More renames.
This commit is contained in:
34
certdb.go
34
certdb.go
@@ -14,8 +14,8 @@ import (
|
||||
"time"
|
||||
)
|
||||
|
||||
// _CAState represents the persisted CA state in JSON
|
||||
type _CAState struct {
|
||||
// CAState represents the persisted CA state in JSON
|
||||
type CAState struct {
|
||||
CreatedAt string `json:"createdAt"`
|
||||
UpdatedAt string `json:"updatedAt"`
|
||||
Serial int `json:"serial,omitempty"`
|
||||
@@ -34,7 +34,7 @@ type CertificateRecord struct {
|
||||
}
|
||||
|
||||
func caStatePath() string {
|
||||
return filepath.Join(filepath.Dir(CAConfigPath), CAConfig.GetStateFileName())
|
||||
return filepath.Join(filepath.Dir(caConfigPath), caConfig.GetStateFileName())
|
||||
}
|
||||
|
||||
// LoadCAState loads the CA state from a JSON file
|
||||
@@ -46,8 +46,8 @@ func LoadCAState() error {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
CAState = &_CAState{}
|
||||
if err := json.NewDecoder(f).Decode(CAState); err != nil {
|
||||
caState = &CAState{}
|
||||
if err := json.NewDecoder(f).Decode(caState); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
@@ -55,7 +55,7 @@ func LoadCAState() error {
|
||||
|
||||
// SaveCAState saves the CA state to a JSON file
|
||||
func SaveCAState() error {
|
||||
CAState.UpdatedAt = time.Now().UTC().Format(time.RFC3339)
|
||||
caState.UpdatedAt = time.Now().UTC().Format(time.RFC3339)
|
||||
f, err := os.Create(caStatePath())
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -63,11 +63,11 @@ func SaveCAState() error {
|
||||
defer f.Close()
|
||||
enc := json.NewEncoder(f)
|
||||
enc.SetIndent("", " ")
|
||||
return enc.Encode(CAState)
|
||||
return enc.Encode(caState)
|
||||
}
|
||||
|
||||
// UpdateCAStateAfterIssue updates the CA state JSON after issuing a certificate
|
||||
func (s *_CAState) UpdateCAStateAfterIssue(serialType, basename string, serialNumber any, validity time.Duration) error {
|
||||
func (s *CAState) UpdateCAStateAfterIssue(serialType, basename string, serialNumber any, validity time.Duration) error {
|
||||
if s == nil {
|
||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in UpdateCAStateAfterIssue. This indicates a programming error.\n")
|
||||
os.Exit(1)
|
||||
@@ -77,8 +77,8 @@ func (s *_CAState) UpdateCAStateAfterIssue(serialType, basename string, serialNu
|
||||
serialStr := ""
|
||||
switch serialType {
|
||||
case "sequential":
|
||||
serialStr = fmt.Sprintf("%d", CAState.Serial)
|
||||
CAState.Serial++
|
||||
serialStr = fmt.Sprintf("%d", caState.Serial)
|
||||
caState.Serial++
|
||||
case "random":
|
||||
serialStr = fmt.Sprintf("%x", serialNumber)
|
||||
default:
|
||||
@@ -88,7 +88,7 @@ func (s *_CAState) UpdateCAStateAfterIssue(serialType, basename string, serialNu
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *_CAState) AddCertificate(name, issued, expires, serial string) {
|
||||
func (s *CAState) AddCertificate(name, issued, expires, serial string) {
|
||||
if s == nil {
|
||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in AddCertificate. This indicates a programming error.\n")
|
||||
os.Exit(1)
|
||||
@@ -103,7 +103,7 @@ func (s *_CAState) AddCertificate(name, issued, expires, serial string) {
|
||||
}
|
||||
|
||||
// RevokeCertificate revokes a certificate by serial number and reason code, updates state, and saves to disk
|
||||
func (s *_CAState) RevokeCertificate(serial string, reason int) error {
|
||||
func (s *CAState) RevokeCertificate(serial string, reason int) error {
|
||||
if s == nil {
|
||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in RevokeCertificate. This indicates a programming error.\n")
|
||||
os.Exit(1)
|
||||
@@ -129,11 +129,11 @@ func (s *_CAState) RevokeCertificate(serial string, reason int) error {
|
||||
|
||||
// GenerateCRL generates a CRL file from revoked certificates and writes it to the given path
|
||||
// validityDays defines the number of days for which the CRL is valid (NextUpdate - ThisUpdate)
|
||||
func (s *_CAState) GenerateCRL(crlPath string, validityDays int) error {
|
||||
func (s *CAState) GenerateCRL(crlPath string, validityDays int) error {
|
||||
if s == nil {
|
||||
return fmt.Errorf("CAState is nil in GenerateCRL")
|
||||
}
|
||||
if CACert == nil || CAKey == nil {
|
||||
if caCert == nil || caKey == nil {
|
||||
return fmt.Errorf("CA certificate or key not loaded")
|
||||
}
|
||||
var revokedCerts []pkix.RevokedCertificate
|
||||
@@ -162,14 +162,14 @@ func (s *_CAState) GenerateCRL(crlPath string, validityDays int) error {
|
||||
now := time.Now().UTC()
|
||||
nextUpdate := now.Add(time.Duration(validityDays) * 24 * time.Hour) // validityDays * 24 * 60 * 60 * 1000 milliseconds
|
||||
template := &x509.RevocationList{
|
||||
SignatureAlgorithm: CACert.SignatureAlgorithm,
|
||||
SignatureAlgorithm: caCert.SignatureAlgorithm,
|
||||
RevokedCertificates: revokedCerts,
|
||||
Number: big.NewInt(int64(s.CRLNumber + 1)),
|
||||
ThisUpdate: now,
|
||||
NextUpdate: nextUpdate,
|
||||
Issuer: CACert.Subject,
|
||||
Issuer: caCert.Subject,
|
||||
}
|
||||
crlBytes, err := x509.CreateRevocationList(nil, template, CACert, CAKey)
|
||||
crlBytes, err := x509.CreateRevocationList(nil, template, caCert, caKey)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create CRL: %v", err)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user