func addDeniedNames(tx *gorp.Transaction, names []string) (err error) {
sort.Strings(names)
deniedCSR := &core.DeniedCSR{Names: strings.ToLower(strings.Join(names, ","))}
err = tx.Insert(deniedCSR)
return
}
func (updater *OCSPUpdater) processResponse(tx *gorp.Transaction, serial string) error {
certObj, err := tx.Get(core.Certificate{}, serial)
if err != nil {
return err
}
statusObj, err := tx.Get(core.CertificateStatus{}, serial)
if err != nil {
return err
}
cert, ok := certObj.(*core.Certificate)
if !ok {
return fmt.Errorf("Cast failure")
}
status, ok := statusObj.(*core.CertificateStatus)
if !ok {
return fmt.Errorf("Cast failure")
}
_, err = x509.ParseCertificate(cert.DER)
if err != nil {
return err
}
signRequest := core.OCSPSigningRequest{
CertDER: cert.DER,
Reason: status.RevokedReason,
Status: string(status.Status),
RevokedAt: status.RevokedDate,
}
ocspResponse, err := updater.cac.GenerateOCSP(signRequest)
if err != nil {
return err
}
timeStamp := time.Now()
// Record the response.
ocspResp := &core.OCSPResponse{Serial: serial, CreatedAt: timeStamp, Response: ocspResponse}
err = tx.Insert(ocspResp)
if err != nil {
return err
}
// Reset the update clock
status.OCSPLastUpdated = timeStamp
_, err = tx.Update(status)
if err != nil {
return err
}
// Done
return nil
}