From c8b38c0e13245b400d5f2a4c4d79726d90679ee0 Mon Sep 17 00:00:00 2001 From: Raal Goff Date: Wed, 6 Apr 2022 10:50:09 +0800 Subject: [PATCH] implemented requested changes --- cas/softcas/softcas.go | 6 +++++- db/db.go | 10 +--------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/cas/softcas/softcas.go b/cas/softcas/softcas.go index bec1d81e..0b2270bb 100644 --- a/cas/softcas/softcas.go +++ b/cas/softcas/softcas.go @@ -133,7 +133,11 @@ func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1 // CreateCRL will create a new CRL based on the RevocationList passed to it func (c *SoftCAS) CreateCRL(req *apiv1.CreateCRLRequest) (*apiv1.CreateCRLResponse, error) { - revocationListBytes, err := x509.CreateRevocationList(rand.Reader, req.RevocationList, c.CertificateChain[0], c.Signer) + certChain, signer, err := c.getCertSigner() + if err != nil { + return nil, err + } + revocationListBytes, err := x509.CreateRevocationList(rand.Reader, req.RevocationList, certChain[0], signer) if err != nil { return nil, err } diff --git a/db/db.go b/db/db.go index 5b7bfc21..ccaf4056 100644 --- a/db/db.go +++ b/db/db.go @@ -127,14 +127,6 @@ type CertificateRevocationListInfo struct { DER []byte } -// CertificateRevocationListInfo contains a CRL in DER format and associated -// metadata to allow a decision on whether to regenerate the CRL or not easier -type CertificateRevocationListInfo struct { - Number int64 - ExpiresAt time.Time - DER []byte -} - // IsRevoked returns whether or not a certificate with the given identifier // has been revoked. // In the case of an X509 Certificate the `id` should be the Serial Number of @@ -224,7 +216,7 @@ func (db *DB) GetRevokedCertificates() (*[]RevokedCertificateInfo, error) { return nil, err } var revokedCerts []RevokedCertificateInfo - now := time.Now().UTC() + now := time.Now().Truncate(time.Second) for _, e := range entries { var data RevokedCertificateInfo