Add gRPC server to SA (#2374)
Adds a gRPC server to the SA and SA gRPC Clients to the WFE, RA, CA, Publisher, OCSP updater, orphan finder, admin revoker, and expiration mailer. Also adds a CA gRPC client to the OCSP Updater which was missed in #2193. Fixes #2347.
This commit is contained in:
Roland Bracewell Shoemaker
Jacob Hoffman-Andrews
parent
a406549a62
commit
03fdd65bfe
|
|
@ -23,6 +23,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/revocation"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
"github.com/letsencrypt/boulder/sa"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const clientName = "AdminRevoker"
|
||||
|
|
@ -52,6 +53,7 @@ type config struct {
|
|||
AMQP *cmd.AMQPConfig
|
||||
|
||||
RAService *cmd.GRPCClientConfig
|
||||
SAService *cmd.GRPCClientConfig
|
||||
}
|
||||
|
||||
Statsd cmd.StatsdConfig
|
||||
|
|
@ -59,7 +61,7 @@ type config struct {
|
|||
Syslog cmd.SyslogConfig
|
||||
}
|
||||
|
||||
func setupContext(c config) (core.RegistrationAuthority, blog.Logger, *gorp.DbMap, rpc.StorageAuthorityClient, metrics.Scope) {
|
||||
func setupContext(c config) (core.RegistrationAuthority, blog.Logger, *gorp.DbMap, core.StorageAuthority, metrics.Scope) {
|
||||
stats, logger := cmd.StatsAndLogging(c.Statsd, c.Syslog)
|
||||
scope := metrics.NewStatsdScope(stats, "AdminRevoker")
|
||||
|
||||
|
|
@ -81,10 +83,17 @@ func setupContext(c config) (core.RegistrationAuthority, blog.Logger, *gorp.DbMa
|
|||
cmd.FailOnError(err, "Couldn't setup database connection")
|
||||
go sa.ReportDbConnCount(dbMap, scope)
|
||||
|
||||
sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
var sac core.StorageAuthority
|
||||
if c.Revoker.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.Revoker.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.Revoker.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
}
|
||||
|
||||
return rac, logger, dbMap, *sac, scope
|
||||
return rac, logger, dbMap, sac, scope
|
||||
}
|
||||
|
||||
func revokeBySerial(ctx context.Context, serial string, reasonCode revocation.Reason, rac core.RegistrationAuthority, logger blog.Logger, tx *gorp.Transaction) (err error) {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/metrics"
|
||||
"github.com/letsencrypt/boulder/policy"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const clientName = "CA"
|
||||
|
|
@ -169,8 +170,14 @@ func main() {
|
|||
cai.PA = pa
|
||||
|
||||
amqpConf := c.CA.AMQP
|
||||
cai.SA, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
if c.CA.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.CA.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
cai.SA = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.CA.SAService.Timeout.Duration)
|
||||
} else {
|
||||
cai.SA, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
}
|
||||
|
||||
if amqpConf.Publisher != nil {
|
||||
cai.Publisher, err = rpc.NewPublisherClient(clientName, amqpConf, scope)
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/publisher"
|
||||
pubPB "github.com/letsencrypt/boulder/publisher/proto"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const clientName = "Publisher"
|
||||
|
|
@ -23,6 +24,7 @@ type config struct {
|
|||
cmd.ServiceConfig
|
||||
SubmissionTimeout cmd.ConfigDuration
|
||||
MaxConcurrentRPCServerRequests int64
|
||||
SAService *cmd.GRPCClientConfig
|
||||
}
|
||||
|
||||
Statsd cmd.StatsdConfig
|
||||
|
|
@ -72,8 +74,15 @@ func main() {
|
|||
}
|
||||
|
||||
amqpConf := c.Publisher.AMQP
|
||||
sa, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
var sac core.StorageAuthority
|
||||
if c.Publisher.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.Publisher.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.Publisher.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
}
|
||||
|
||||
pubi := publisher.New(
|
||||
bundle,
|
||||
|
|
@ -81,7 +90,7 @@ func main() {
|
|||
c.Publisher.SubmissionTimeout.Duration,
|
||||
logger,
|
||||
scope,
|
||||
sa)
|
||||
sac)
|
||||
|
||||
var grpcSrv *grpc.Server
|
||||
if c.Publisher.GRPC != nil {
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/ra"
|
||||
rapb "github.com/letsencrypt/boulder/ra/proto"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const clientName = "RA"
|
||||
|
|
@ -46,6 +47,7 @@ type config struct {
|
|||
// will be turned into 1.
