package main
import (
"crypto/x509/pkix"
"math/big"
easypkiCertificate "git.sequentialread.com/forest/easypki.git/pkg/certificate"
"git.sequentialread.com/forest/easypki.git/pkg/easypki"
errors "git.sequentialread.com/forest/pkg-errors"
)
type GreenhouseEasyPKIStore struct {
DB * DBModel
}
func NewGreenhouseEasyPKI ( db * DBModel ) * easypki . EasyPKI {
return & easypki . EasyPKI {
Store : & GreenhouseEasyPKIStore { DB : db } ,
}
}
func ( store * GreenhouseEasyPKIStore ) Add ( caName , name string , isCa bool , key , cert [ ] byte ) error {
err := store . DB . PutKeyPair ( caName , name , key , cert )
if err != nil {
return err
}
if isCa && name != caName {
return store . DB . PutKeyPair ( caName , name , key , cert )
}
return nil
}
func ( store * GreenhouseEasyPKIStore ) Fetch ( caName , name string ) ( [ ] byte , [ ] byte , error ) {
key , cert , err := store . DB . GetServerKeyPair ( caName , name )
if key == nil || cert == nil {
return nil , nil , errors . New ( "does not exist" )
}
return key , cert , err
}
func ( store * GreenhouseEasyPKIStore ) Update (
caName string ,
serialNumber * big . Int ,
state easypkiCertificate . State ,
) error {
panic ( "not implemented" )
// if state != certificate.Revoked {
// return fmt.Errorf("unsupported update for certificate state %+v", st)
// }
// store.DB.AddPKIRevocation(caName, serialNumber.Int64())
}
func ( store * GreenhouseEasyPKIStore ) Revoked ( caName string ) ( [ ] pkix . RevokedCertificate , error ) {
panic ( "not implemented" )
// var revokedCerts []pkix.RevokedCertificate
// revoked, err := store.DB.GetPKIRevocations(caName)
// if err != nil {
// return nil, err
// }
// for serialNumber, revokedAt := range revoked {
// revokedCerts = append(revokedCerts, pkix.RevokedCertificate{
// SerialNumber: big.NewInt(serialNumber),
// RevocationTime: revokedAt,
// })
// }
// return revokedCerts, nil
}
