From 64744562c69c465779ddc1f038844ecc49285ab8 Mon Sep 17 00:00:00 2001 From: Mariano Cano Date: Wed, 3 Aug 2022 18:44:25 -0700 Subject: [PATCH] Send RA provisioner to linkedca. --- authority/linkedca.go | 21 +++++++++++++++++++++ cas/apiv1/requests.go | 1 + go.mod | 2 +- go.sum | 4 ++-- 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/authority/linkedca.go b/authority/linkedca.go index 0b98f877..0380cbaf 100644 --- a/authority/linkedca.go +++ b/authority/linkedca.go @@ -277,6 +277,7 @@ func (c *linkedCaClient) StoreCertificateChain(p provisioner.Interface, fullchai PemCertificate: serializeCertificateChain(fullchain[0]), PemCertificateChain: serializeCertificateChain(fullchain[1:]...), Provisioner: createProvisionerIdentity(p), + RaProvisioner: createRegistrationAuthorityProvisioner(p), }) return errors.Wrap(err, "error posting certificate") } @@ -392,6 +393,26 @@ func createProvisionerIdentity(p provisioner.Interface) *linkedca.ProvisionerIde } } +type raProvisioner interface { + RAInfo() *provisioner.RAInfo +} + +func createRegistrationAuthorityProvisioner(p provisioner.Interface) *linkedca.RegistrationAuthorityProvisioner { + if rap, ok := p.(raProvisioner); ok { + info := rap.RAInfo() + typ := linkedca.Provisioner_Type_value[strings.ToUpper(info.ProvisionerType)] + return &linkedca.RegistrationAuthorityProvisioner{ + AuthorityId: info.AuthorityID, + Provisioner: &linkedca.ProvisionerIdentity{ + Id: info.ProvisionerID, + Type: linkedca.Provisioner_Type(typ), + Name: info.ProvisionerName, + }, + } + } + return nil +} + func serializeCertificate(crt *x509.Certificate) string { if crt == nil { return "" diff --git a/cas/apiv1/requests.go b/cas/apiv1/requests.go index 2d1b0784..2fa3c4ef 100644 --- a/cas/apiv1/requests.go +++ b/cas/apiv1/requests.go @@ -65,6 +65,7 @@ type CreateCertificateRequest struct { type ProvisionerInfo struct { ProvisionerID string ProvisionerType string + ProvisionerName string } // CreateCertificateResponse is the response to a create certificate request. diff --git a/go.mod b/go.mod index 546ec53d..5ad8d4a4 100644 --- a/go.mod +++ b/go.mod @@ -48,7 +48,7 @@ require ( go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 go.step.sm/cli-utils v0.7.0 go.step.sm/crypto v0.16.2 - go.step.sm/linkedca v0.16.1 + go.step.sm/linkedca v0.16.2-0.20220803232448-166e79f0864b golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 golang.org/x/net v0.0.0-20220403103023-749bd193bc2b golang.org/x/sys v0.0.0-20220405052023-b1e9470b6e64 // indirect diff --git a/go.sum b/go.sum index 32a27e27..6d065e28 100644 --- a/go.sum +++ b/go.sum @@ -816,8 +816,8 @@ go.step.sm/cli-utils v0.7.0/go.mod h1:Ur6bqA/yl636kCUJbp30J7Unv5JJ226eW2KqXPDwF/ go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0= go.step.sm/crypto v0.16.2 h1:Pr9aazTwWBBZNogUsOqhOrPSdwAa9pPs+lMB602lnDA= go.step.sm/crypto v0.16.2/go.mod h1:1WkTOTY+fOX/RY4TnZREp6trQAsBHRQ7nu6QJBiNQF8= -go.step.sm/linkedca v0.16.1 h1:CdbMV5SjnlRsgeYTXaaZmQCkYIgJq8BOzpewri57M2k= -go.step.sm/linkedca v0.16.1/go.mod h1:W59ucS4vFpuR0g4PtkGbbtXAwxbDEnNCg+ovkej1ANM= +go.step.sm/linkedca v0.16.2-0.20220803232448-166e79f0864b h1:Au+36ljo23YpEiIZk9lcum1GCF80XKrUz+7pYcHi07s= +go.step.sm/linkedca v0.16.2-0.20220803232448-166e79f0864b/go.mod h1:W59ucS4vFpuR0g4PtkGbbtXAwxbDEnNCg+ovkej1ANM= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=