api/certmanagercontrol"
"certmanager/internal/descriptor"
)
func (lg *Logic) CreateIssuerPair(ctx context.Context, params *cmapi.CreateIssuerPairParams) (*cmapi.CreateIssuerPairResult, error) {
var err error
res := &cmapi.CreateIssuerPairResult{}
createIssuerPairParams := &CreateIssuerPairParams{
CommonName: params.IssuerCommonName,
}
createIssuerPairRes, err := CreateIssuerPair(createIssuerPairParams)
if err != nil {
return res, err
}
issuer := &descriptor.Issuer{
Name: createIssuerPairRes.Name,
Cert: createIssuerPairRes.Cert,
Key: createIssuerPairRes.Key,
}
issuerID, err := lg.db.InsertIssuer(ctx, issuer)
if err != nil {
return res, err
}
res.IssuerID = issuerID
return res, err
}
func (lg *Logic) GetIssuerCertificate(ctx context.Context, params *cmapi.GetIssuerCertificateParams) (*cmapi.GetIssuerCertificateResult, error) {
var err error
res := &cmapi.GetIssuerCertificateResult{}
var issuerDescr *descriptor.Issuer
var issuerExists bool
switch {
case params.IssuerID != 0:
issuerExists, issuerDescr, err = lg.db.GetIssuerByID(ctx, params.IssuerID)
if !issuerExists {
err := fmt.Errorf("No signer with this ID was found")
if err != nil {
return res, err
}
}
case params.IssuerName != "":
issuerExists, issuerDescr, err = lg.db.GetIssuerByName(ctx, params.IssuerName)
if !issuerExists {
err := fmt.Errorf("No signer with this common name was found")
if err != nil {
return res, err
}
}
default:
err := fmt.Errorf("Issuer ID or name is not specified")
if err != nil {
return res, err
}
}
if issuerDescr == nil {
err := fmt.Errorf("Issuer descriptor is nil")
if err != nil {
return res, err
}
}
res.IssuerID = issuerDescr.ID
res.Certificate = issuerDescr.Cert
res.Name = issuerDescr.Name
res.Revoked = issuerDescr.Revoked
return res, err
}
func (lg *Logic) ImportIssuerPair(ctx context.Context, params *cmapi.ImportIssuerPairParams) (*cmapi.ImportIssuerPairResult, error) {
var err error
res := &cmapi.ImportIssuerPairResult{}
certPEM, err := base64.StdEncoding.DecodeString(params.Certificate)
if err != nil {
return res, err
}
certBlock, _ := pem.Decode([]byte(certPEM))
if certBlock == nil {
err := fmt.Errorf("Failed to parse certificate PEM")
return res, err
}
cert, err := x509.ParseCertificate(certBlock.Bytes)
if err != nil {
return res, err
}
if !cert.IsCA {
err := fmt.Errorf("Certificate is not CA")
return res, err
}
if params.Key != "" {
keyPEM, err := base64.StdEncoding.DecodeString(params.Key)
if err != nil {
return res, err
}
keyBlock, _ := pem.Decode([]byte(keyPEM))
if keyBlock == nil {
err := fmt.Errorf("Failed to parse certificate PEM")
return res, err
}
}
issuerDescr := &descriptor.Issuer{
Name: cert.Issuer.String(),
Cert: params.Certificate,
Key: params.Key,
}
issuerID, err := lg.db.InsertIssuer(ctx, issuerDescr)
if err != nil {
return res, err
}
res.IssuerName = cert.Subject.String()
res.IssuerID = issuerID
return res, err
}
func (lg *Logic) RevokeIssuerPair(ctx context.Context, params *cmapi.RevokeIssuerPairParams) (*cmapi.RevokeIssuerPairResult, error) {
var err error
res := &cmapi.RevokeIssuerPairResult{}
var issuerDescr *descriptor.Issuer
var issuerExists bool
switch {
case params.IssuerID != 0:
issuerExists, issuerDescr, err = lg.db.GetIssuerByID(ctx, params.IssuerID)
if !issuerExists {
err := fmt.Errorf("No signer with this ID was found")
if err != nil {
return res, err
}
}
case params.IssuerName != "":
issuerExists, issuerDescr, err = lg.db.GetIssuerByName(ctx, params.IssuerName)
if !issuerExists {
err := fmt.Errorf("No signer with this common name was found")
if err != nil {
return res, err
}
}
default:
err := fmt.Errorf("Issuer ID or name is not specified")
if err != nil {
return res, err
}
}
if issuerDescr == nil {
err := fmt.Errorf("Issuer descriptor is nil")
if err != nil {
return res, err
}
}
if !issuerDescr.Revoked {
issuerDescr.Revoked = true
err = lg.db.UpdateIssuerByID(ctx, issuerDescr.ID, issuerDescr)
if err != nil {
return res, err
}
}
return res, err
}
func (lg *Logic) UnrevokeIssuerPair(ctx context.Context, params *cmapi.UnrevokeIssuerPairParams) (*cmapi.UnrevokeIssuerPairResult, error) {
var err error
res := &cmapi.UnrevokeIssuerPairResult{}
var issuerDescr *descriptor.Issuer
var issuerExists bool
switch {
case params.IssuerID != 0:
issuerExists, issuerDescr, err = lg.db.GetIssuerByID(ctx, params.IssuerID)
if !issuerExists {
err := fmt.Errorf("No signer with this ID was found")
if err != nil {
return res, err
}
}
case params.IssuerName != "":
issuerExists, issuerDescr, err = lg.db.GetIssuerByName(ctx, params.IssuerName)
if !issuerExists {
err := fmt.Errorf("No signer with this common name was found")
if err != nil {
return res, err
}
}
default:
err := fmt.Errorf("Issuer ID or name is not specified")
if err != nil {
return res, err
}
}
if issuerDescr == nil {
err := fmt.Errorf("Issuer descriptor is nil")
if err != nil {
return res, err
}
}
if issuerDescr.Revoked {
issuerDescr.Revoked = false
err = lg.db.UpdateIssuerByID(ctx, issuerDescr.ID, issuerDescr)
if err != nil {
return res, err
}
}
return res, err
}
func (lg *Logic) ListIssuerPairs(ctx context.Context, params *cmapi.ListIssuerPairsParams) (*cmapi.ListIssuerPairsResult, error) {
var err error
res := &cmapi.ListIssuerPairsResult{
Issuers: make([]*cmapi.IssierShortDescriptor, 0),
}
listIssuers, err := lg.db.ListIssuers(ctx)
if err != nil {
return res, err
}
for _, issuer := range listIssuers {
issuerShortDescr := cmapi.IssierShortDescriptor{
IssuerID: issuer.ID,
Name: issuer.Name,
Revoked: issuer.Revoked,
}
res.Issuers = append(res.Issuers, &issuerShortDescr)
}
return res, err
}
Reference in New Issue View Git Blame Copy Permalink