Refactor SCEP authority initialization and clean some code
parent
48c86716a0
commit
339039768c
@ -1,17 +1,16 @@
|
||||
package scep
|
||||
|
||||
import (
|
||||
"crypto/rsa"
|
||||
"crypto/x509"
|
||||
"time"
|
||||
|
||||
"github.com/smallstep/certificates/authority/provisioner"
|
||||
)
|
||||
|
||||
// Provisioner is an interface that implements a subset of the provisioner.Interface --
|
||||
// only those methods required by the SCEP api/authority.
|
||||
type Provisioner interface {
|
||||
// AuthorizeSign(ctx context.Context, token string) ([]provisioner.SignOption, error)
|
||||
// GetName() string
|
||||
// DefaultTLSCertDuration() time.Duration
|
||||
// GetOptions() *provisioner.Options
|
||||
GetCACertificates() []*x509.Certificate
|
||||
GetSigningKey() *rsa.PrivateKey
|
||||
GetName() string
|
||||
DefaultTLSCertDuration() time.Duration
|
||||
GetOptions() *provisioner.Options
|
||||
}
|
||||
|
@ -1,38 +0,0 @@
|
||||
package scep
|
||||
|
||||
import (
|
||||
database "github.com/smallstep/certificates/db"
|
||||
)
|
||||
|
||||
const (
|
||||
opnGetCACert = "GetCACert"
|
||||
opnGetCACaps = "GetCACaps"
|
||||
opnPKIOperation = "PKIOperation"
|
||||
)
|
||||
|
||||
// New returns a new Authority that implements the SCEP interface.
|
||||
func New(signAuth SignAuthority, ops AuthorityOptions) (*Authority, error) {
|
||||
if _, ok := ops.DB.(*database.SimpleDB); !ok {
|
||||
// TODO: see ACME implementation
|
||||
}
|
||||
return &Authority{
|
||||
//certificates: ops.Certificates,
|
||||
backdate: ops.Backdate,
|
||||
db: ops.DB,
|
||||
signAuth: signAuth,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// SCEPRequest is a SCEP server request.
|
||||
type SCEPRequest struct {
|
||||
Operation string
|
||||
Message []byte
|
||||
}
|
||||
|
||||
// SCEPResponse is a SCEP server response.
|
||||
type SCEPResponse struct {
|
||||
Operation string
|
||||
CACertNum int
|
||||
Data []byte
|
||||
Err error
|
||||
}
|
Loading…
Reference in New Issue