// NewCertificateAuthorityServer constructs an RPC server
//
// CertificateAuthorityClient / Server
// -> IssueCertificate
func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (err error) {
rpc.Handle(MethodIssueCertificate, func(req []byte) (response []byte, err error) {
var icReq issueCertificateRequest
err = json.Unmarshal(req, &icReq)
if err != nil {
// AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64
improperMessage(MethodIssueCertificate, err, req)
return
}
csr, err := x509.ParseCertificateRequest(icReq.Bytes)
if err != nil {
// AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64
improperMessage(MethodIssueCertificate, err, req)
return
}
cert, err := impl.IssueCertificate(*csr, icReq.RegID)
if err != nil {
return
}
response, err = json.Marshal(cert)
if err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodGetRegistration, err, req)
return
}
return
})
rpc.Handle(MethodGenerateOCSP, func(req []byte) (response []byte, err error) {
var xferObj core.OCSPSigningRequest
err = json.Unmarshal(req, &xferObj)
if err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodGenerateOCSP, err, req)
return
}
response, err = impl.GenerateOCSP(xferObj)
if err != nil {
return
}
return
})
return nil
}
// NewCertificateAuthorityServer constructs an RPC server
//
// CertificateAuthorityClient / Server
// -> IssueCertificate
func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (err error) {
rpc.Handle(MethodIssueCertificate, func(ctx context.Context, req []byte) (response []byte, err error) {
var icReq issueCertificateRequest
err = json.Unmarshal(req, &icReq)
if err != nil {
improperMessage(MethodIssueCertificate, err, req)
return
}
csr, err := x509.ParseCertificateRequest(icReq.Bytes)
if err != nil {
improperMessage(MethodIssueCertificate, err, req)
return
}
cert, err := impl.IssueCertificate(ctx, *csr, icReq.RegID)
if err != nil {
return
}
response, err = json.Marshal(cert)
if err != nil {
errorCondition(MethodIssueCertificate, err, req)
return
}
return
})
rpc.Handle(MethodGenerateOCSP, func(ctx context.Context, req []byte) (response []byte, err error) {
var xferObj core.OCSPSigningRequest
err = json.Unmarshal(req, &xferObj)
if err != nil {
errorCondition(MethodGenerateOCSP, err, req)
return
}
response, err = impl.GenerateOCSP(ctx, xferObj)
if err != nil {
return
}
return
})
return nil
}
// CertificateAuthorityClient / Server
// -> IssueCertificate
func NewCertificateAuthorityServer(serverQueue string, channel *amqp.Channel, impl core.CertificateAuthority) (rpc *AmqpRPCServer, err error) {
rpc = NewAmqpRPCServer(serverQueue, channel)
rpc.Handle(MethodIssueCertificate, func(req []byte) []byte {
var icReq struct {
Bytes []byte
RegID int64
}
err := json.Unmarshal(req, &icReq)
if err != nil {
return nil
}
csr, err := x509.ParseCertificateRequest(icReq.Bytes)
if err != nil {
// AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64
improperMessage(MethodIssueCertificate, err, req)
return nil // XXX
}
cert, err := impl.IssueCertificate(*csr, icReq.RegID)
if err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodIssueCertificate, err, csr)
return nil // XXX
}
serialized, err := json.Marshal(cert)
if err != nil {
return nil // XXX
}
return serialized
})
rpc.Handle(MethodRevokeCertificateCA, func(req []byte) []byte {
if err := impl.RevokeCertificate(string(req)); err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodRevokeCertificateCA, err, req)
}
return nil
})
return
}