|
||||
DNSTries int
|
||||
|
||||
SAService *cmd.GRPCClientConfig
|
||||
VAService *cmd.GRPCClientConfig
|
||||
CAService *cmd.GRPCClientConfig
|
||||
PublisherService *cmd.GRPCClientConfig
|
||||
|
|
@ -147,8 +149,15 @@ func main() {
|
|||
pubc = bgrpc.NewPublisherClientWrapper(pubPB.NewPublisherClient(conn), c.RA.PublisherService.Timeout.Duration)
|
||||
}
|
||||
|
||||
sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
var sac core.StorageAuthority
|
||||
if c.RA.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.RA.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.RA.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
}
|
||||
|
||||
// TODO(patf): remove once RA.authorizationLifetimeDays is deployed
|
||||
authorizationLifetime := 300 * 24 * time.Hour
|
||||
|
|
|
|||
|
|
@ -2,15 +2,19 @@ package main
|
|||
|
||||
import (
|
||||
"flag"
|
||||
"net"
|
||||
"os"
|
||||
|
||||
"github.com/jmhodges/clock"
|
||||
"google.golang.org/grpc"
|
||||
|
||||
"github.com/letsencrypt/boulder/cmd"
|
||||
"github.com/letsencrypt/boulder/features"
|
||||
bgrpc "github.com/letsencrypt/boulder/grpc"
|
||||
"github.com/letsencrypt/boulder/metrics"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
"github.com/letsencrypt/boulder/sa"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const clientName = "SA"
|
||||
|
|
@ -63,11 +67,29 @@ func main() {
|
|||
sai, err := sa.NewSQLStorageAuthority(dbMap, clock.Default(), logger)
|
||||
cmd.FailOnError(err, "Failed to create SA impl")
|
||||
|
||||
var grpcSrv *grpc.Server
|
||||
if c.SA.GRPC != nil {
|
||||
var listener net.Listener
|
||||
grpcSrv, listener, err = bgrpc.NewServer(c.SA.GRPC, scope)
|
||||
cmd.FailOnError(err, "Unable to setup SA gRPC server")
|
||||
gw := bgrpc.NewStorageAuthorityServer(sai)
|
||||
sapb.RegisterStorageAuthorityServer(grpcSrv, gw)
|
||||
go func() {
|
||||
err = grpcSrv.Serve(listener)
|
||||
cmd.FailOnError(err, "SA gRPC service failed")
|
||||
}()
|
||||
}
|
||||
|
||||
amqpConf := saConf.AMQP
|
||||
sas, err := rpc.NewAmqpRPCServer(amqpConf, c.SA.MaxConcurrentRPCServerRequests, scope, logger)
|
||||
cmd.FailOnError(err, "Unable to create SA RPC server")
|
||||
|
||||
go cmd.CatchSignals(logger, sas.Stop)
|
||||
go cmd.CatchSignals(logger, func() {
|
||||
sas.Stop()
|
||||
if grpcSrv != nil {
|
||||
grpcSrv.GracefulStop()
|
||||
}
|
||||
})
|
||||
|
||||
err = rpc.NewStorageAuthorityServer(sas, sai)
|
||||
cmd.FailOnError(err, "Unable to setup SA RPC server")
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/metrics"
|
||||
rapb "github.com/letsencrypt/boulder/ra/proto"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
"github.com/letsencrypt/boulder/wfe"
|
||||
)
|
||||
|
||||
|
|
@ -45,6 +46,7 @@ type config struct {
|
|||
AllowAuthzDeactivation bool
|
||||
|
||||
RAService *cmd.GRPCClientConfig
|
||||
SAService *cmd.GRPCClientConfig
|
||||
|
||||
Features map[string]bool
|
||||
}
|
||||
|
|
@ -61,7 +63,7 @@ type config struct {
|
|||
}
|
||||
}
|
||||
|
||||
func setupWFE(c config, logger blog.Logger, stats metrics.Scope) (core.RegistrationAuthority, *rpc.StorageAuthorityClient) {
|
||||
func setupWFE(c config, logger blog.Logger, stats metrics.Scope) (core.RegistrationAuthority, core.StorageAuthority) {
|
||||
amqpConf := c.WFE.AMQP
|
||||
var rac core.RegistrationAuthority
|
||||
if c.WFE.RAService != nil {
|
||||
|
|
@ -74,8 +76,16 @@ func setupWFE(c config, logger blog.Logger, stats metrics.Scope) (core.Registrat
|
|||
cmd.FailOnError(err, "Unable to create RA AMQP client")
|
||||
}
|
||||
|
||||
sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
var sac core.StorageAuthority
|
||||
if c.WFE.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.WFE.SAService, stats)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.WFE.SAService.Timeout.Duration)
|
||||
} else {
|
||||
var err error
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
}
|
||||
|
||||
return rac, sac
|
||||
}
|
||||
|
|
|
|||
|
|
@ -146,6 +146,8 @@ type CAConfig struct {
|
|||
// triggers issuance of certificates with Must Staple.
