Add key name to CreateCertificateAuthority
This commit is contained in:
parent
08c9902f29
commit
52a18e0c2d
3 changed files with 23 additions and 1 deletions
|
@ -108,6 +108,9 @@ type GetCertificateAuthorityResponse struct {
|
|||
RootCertificate *x509.Certificate
|
||||
}
|
||||
|
||||
// CreateKeyRequest is the request used to generate a new key using a KMS.
|
||||
type CreateKeyRequest = apiv1.CreateKeyRequest
|
||||
|
||||
// CreateCertificateAuthorityRequest is the request used to generate a root or
|
||||
// intermediate certificate.
|
||||
type CreateCertificateAuthorityRequest struct {
|
||||
|
@ -126,7 +129,7 @@ type CreateCertificateAuthorityRequest struct {
|
|||
// CreateKey defines the KMS CreateKeyRequest to use when creating a new
|
||||
// CertificateAuthority. If CreateKey is nil, a default algorithm will be
|
||||
// used.
|
||||
CreateKey *apiv1.CreateKeyRequest
|
||||
CreateKey *CreateKeyRequest
|
||||
}
|
||||
|
||||
// CreateCertificateAuthorityResponse is the response for
|
||||
|
@ -136,6 +139,7 @@ type CreateCertificateAuthorityResponse struct {
|
|||
Name string
|
||||
Certificate *x509.Certificate
|
||||
CertificateChain []*x509.Certificate
|
||||
KeyName string
|
||||
PublicKey crypto.PublicKey
|
||||
PrivateKey crypto.PrivateKey
|
||||
Signer crypto.Signer
|
||||
|
|
|
@ -174,6 +174,7 @@ func (c *SoftCAS) CreateCertificateAuthority(req *apiv1.CreateCertificateAuthori
|
|||
Name: cert.Subject.CommonName,
|
||||
Certificate: cert,
|
||||
CertificateChain: chain,
|
||||
KeyName: key.Name,
|
||||
PublicKey: key.PublicKey,
|
||||
PrivateKey: key.PrivateKey,
|
||||
Signer: signer,
|
||||
|
|
|
@ -106,6 +106,7 @@ func (m *mockKeyManager) CreateKey(req *kmsapi.CreateKeyRequest) (*kmsapi.Create
|
|||
signer = m.signer
|
||||
}
|
||||
return &kmsapi.CreateKeyResponse{
|
||||
Name: req.Name,
|
||||
PrivateKey: signer,
|
||||
PublicKey: signer.Public(),
|
||||
}, m.errCreateKey
|
||||
|
@ -516,6 +517,22 @@ func TestSoftCAS_CreateCertificateAuthority(t *testing.T) {
|
|||
PrivateKey: saSigner,
|
||||
Signer: saSigner,
|
||||
}, false},
|
||||
{"ok createKey", fields{nil, nil, &mockKeyManager{}}, args{&apiv1.CreateCertificateAuthorityRequest{
|
||||
Type: apiv1.RootCA,
|
||||
Template: testRootTemplate,
|
||||
Lifetime: 24 * time.Hour,
|
||||
CreateKey: &kmsapi.CreateKeyRequest{
|
||||
Name: "root_ca.crt",
|
||||
SignatureAlgorithm: kmsapi.ECDSAWithSHA256,
|
||||
},
|
||||
}}, &apiv1.CreateCertificateAuthorityResponse{
|
||||
Name: "Test Root CA",
|
||||
Certificate: testSignedRootTemplate,
|
||||
PublicKey: testSignedRootTemplate.PublicKey,
|
||||
KeyName: "root_ca.crt",
|
||||
PrivateKey: testSigner,
|
||||
Signer: testSigner,
|
||||
}, false},
|
||||
{"fail template", fields{nil, nil, &mockKeyManager{}}, args{&apiv1.CreateCertificateAuthorityRequest{
|
||||
Type: apiv1.RootCA,
|
||||
Lifetime: 24 * time.Hour,
|
||||
|
|
Loading…
Reference in a new issue