OrgGo/Mainflux.mainflux
1
0
Fork 0
mirror of https://github.com/mainflux/mainflux.git synced 2025-04-27 13:48:49 +08:00
Code Issues Projects Releases Wiki Activity
Mainflux.mainflux/certs/mocks/pki.go

191 lines
4.5 KiB
Go
Raw Normal View History

NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
// Copyright (c) Mainflux
// SPDX-License-Identifier: Apache-2.0
package mocks
import (
"bufio"
"bytes"
"crypto/ecdsa"
"crypto/rand"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"math/big"
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
"sync"
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
"time"
"github.com/mainflux/mainflux/certs/pki"
"github.com/mainflux/mainflux/pkg/errors"
)
NOISSUE - Add cert revocation to SDK (#1693) * initial commit Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix certificate revoking Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change from mapstructure to json Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add comments to serial modification Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix typo Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * update vault docker version Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * write env variables Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change env path Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * return revocation time Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * revert to intermediate CA Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove deadcode Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make revoke cert output readable Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keybits and keytype Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove dead code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make inline Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add empty line Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove commented code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Co-authored-by: rodneyosodo <socials@rodneyosodo.com>
2023-01-13 16:33:00 +03:00
const keyBits = 2048
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
var (
errPrivateKeyEmpty = errors.New("private key is empty")
errPrivateKeyUnsupportedType = errors.New("private key type is unsupported")
)
var _ pki.Agent = (*agent)(nil)
type agent struct {
AuthTimeout time.Duration
TLSCert tls.Certificate
X509Cert *x509.Certificate
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
TTL string
mu sync.Mutex
counter uint64
certs map[string]pki.Cert
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
}
NOISSUE - Add cert revocation to SDK (#1693) * initial commit Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix certificate revoking Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change from mapstructure to json Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add comments to serial modification Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix typo Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * update vault docker version Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * write env variables Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change env path Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * return revocation time Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * revert to intermediate CA Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove deadcode Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make revoke cert output readable Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keybits and keytype Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove dead code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make inline Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add empty line Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove commented code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Co-authored-by: rodneyosodo <socials@rodneyosodo.com>
2023-01-13 16:33:00 +03:00
func NewPkiAgent(tlsCert tls.Certificate, caCert *x509.Certificate, ttl string, timeout time.Duration) pki.Agent {
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
return &agent{
AuthTimeout: timeout,
TLSCert: tlsCert,
X509Cert: caCert,
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
TTL: ttl,
certs: make(map[string]pki.Cert),
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
}
}
NOISSUE - Add cert revocation to SDK (#1693) * initial commit Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix certificate revoking Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change from mapstructure to json Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add comments to serial modification Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix typo Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * update vault docker version Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * write env variables Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change env path Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * return revocation time Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * revert to intermediate CA Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove deadcode Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make revoke cert output readable Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keybits and keytype Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove dead code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make inline Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add empty line Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove commented code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Co-authored-by: rodneyosodo <socials@rodneyosodo.com>
2023-01-13 16:33:00 +03:00
func (a *agent) IssueCert(cn, ttl string) (pki.Cert, error) {
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
a.mu.Lock()
defer a.mu.Unlock()
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
if a.X509Cert == nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, pki.ErrMissingCACertificate)
}
var priv interface{}
priv, err := rsa.GenerateKey(rand.Reader, keyBits)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
if ttl == "" {
ttl = a.TTL
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
}
notBefore := time.Now()
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
validFor, err := time.ParseDuration(ttl)
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
notAfter := notBefore.Add(validFor)
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
tmpl := x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{
Organization: []string{"Mainflux"},
CommonName: cn,
OrganizationalUnit: []string{"mainflux"},
},
NotBefore: notBefore,
NotAfter: notAfter,
KeyUsage: x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
SubjectKeyId: []byte{1, 2, 3, 4, 6},
}
pubKey, err := publicKey(priv)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, a.X509Cert, pubKey, a.TLSCert.PrivateKey)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