|
||||
EnableMustStaple bool
|
||||
|
||||
SAService *GRPCClientConfig
|
||||
|
||||
Features map[string]bool
|
||||
}
|
||||
|
||||
|
|
@ -236,6 +238,8 @@ type OCSPUpdaterConfig struct {
|
|||
SignFailureBackoffMax ConfigDuration
|
||||
|
||||
Publisher *GRPCClientConfig
|
||||
SAService *GRPCClientConfig
|
||||
CAService *GRPCClientConfig
|
||||
}
|
||||
|
||||
// GoogleSafeBrowsingConfig is the JSON config struct for the VA's use of the
|
||||
|
|
|
|||
|
|
@ -23,11 +23,13 @@ import (
|
|||
|
||||
"github.com/letsencrypt/boulder/cmd"
|
||||
"github.com/letsencrypt/boulder/core"
|
||||
bgrpc "github.com/letsencrypt/boulder/grpc"
|
||||
blog "github.com/letsencrypt/boulder/log"
|
||||
bmail "github.com/letsencrypt/boulder/mail"
|
||||
"github.com/letsencrypt/boulder/metrics"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
"github.com/letsencrypt/boulder/sa"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
const defaultNagCheckInterval = 24 * time.Hour
|
||||
|
|
@ -326,6 +328,8 @@ type config struct {
|
|||
NagCheckInterval string
|
||||
// Path to a text/template email template
|
||||
EmailTemplate string
|
||||
|
||||
SAService *cmd.GRPCClientConfig
|
||||
}
|
||||
|
||||
Statsd cmd.StatsdConfig
|
||||
|
|
@ -371,9 +375,15 @@ func main() {
|
|||
cmd.FailOnError(err, "Could not connect to database")
|
||||
go sa.ReportDbConnCount(dbMap, scope)
|
||||
|
||||
amqpConf := c.Mailer.AMQP
|
||||
sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
var sac core.StorageAuthority
|
||||
if c.Mailer.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.Mailer.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.Mailer.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, c.Mailer.AMQP, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
}
|
||||
|
||||
// Load email template
|
||||
emailTmpl, err := ioutil.ReadFile(c.Mailer.EmailTemplate)
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ import (
|
|||
"golang.org/x/net/context"
|
||||
|
||||
"github.com/letsencrypt/boulder/akamai"
|
||||
capb "github.com/letsencrypt/boulder/ca/proto"
|
||||
"github.com/letsencrypt/boulder/cmd"
|
||||
"github.com/letsencrypt/boulder/core"
|
||||
"github.com/letsencrypt/boulder/features"
|
||||
|
|
@ -25,6 +26,7 @@ import (
|
|||
pubPB "github.com/letsencrypt/boulder/publisher/proto"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
"github.com/letsencrypt/boulder/sa"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
/*
|
||||
|
|
@ -586,14 +588,32 @@ func setupClients(c cmd.OCSPUpdaterConfig, stats metrics.Scope) (
|
|||
core.StorageAuthority,
|
||||
) {
|
||||
amqpConf := c.AMQP
|
||||
cac, err := rpc.NewCertificateAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create CA client")
|
||||
|
||||
var cac core.CertificateAuthority
|
||||
if c.CAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.CAService, stats)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to CA")
|
||||
cac = bgrpc.NewCertificateAuthorityClient(capb.NewCertificateAuthorityClient(conn), c.CAService.Timeout.Duration)
|
||||
} else {
|
||||
var err error
|
||||
cac, err = rpc.NewCertificateAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create CA client")
|
||||
}
|
||||
|
||||
conn, err := bgrpc.ClientSetup(c.Publisher, stats)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create connection to service")
|
||||
pubc := bgrpc.NewPublisherClientWrapper(pubPB.NewPublisherClient(conn), c.Publisher.Timeout.Duration)
|
||||
sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
|
||||
var sac core.StorageAuthority
|
||||
