implemented requested changes

2 years ago · c8b38c0e13
parent 773741eda8
commit c8b38c0e13
2 changed files with 6 additions and 10 deletions
--- a/cas/softcas/softcas.go
+++ b/cas/softcas/softcas.go
@ -133,7 +133,11 @@ func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1
 // CreateCRL will create a new CRL based on the RevocationList passed to it
 func (c *SoftCAS) CreateCRL(req *apiv1.CreateCRLRequest) (*apiv1.CreateCRLResponse, error) {

-	revocationListBytes, err := x509.CreateRevocationList(rand.Reader, req.RevocationList, c.CertificateChain[0], c.Signer)
+	certChain, signer, err := c.getCertSigner()
+	if err != nil {
+		return nil, err
+	}
+	revocationListBytes, err := x509.CreateRevocationList(rand.Reader, req.RevocationList, certChain[0], signer)
 	if err != nil {
 		return nil, err
 	}
--- a/db/db.go
+++ b/db/db.go
@ -127,14 +127,6 @@ type CertificateRevocationListInfo struct {
 	DER       []byte
 }

-// CertificateRevocationListInfo contains a CRL in DER format and associated
-// metadata to allow a decision on whether to regenerate the CRL or not easier
-type CertificateRevocationListInfo struct {
-	Number    int64
-	ExpiresAt time.Time
-	DER       []byte
-}
-
 // IsRevoked returns whether or not a certificate with the given identifier
 // has been revoked.
 // In the case of an X509 Certificate the `id` should be the Serial Number of
@ -224,7 +216,7 @@ func (db *DB) GetRevokedCertificates() (*[]RevokedCertificateInfo, error) {
 		return nil, err
 	}
 	var revokedCerts []RevokedCertificateInfo
-	now := time.Now().UTC()
+	now := time.Now().Truncate(time.Second)

 	for _, e := range entries {
 		var data RevokedCertificateInfo