Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add key name to CreateCertificateAuthority

Browse Source
pull/717/head
Mariano Cano 3 years ago
parent 08c9902f29
commit 52a18e0c2d
3 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File

6
cas/apiv1/requests.go
Unescape Escape View File

@ -108,6 +108,9 @@ type GetCertificateAuthorityResponse struct {
RootCertificate *x509.Certificate RootCertificate *x509.Certificate
} }
// CreateKeyRequest is the request used to generate a new key using a KMS.
type CreateKeyRequest = apiv1.CreateKeyRequest
// CreateCertificateAuthorityRequest is the request used to generate a root or // CreateCertificateAuthorityRequest is the request used to generate a root or
// intermediate certificate. // intermediate certificate.
type CreateCertificateAuthorityRequest struct { type CreateCertificateAuthorityRequest struct {
@ -126,7 +129,7 @@ type CreateCertificateAuthorityRequest struct {
// CreateKey defines the KMS CreateKeyRequest to use when creating a new // CreateKey defines the KMS CreateKeyRequest to use when creating a new
// CertificateAuthority. If CreateKey is nil, a default algorithm will be // CertificateAuthority. If CreateKey is nil, a default algorithm will be
// used. // used.
CreateKey *apiv1.CreateKeyRequest CreateKey *CreateKeyRequest
} }
// CreateCertificateAuthorityResponse is the response for // CreateCertificateAuthorityResponse is the response for
@ -136,6 +139,7 @@ type CreateCertificateAuthorityResponse struct {
Name string Name string
Certificate *x509.Certificate Certificate *x509.Certificate
CertificateChain []*x509.Certificate CertificateChain []*x509.Certificate
KeyName string
PublicKey crypto.PublicKey PublicKey crypto.PublicKey
PrivateKey crypto.PrivateKey PrivateKey crypto.PrivateKey
Signer crypto.Signer Signer crypto.Signer

1
cas/softcas/softcas.go
Unescape Escape View File

@ -174,6 +174,7 @@ func (c *SoftCAS) CreateCertificateAuthority(req *apiv1.CreateCertificateAuthori
Name: cert.Subject.CommonName, Name: cert.Subject.CommonName,
Certificate: cert, Certificate: cert,
CertificateChain: chain, CertificateChain: chain,
KeyName: key.Name,
PublicKey: key.PublicKey, PublicKey: key.PublicKey,
PrivateKey: key.PrivateKey, PrivateKey: key.PrivateKey,
Signer: signer, Signer: signer,

17
cas/softcas/softcas_test.go
Unescape Escape View File

@ -106,6 +106,7 @@ func (m *mockKeyManager) CreateKey(req *kmsapi.CreateKeyRequest) (*kmsapi.Create
signer = m.signer signer = m.signer
} }
return &kmsapi.CreateKeyResponse{ return &kmsapi.CreateKeyResponse{
Name: req.Name,
PrivateKey: signer, PrivateKey: signer,
PublicKey: signer.Public(), PublicKey: signer.Public(),
}, m.errCreateKey }, m.errCreateKey
@ -516,6 +517,22 @@ func TestSoftCAS_CreateCertificateAuthority(t *testing.T) {
PrivateKey: saSigner, PrivateKey: saSigner,
Signer: saSigner, Signer: saSigner,
}, false}, }, false},
{"ok createKey", fields{nil, nil, &mockKeyManager{}}, args{&apiv1.CreateCertificateAuthorityRequest{
Type: apiv1.RootCA,
Template: testRootTemplate,
Lifetime: 24 * time.Hour,
CreateKey: &kmsapi.CreateKeyRequest{
Name: "root_ca.crt",
SignatureAlgorithm: kmsapi.ECDSAWithSHA256,
},
}}, &apiv1.CreateCertificateAuthorityResponse{
Name: "Test Root CA",
Certificate: testSignedRootTemplate,
PublicKey: testSignedRootTemplate.PublicKey,
KeyName: "root_ca.crt",
PrivateKey: testSigner,
Signer: testSigner,
}, false},
{"fail template", fields{nil, nil, &mockKeyManager{}}, args{&apiv1.CreateCertificateAuthorityRequest{ {"fail template", fields{nil, nil, &mockKeyManager{}}, args{&apiv1.CreateCertificateAuthorityRequest{
Type: apiv1.RootCA, Type: apiv1.RootCA,
Lifetime: 24 * time.Hour, Lifetime: 24 * time.Hour,

Write Preview
Loading…
Cancel
Save