x509cert, err := x509.ParseCertificate(derBytes)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
var bw, keyOut bytes.Buffer
buffWriter := bufio.NewWriter(&bw)
buffKeyOut := bufio.NewWriter(&keyOut)
if err := pem.Encode(buffWriter, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}); err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
buffWriter.Flush()
cert := bw.String()
block, err := pemBlockForKey(priv)
if err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
if err := pem.Encode(buffKeyOut, block); err != nil {
return pki.Cert{}, errors.Wrap(pki.ErrFailedCertCreation, err)
}
buffKeyOut.Flush()
key := keyOut.String()
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
a.certs[x509cert.SerialNumber.String()] = pki.Cert{
ClientCert: cert,
}
a.counter++
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
return pki.Cert{
ClientCert: cert,
ClientKey: key,
Serial: x509cert.SerialNumber.String(),
NOISSUE - Add cert revocation to SDK (#1693) * initial commit Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix certificate revoking Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change from mapstructure to json Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add comments to serial modification Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * fix typo Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * update vault docker version Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * write env variables Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * change env path Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * return revocation time Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * revert to intermediate CA Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove deadcode Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make revoke cert output readable Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keybits and keytype Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove dead code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * make inline Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * add empty line Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove commented code Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> * remove keyBits Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Signed-off-by: rodneyosodo <socials@rodneyosodo.com> Co-authored-by: rodneyosodo <socials@rodneyosodo.com>
2023-01-13 16:33:00 +03:00
Expire: x509cert.NotAfter.Unix(),
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
IssuingCA: x509cert.Issuer.String(),
}, nil
}
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
func (a *agent) Read(serial string) (pki.Cert, error) {
a.mu.Lock()
defer a.mu.Unlock()
crt, ok := a.certs[serial]
if !ok {
MF-1263 - Move repeating errors to the separate package (#1540) * MF-1263 - Mv duplicated errors to pkg/errors Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert test build flags Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix merge Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix comment Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> Co-authored-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
2022-01-27 17:03:57 +01:00
return pki.Cert{}, errors.ErrNotFound
NOISSUE - Add view and list serials endpoints in certs service (#1483) * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * NOISSUE - Add view and list serials endpoints in certs service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix vault-unseal.sh script Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename Cert field days_valid into hours_valid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix provision service Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use ownerID, rename daysValid -> hoursValid Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add key_type to api Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tabulation Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add expiration date in view response Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> Expiration and remove unecessary expiration convertion Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ListSerials tests and fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix RetrieveByThing count Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add ViewCert tests Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add missing error check Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify API Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Makefile Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rm if else Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename HoursValid -> TTL Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * revert typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Rename hoursValid -> ttl Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
2022-01-04 19:42:13 +01:00
}
return crt, nil
}
func (a *agent) Revoke(serial string) (time.Time, error) {
return time.Now(), nil
}
NOISSUE - Certs service refactor (#1369) * remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove not wanted changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certs Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * addint tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add certs test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix default value for vault host Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add cert test, remove default implementation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * linter cleaning Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix comments, and logging Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * use mocks from other services Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename struct and url path params Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve minor comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * align url params naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix typo Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove struct revoke Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor certRes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
2021-03-15 12:27:32 +01:00
func publicKey(priv interface{}) (interface{}, error) {
if priv == nil {
return nil, errPrivateKeyEmpty
}
switch k := priv.(type) {
case *rsa.PrivateKey:
return &k.PublicKey, nil
case *ecdsa.PrivateKey:
return &k.PublicKey, nil
default:
return nil, errPrivateKeyUnsupportedType
}
}
func pemBlockForKey(priv interface{}) (*pem.Block, error) {
switch k := priv.(type) {
case *rsa.PrivateKey:
return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)}, nil
case *ecdsa.PrivateKey:
b, err := x509.MarshalECPrivateKey(k)
if err != nil {
return nil, err
}
return &pem.Block{Type: "EC PRIVATE KEY", Bytes: b}, nil
default:
return nil, nil
}
}
Reference in New Issue Copy Permalink