if c.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(c.SAService, stats)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), c.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, stats)
|
||||
cmd.FailOnError(err, "Unable to create SA client")
|
||||
}
|
||||
|
||||
return cac, pubc, sac
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,9 +16,11 @@ import (
|
|||
|
||||
"github.com/letsencrypt/boulder/cmd"
|
||||
"github.com/letsencrypt/boulder/core"
|
||||
bgrpc "github.com/letsencrypt/boulder/grpc"
|
||||
blog "github.com/letsencrypt/boulder/log"
|
||||
"github.com/letsencrypt/boulder/metrics"
|
||||
"github.com/letsencrypt/boulder/rpc"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
)
|
||||
|
||||
var usageString = `
|
||||
|
|
@ -35,9 +37,10 @@ command descriptions:
|
|||
`
|
||||
|
||||
type config struct {
|
||||
AMQP cmd.AMQPConfig
|
||||
Statsd cmd.StatsdConfig
|
||||
Syslog cmd.SyslogConfig
|
||||
AMQP cmd.AMQPConfig
|
||||
Statsd cmd.StatsdConfig
|
||||
SAService *cmd.GRPCClientConfig
|
||||
Syslog cmd.SyslogConfig
|
||||
}
|
||||
|
||||
type certificateStorage interface {
|
||||
|
|
@ -110,7 +113,7 @@ func parseLogLine(sa certificateStorage, logger blog.Logger, line string) (found
|
|||
return true, true
|
||||
}
|
||||
|
||||
func setup(configFile string) (metrics.Scope, blog.Logger, *rpc.StorageAuthorityClient) {
|
||||
func setup(configFile string) (metrics.Scope, blog.Logger, core.StorageAuthority) {
|
||||
configJSON, err := ioutil.ReadFile(configFile)
|
||||
cmd.FailOnError(err, "Failed to read config file")
|
||||
var conf config
|
||||
|
|
@ -118,9 +121,17 @@ func setup(configFile string) (metrics.Scope, blog.Logger, *rpc.StorageAuthority
|
|||
cmd.FailOnError(err, "Failed to parse config file")
|
||||
stats, logger := cmd.StatsAndLogging(conf.Statsd, conf.Syslog)
|
||||
scope := metrics.NewStatsdScope(stats, "OrphanFinder")
|
||||
sa, err := rpc.NewStorageAuthorityClient("orphan-finder", &conf.AMQP, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
return scope, logger, sa
|
||||
|
||||
var sac core.StorageAuthority
|
||||
if conf.SAService != nil {
|
||||
conn, err := bgrpc.ClientSetup(conf.SAService, scope)
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn), conf.SAService.Timeout.Duration)
|
||||
} else {
|
||||
sac, err = rpc.NewStorageAuthorityClient("orphan-finder", &conf.AMQP, scope)
|
||||
cmd.FailOnError(err, "Failed to create SA client")
|
||||
}
|
||||
return scope, logger, sac
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
|
|
|||
|
|
@ -13,6 +13,8 @@ It has these top-level messages:
|
|||
ValidationRecord
|
||||
ProblemDetails
|
||||
Certificate
|
||||
Registration
|
||||
Authorization
|
||||
Empty
|
||||
*/
|
||||
package proto
|
||||
|
|
@ -252,6 +254,144 @@ func (m *Certificate) GetExpires() int64 {
|
|||
return 0
|
||||
}
|
||||
|
||||
type Registration struct {
|
||||
Id *int64 `protobuf:"varint,1,opt,name=id" json:"id,omitempty"`
|
||||
Key []byte `protobuf:"bytes,2,opt,name=key" json:"key,omitempty"`
|
||||
Contact []string `protobuf:"bytes,3,rep,name=contact" json:"contact,omitempty"`
|
||||
ContactsPresent *bool `protobuf:"varint,4,opt,name=contactsPresent" json:"contactsPresent,omitempty"`
|
||||
Agreement *string `protobuf:"bytes,5,opt,name=agreement" json:"agreement,omitempty"`
|
||||
InitialIP []byte `protobuf:"bytes,6,opt,name=initialIP" json:"initialIP,omitempty"`
|
||||
CreatedAt *int64 `protobuf:"varint,7,opt,name=createdAt" json:"createdAt,omitempty"`
|
||||
Status *string `protobuf:"bytes,8,opt,name=status" json:"status,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *Registration) Reset() { *m = Registration{} }
