// Store a passed CSR to be signed func (c Project) SaveCSR(id int, csr *models.CertificateRequest) revel.Result { var user *models.User if c.RenderArgs["user"] == nil { c.Flash.Error("You must log in first") return c.Redirect(routes.App.Index()) } user = c.RenderArgs["user"].(*models.User) project := c.getProject(id) if project == nil { c.Flash.Error("Unable to access project") return c.Redirect(routes.Admin.Index()) } project_members := c.getProjectUsers(id) isMember := false for _, member := range project_members { if member.Id == user.Id { isMember = true } } if !user.IsAdmin && !isMember { c.Flash.Error("You do not have permissions for this page") return c.Redirect(routes.Admin.Index()) } csr.Project = project csr.User = user csr.CSR = []byte(c.Params.Values["csr.CSR"][0]) cas := c.getProjectCAs(project) for _, ca := range cas { if csr.RequestedCAId == ca.Id { csr.RequestedCA = ca break } } if csr.RequestedCA == nil { c.Flash.Error("Error finding requested CA") return c.Redirect(routes.Project.LoadCSR(id)) } block, _ := pem.Decode(csr.CSR) if block == nil { c.Flash.Error("Error PEM decoding CSR") return c.Redirect(routes.Project.LoadCSR(id)) } parsed_csr, err := ParseCertificationRequest(block.Bytes) if err != nil { c.Flash.Error("Error Decoding CSR") return c.Redirect(routes.Project.LoadCSR(id)) } var out pkix.Name var subject pkix.RDNSequence if _, err := asn1.Unmarshal(parsed_csr.CertificationRequestInfo.Subject.FullBytes, &subject); err != nil { c.Flash.Error(err.Error()) return c.Redirect(routes.Project.LoadCSR(id)) } out.FillFromRDNSequence(&subject) //If we get to this point we were successfully able to parse the CSR // Save CSR to database err = c.Txn.Insert(csr) if err != nil { c.Flash.Error("Error saving CSR", err.Error()) return c.Redirect(routes.Project.LoadCSR(id)) } c.Flash.Success("Submitted CSR for signing") return c.Redirect(routes.Project.Index(id)) }