certificates/cas/softcas/softcas.go

package softcas

import (
	"context"
	"crypto/x509"
	"fmt"

	"github.com/smallstep/certificates/cas/apiv1"
	"go.step.sm/crypto/x509util"
)

func init() {
	apiv1.Register(apiv1.SoftCAS, func(ctx context.Context, opts apiv1.Options) (apiv1.CertificateAuthorityService, error) {
		return New(ctx, opts)
	})
}

// SoftCAS implements a Certificate Authority Service using Golang crypto.
// This is the default CAS used in step-ca.
type SoftCAS struct{}

// New creates a new CertificateAuthorityService implementation using Golang
// crypto.
func New(ctx context.Context, opts apiv1.Options) (*SoftCAS, error) {
	return &SoftCAS{}, nil
}

// CreateCertificate signs a new certificate using Golang crypto.
func (c *SoftCAS) CreateCertificate(req *apiv1.CreateCertificateRequest) (*apiv1.CreateCertificateResponse, error) {
	cert, err := x509util.CreateCertificate(req.Template, req.Issuer, req.Template.PublicKey, req.Signer)
	if err != nil {
		return nil, err
	}

	return &apiv1.CreateCertificateResponse{
		Certificate: cert,
		CertificateChain: []*x509.Certificate{
			req.Issuer,
		},
	}, nil
}

func (c *SoftCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {
	return nil, fmt.Errorf("not implemented")
}

// RevokeCertificate revokes the given certificate in step-ca.
func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error) {
	return nil, fmt.Errorf("not implemented")
}
Early attempt to develop a CAS interface. 2020-09-09 02:26:32 +00:00			`package softcas`

			`import (`
			`"context"`
			`"crypto/x509"`
			`"fmt"`

			`"github.com/smallstep/certificates/cas/apiv1"`
			`"go.step.sm/crypto/x509util"`
			`)`

			`func init() {`
			`apiv1.Register(apiv1.SoftCAS, func(ctx context.Context, opts apiv1.Options) (apiv1.CertificateAuthorityService, error) {`
			`return New(ctx, opts)`
			`})`
			`}`

			`// SoftCAS implements a Certificate Authority Service using Golang crypto.`
			`// This is the default CAS used in step-ca.`
			`type SoftCAS struct{}`

			`// New creates a new CertificateAuthorityService implementation using Golang`
			`// crypto.`
			`func New(ctx context.Context, opts apiv1.Options) (*SoftCAS, error) {`
			`return &SoftCAS{}, nil`
			`}`

			`// CreateCertificate signs a new certificate using Golang crypto.`
			`func (c SoftCAS) CreateCertificate(req apiv1.CreateCertificateRequest) (*apiv1.CreateCertificateResponse, error) {`
			`cert, err := x509util.CreateCertificate(req.Template, req.Issuer, req.Template.PublicKey, req.Signer)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return &apiv1.CreateCertificateResponse{`
			`Certificate: cert,`
			`CertificateChain: []*x509.Certificate{`
			`req.Issuer,`
			`},`
			`}, nil`
			`}`

			`func (c SoftCAS) RenewCertificate(req apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {`
			`return nil, fmt.Errorf("not implemented")`
			`}`

			`// RevokeCertificate revokes the given certificate in step-ca.`
			`func (c SoftCAS) RevokeCertificate(req apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error) {`
			`return nil, fmt.Errorf("not implemented")`
			`}`