示例#1
0
func GetCA(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	auth, _ := store.Get(ca.SerialNumber())
	return ht.JSONDocument(*JSONCAResponseFromParcel(auth))
}
示例#2
0
func DeleteCRL(store *liftca.Store, r *ht.Request) *ht.Answer {
	_, cert, answer := ObtainCAAndCert(store, r)
	if answer != nil {
		return answer
	}
	store.SetRevoked(cert.SerialNumber(), false)
	return ht.NoContent()
}
示例#3
0
func GetCAs(store *liftca.Store, r *ht.Request) *ht.Answer {
	response := make([]JSONCAResponse, 0)
	for _, s := range store.GetCAs() {
		auth, _ := store.Get(s)
		if auth.Visible {
			response = append(response, *JSONCAResponseFromParcel(auth))
		}
	}
	return ht.JSONDocument(response)
}
示例#4
0
func GetCACRLPEMTXT(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	revoked := store.GetRevokedChildren(ca.SerialNumber())
	crl, err := ca.PEMCRL(revoked)
	if err != nil {
		return ht.Failure(err)
	}
	return ht.Read("text/plain", crl)
}
示例#5
0
func GetCACRLCER(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	revoked := store.GetRevokedChildren(ca.SerialNumber())
	crl, err := ca.DERCRL(revoked)
	if err != nil {
		return ht.Failure(err)
	}
	return ht.Read("application/pkix-crl", crl)
}
示例#6
0
func GetCerts(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	children, _ := store.GetChildren(ca.SerialNumber())
	response := make([]JSONCertResponse, 0)
	for _, s := range children {
		cert, _ := store.Get(s)
		response = append(response, *JSONCertResponseFromParcel(ca.SerialNumber(), cert))
	}
	return ht.JSONDocument(response)
}
示例#7
0
func GetCRL(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	revoked := store.GetRevokedChildren(ca.SerialNumber())
	output := make([]string, len(revoked))
	for i, e := range revoked {
		output[i] = strconv.FormatInt(e, 10)
	}

	return ht.JSONDocument(&JSONCRLResponse{
		Self:          CACRLURL(ca.SerialNumber()),
		SerialNumbers: output,
	})
}
示例#8
0
func ObtainCA(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *ht.Answer) {
	caID, err := r.VarInt64("ca_id")
	if err != nil {
		return nil, ht.Failure(err)
	}
	auth, found := store.Get(caID)
	if !found {
		return nil, ht.NotFound()
	}

	if _, found := store.GetParent(caID); found {
		return nil, ht.NotFound()
	}

	return auth, nil
}
示例#9
0
func PostCert(store *liftca.Store, r *ht.Request) *ht.Answer {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	certReq := &JSONCertRequest{}
	err := r.BodyAsJSON(certReq)
	if err != nil {
		return ht.Failure(err)
	}
	id, err := store.Add(true, ca.SerialNumber(), certReq.Host)
	if err != nil {
		return ht.Failure(err)
	}
	return ht.RedirectTo(CertUrl(ca.SerialNumber(), id))
}
示例#10
0
func PostCRL(store *liftca.Store, r *ht.Request) *ht.Answer {
	req := &JSONCRLRequest{}
	r.BodyAsJSON(req)
	certID, err := strconv.ParseInt(req.SerialNumber, 10, 64)
	if err != nil {
		return ht.Failure(err)
	}
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return answer
	}
	if p, _ := store.GetParent(certID); p != ca.SerialNumber() {
		return ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber()))
	}
	store.SetRevoked(certID, true)
	return ht.RedirectTo(CACRLURL(ca.SerialNumber()))
}
示例#11
0
func PostCA(store *liftca.Store, r *ht.Request) *ht.Answer {
	caReq := &JSONCARequest{}
	err := r.BodyAsJSON(caReq)
	if err != nil {
		return ht.Failure(err)
	}
	var id int64
	if caReq.PEMCertificate != "" || caReq.PEMKey != "" || caReq.PEMKeyPassword != "" {
		id, err = store.AddExistingCA(caReq.Visible, []byte(caReq.PEMCertificate), []byte(caReq.PEMKey), []byte(caReq.PEMKeyPassword))
	} else {
		id, err = store.AddCA(caReq.Visible, caReq.Name)
	}

	if err != nil {
		return ht.Failure(err)
	}
	return ht.RedirectTo(CAUrl(id))
}
示例#12
0
func ObtainCAAndCert(store *liftca.Store, r *ht.Request) (*liftca.Parcel, *liftca.Parcel, *ht.Answer) {
	ca, answer := ObtainCA(store, r)
	if answer != nil {
		return nil, nil, answer
	}

	certID, err := r.VarInt64("cert_id")
	if err != nil {
		return nil, nil, ht.Failure(err)
	}
	cert, found := store.Get(certID)
	if !found {
		return nil, nil, ht.NotFound()
	}
	parent, _ := store.GetParent(certID)
	if parent != ca.SerialNumber() {
		return nil, nil, ht.Failure(fmt.Errorf("certificate %v does not belong to CA %v", certID, ca.SerialNumber()))
	}

	return ca, cert, nil
}