func ObtainCA(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *ht.Answer) { caID, err := r.VarInt64("ca_id") if err != nil { return nil, ht.Failure(err) } auth, found := store.Get(caID) if !found { return nil, ht.NotFound() } if _, found := store.GetParent(caID); found { return nil, ht.NotFound() } return auth, nil }
func PostCert(store *liftca.Store, r *ht.Request) *ht.Answer { ca, answer := ObtainCA(store, r) if answer != nil { return answer } certReq := &JSONCertRequest{} err := r.BodyAsJSON(certReq) if err != nil { return ht.Failure(err) } id, err := store.Add(true, ca.SerialNumber(), certReq.Host) if err != nil { return ht.Failure(err) } return ht.RedirectTo(CertUrl(ca.SerialNumber(), id)) }
func PostCRL(store *liftca.Store, r *ht.Request) *ht.Answer { req := &JSONCRLRequest{} r.BodyAsJSON(req) certID, err := strconv.ParseInt(req.SerialNumber, 10, 64) if err != nil { return ht.Failure(err) } ca, answer := ObtainCA(store, r) if answer != nil { return answer } if p, _ := store.GetParent(certID); p != ca.SerialNumber() { return ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber())) } store.SetRevoked(certID, true) return ht.RedirectTo(CACRLURL(ca.SerialNumber())) }
func PostCA(store *liftca.Store, r *ht.Request) *ht.Answer { caReq := &JSONCARequest{} err := r.BodyAsJSON(caReq) if err != nil { return ht.Failure(err) } var id int64 if caReq.PEMCertificate != "" || caReq.PEMKey != "" || caReq.PEMKeyPassword != "" { id, err = store.AddExistingCA(caReq.Visible, []byte(caReq.PEMCertificate), []byte(caReq.PEMKey), []byte(caReq.PEMKeyPassword)) } else { id, err = store.AddCA(caReq.Visible, caReq.Name) } if err != nil { return ht.Failure(err) } return ht.RedirectTo(CAUrl(id)) }
func ObtainCAAndCert(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *liftca.Parcel, *ht.Answer) { ca, answer := ObtainCA(store, r) if answer != nil { return nil, nil, answer } certID, err := r.VarInt64("cert_id") if err != nil { return nil, nil, ht.Failure(err) } cert, found := store.Get(certID) if !found { return nil, nil, ht.NotFound() } parent, _ := store.GetParent(certID) if parent != ca.SerialNumber() { return nil, nil, ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber())) } return ca, cert, nil }