certificates/acme/common.go

111 lines
3.3 KiB
Go
Raw Normal View History

2019-05-27 00:41:10 +00:00
package acme
import (
"context"
2019-05-27 00:41:10 +00:00
"crypto/x509"
"time"
2021-07-02 20:51:15 +00:00
"github.com/smallstep/certificates/authority"
2019-05-27 00:41:10 +00:00
"github.com/smallstep/certificates/authority/provisioner"
)
2021-03-05 07:10:46 +00:00
// CertificateAuthority is the interface implemented by a CA authority.
type CertificateAuthority interface {
Sign(cr *x509.CertificateRequest, opts provisioner.SignOptions, signOpts ...provisioner.SignOption) ([]*x509.Certificate, error)
AreSANsAllowed(ctx context.Context, sans []string) error
2021-11-26 16:27:42 +00:00
IsRevoked(sn string) (bool, error)
2021-07-02 20:51:15 +00:00
Revoke(context.Context, *authority.RevokeOptions) error
LoadProvisionerByName(string) (provisioner.Interface, error)
2021-03-05 07:10:46 +00:00
}
// Clock that returns time in UTC rounded to seconds.
2021-03-29 19:04:14 +00:00
type Clock struct{}
2021-03-05 07:10:46 +00:00
// Now returns the UTC time rounded to seconds.
func (c *Clock) Now() time.Time {
return time.Now().UTC().Truncate(time.Second)
2021-03-05 07:10:46 +00:00
}
2021-03-29 19:04:14 +00:00
var clock Clock
2021-03-05 07:10:46 +00:00
// Provisioner is an interface that implements a subset of the provisioner.Interface --
// only those methods required by the ACME api/authority.
type Provisioner interface {
AuthorizeOrderIdentifier(ctx context.Context, identifier provisioner.ACMEIdentifier) error
AuthorizeSign(ctx context.Context, token string) ([]provisioner.SignOption, error)
2021-07-09 22:28:31 +00:00
AuthorizeRevoke(ctx context.Context, token string) error
2021-02-28 01:05:37 +00:00
GetID() string
GetName() string
DefaultTLSCertDuration() time.Duration
GetOptions() *provisioner.Options
}
// MockProvisioner for testing
type MockProvisioner struct {
Mret1 interface{}
Merr error
MgetID func() string
MgetName func() string
MauthorizeOrderIdentifier func(ctx context.Context, identifier provisioner.ACMEIdentifier) error
MauthorizeSign func(ctx context.Context, ott string) ([]provisioner.SignOption, error)
MauthorizeRevoke func(ctx context.Context, token string) error
MdefaultTLSCertDuration func() time.Duration
MgetOptions func() *provisioner.Options
}
// GetName mock
func (m *MockProvisioner) GetName() string {
if m.MgetName != nil {
return m.MgetName()
}
return m.Mret1.(string)
}
// AuthorizeOrderIdentifiers mock
func (m *MockProvisioner) AuthorizeOrderIdentifier(ctx context.Context, identifier provisioner.ACMEIdentifier) error {
if m.MauthorizeOrderIdentifier != nil {
return m.MauthorizeOrderIdentifier(ctx, identifier)
}
return m.Merr
}
// AuthorizeSign mock
func (m *MockProvisioner) AuthorizeSign(ctx context.Context, ott string) ([]provisioner.SignOption, error) {
if m.MauthorizeSign != nil {
return m.MauthorizeSign(ctx, ott)
}
return m.Mret1.([]provisioner.SignOption), m.Merr
}
2021-07-09 22:28:31 +00:00
// AuthorizeRevoke mock
func (m *MockProvisioner) AuthorizeRevoke(ctx context.Context, token string) error {
if m.MauthorizeRevoke != nil {
return m.MauthorizeRevoke(ctx, token)
}
return m.Merr
}
// DefaultTLSCertDuration mock
func (m *MockProvisioner) DefaultTLSCertDuration() time.Duration {
if m.MdefaultTLSCertDuration != nil {
return m.MdefaultTLSCertDuration()
}
return m.Mret1.(time.Duration)
}
2021-02-28 01:05:37 +00:00
// GetOptions mock
func (m *MockProvisioner) GetOptions() *provisioner.Options {
2020-07-21 02:01:43 +00:00
if m.MgetOptions != nil {
return m.MgetOptions()
}
return m.Mret1.(*provisioner.Options)
2020-07-21 02:01:43 +00:00
}
2021-02-28 01:05:37 +00:00
// GetID mock
func (m *MockProvisioner) GetID() string {
if m.MgetID != nil {
return m.MgetID()
}
return m.Mret1.(string)
}