func ObtainCA(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *ht.Answer) {
caID, err := r.VarInt64("ca_id")
if err != nil {
return nil, ht.Failure(err)
}
auth, found := store.Get(caID)
if !found {
return nil, ht.NotFound()
}
if _, found := store.GetParent(caID); found {
return nil, ht.NotFound()
}
return auth, nil
}
func PostCRL(store *liftca.Store, r *ht.Request) *ht.Answer {
req := &JSONCRLRequest{}
r.BodyAsJSON(req)
certID, err := strconv.ParseInt(req.SerialNumber, 10, 64)
if err != nil {
return ht.Failure(err)
}
ca, answer := ObtainCA(store, r)
if answer != nil {
return answer
}
if p, _ := store.GetParent(certID); p != ca.SerialNumber() {
return ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber()))
}
store.SetRevoked(certID, true)
return ht.RedirectTo(CACRLURL(ca.SerialNumber()))
}
func ObtainCAAndCert(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *liftca.Parcel, *ht.Answer) {
ca, answer := ObtainCA(store, r)
if answer != nil {
return nil, nil, answer
}
certID, err := r.VarInt64("cert_id")
if err != nil {
return nil, nil, ht.Failure(err)
}
cert, found := store.Get(certID)
if !found {
return nil, nil, ht.NotFound()
}
parent, _ := store.GetParent(certID)
if parent != ca.SerialNumber() {
return nil, nil, ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber()))
}
return ca, cert, nil
}