// CertificateAuthorityClient / Server // -> IssueCertificate func NewCertificateAuthorityServer(serverQueue string, channel *amqp.Channel, impl core.CertificateAuthority) (rpc *AmqpRPCServer, err error) { rpc = NewAmqpRPCServer(serverQueue, channel) rpc.Handle(MethodIssueCertificate, func(req []byte) []byte { var icReq struct { Bytes []byte RegID int64 } err := json.Unmarshal(req, &icReq) if err != nil { return nil } csr, err := x509.ParseCertificateRequest(icReq.Bytes) if err != nil { // AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64 improperMessage(MethodIssueCertificate, err, req) return nil // XXX } cert, err := impl.IssueCertificate(*csr, icReq.RegID) if err != nil { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 errorCondition(MethodIssueCertificate, err, csr) return nil // XXX } serialized, err := json.Marshal(cert) if err != nil { return nil // XXX } return serialized }) rpc.Handle(MethodRevokeCertificateCA, func(req []byte) []byte { if err := impl.RevokeCertificate(string(req)); err != nil { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 errorCondition(MethodRevokeCertificateCA, err, req) } return nil }) return }
// NewCertificateAuthorityServer constructs an RPC server // // CertificateAuthorityClient / Server // -> IssueCertificate func NewCertificateAuthorityServer(rpc RPCServer, impl core.CertificateAuthority) (err error) { rpc.Handle(MethodIssueCertificate, func(req []byte) (response []byte, err error) { var icReq issueCertificateRequest err = json.Unmarshal(req, &icReq) if err != nil { // AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64 improperMessage(MethodIssueCertificate, err, req) return } csr, err := x509.ParseCertificateRequest(icReq.Bytes) if err != nil { // AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64 improperMessage(MethodIssueCertificate, err, req) return } cert, err := impl.IssueCertificate(*csr, icReq.RegID, icReq.EarliestExpiry) if err != nil { return } response, err = json.Marshal(cert) if err != nil { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 errorCondition(MethodGetRegistration, err, req) return } return }) rpc.Handle(MethodRevokeCertificate, func(req []byte) (response []byte, err error) { var revokeReq revokeCertificateRequest err = json.Unmarshal(req, &revokeReq) if err != nil { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 errorCondition(MethodRevokeCertificate, err, req) return } err = impl.RevokeCertificate(revokeReq.Serial, revokeReq.ReasonCode) return }) rpc.Handle(MethodGenerateOCSP, func(req []byte) (response []byte, err error) { var xferObj core.OCSPSigningRequest err = json.Unmarshal(req, &xferObj) if err != nil { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 errorCondition(MethodGenerateOCSP, err, req) return } response, err = impl.GenerateOCSP(xferObj) if err != nil { return } return }) return nil }