Refactor SCEP authority initialization and clean some code
parent
48c86716a0
commit
339039768c
@ -1,17 +1,16 @@
|
|||||||
package scep
|
package scep
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rsa"
|
"time"
|
||||||
"crypto/x509"
|
|
||||||
|
"github.com/smallstep/certificates/authority/provisioner"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Provisioner is an interface that implements a subset of the provisioner.Interface --
|
// Provisioner is an interface that implements a subset of the provisioner.Interface --
|
||||||
// only those methods required by the SCEP api/authority.
|
// only those methods required by the SCEP api/authority.
|
||||||
type Provisioner interface {
|
type Provisioner interface {
|
||||||
// AuthorizeSign(ctx context.Context, token string) ([]provisioner.SignOption, error)
|
// AuthorizeSign(ctx context.Context, token string) ([]provisioner.SignOption, error)
|
||||||
// GetName() string
|
GetName() string
|
||||||
// DefaultTLSCertDuration() time.Duration
|
DefaultTLSCertDuration() time.Duration
|
||||||
// GetOptions() *provisioner.Options
|
GetOptions() *provisioner.Options
|
||||||
GetCACertificates() []*x509.Certificate
|
|
||||||
GetSigningKey() *rsa.PrivateKey
|
|
||||||
}
|
}
|
||||||
|
@ -1,38 +0,0 @@
|
|||||||
package scep
|
|
||||||
|
|
||||||
import (
|
|
||||||
database "github.com/smallstep/certificates/db"
|
|
||||||
)
|
|
||||||
|
|
||||||
const (
|
|
||||||
opnGetCACert = "GetCACert"
|
|
||||||
opnGetCACaps = "GetCACaps"
|
|
||||||
opnPKIOperation = "PKIOperation"
|
|
||||||
)
|
|
||||||
|
|
||||||
// New returns a new Authority that implements the SCEP interface.
|
|
||||||
func New(signAuth SignAuthority, ops AuthorityOptions) (*Authority, error) {
|
|
||||||
if _, ok := ops.DB.(*database.SimpleDB); !ok {
|
|
||||||
// TODO: see ACME implementation
|
|
||||||
}
|
|
||||||
return &Authority{
|
|
||||||
//certificates: ops.Certificates,
|
|
||||||
backdate: ops.Backdate,
|
|
||||||
db: ops.DB,
|
|
||||||
signAuth: signAuth,
|
|
||||||
}, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// SCEPRequest is a SCEP server request.
|
|
||||||
type SCEPRequest struct {
|
|
||||||
Operation string
|
|
||||||
Message []byte
|
|
||||||
}
|
|
||||||
|
|
||||||
// SCEPResponse is a SCEP server response.
|
|
||||||
type SCEPResponse struct {
|
|
||||||
Operation string
|
|
||||||
CACertNum int
|
|
||||||
Data []byte
|
|
||||||
Err error
|
|
||||||
}
|
|
Loading…
Reference in New Issue