|
||||
func (m *Registration) String() string { return proto1.CompactTextString(m) }
|
||||
func (*Registration) ProtoMessage() {}
|
||||
func (*Registration) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
|
||||
|
||||
func (m *Registration) GetId() int64 {
|
||||
if m != nil && m.Id != nil {
|
||||
return *m.Id
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Registration) GetKey() []byte {
|
||||
if m != nil {
|
||||
return m.Key
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetContact() []string {
|
||||
if m != nil {
|
||||
return m.Contact
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetContactsPresent() bool {
|
||||
if m != nil && m.ContactsPresent != nil {
|
||||
return *m.ContactsPresent
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func (m *Registration) GetAgreement() string {
|
||||
if m != nil && m.Agreement != nil {
|
||||
return *m.Agreement
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Registration) GetInitialIP() []byte {
|
||||
if m != nil {
|
||||
return m.InitialIP
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetCreatedAt() int64 {
|
||||
if m != nil && m.CreatedAt != nil {
|
||||
return *m.CreatedAt
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Registration) GetStatus() string {
|
||||
if m != nil && m.Status != nil {
|
||||
return *m.Status
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
type Authorization struct {
|
||||
Id *string `protobuf:"bytes,1,opt,name=id" json:"id,omitempty"`
|
||||
Identifier *string `protobuf:"bytes,2,opt,name=identifier" json:"identifier,omitempty"`
|
||||
RegistrationID *int64 `protobuf:"varint,3,opt,name=registrationID" json:"registrationID,omitempty"`
|
||||
Status *string `protobuf:"bytes,4,opt,name=status" json:"status,omitempty"`
|
||||
Expires *int64 `protobuf:"varint,5,opt,name=expires" json:"expires,omitempty"`
|
||||
Challenges []*Challenge `protobuf:"bytes,6,rep,name=challenges" json:"challenges,omitempty"`
|
||||
Combinations []byte `protobuf:"bytes,7,opt,name=combinations" json:"combinations,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *Authorization) Reset() { *m = Authorization{} }
|
||||
func (m *Authorization) String() string { return proto1.CompactTextString(m) }
|
||||
func (*Authorization) ProtoMessage() {}
|
||||
func (*Authorization) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
|
||||
|
||||
func (m *Authorization) GetId() string {
|
||||
if m != nil && m.Id != nil {
|
||||
return *m.Id
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetIdentifier() string {
|
||||
if m != nil && m.Identifier != nil {
|
||||
return *m.Identifier
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetRegistrationID() int64 {
|
||||
if m != nil && m.RegistrationID != nil {
|
||||
return *m.RegistrationID
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Authorization) GetStatus() string {
|
||||
if m != nil && m.Status != nil {
|
||||
return *m.Status
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetExpires() int64 {
|
||||
if m != nil && m.Expires != nil {
|
||||
return *m.Expires
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Authorization) GetChallenges() []*Challenge {
|
||||
if m != nil {
|
||||
return m.Challenges
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Authorization) GetCombinations() []byte {
|
||||
if m != nil {
|
||||
return m.Combinations
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type Empty struct {
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
|
@ -259,42 +399,53 @@ type Empty struct {
|
|||
func (m *Empty) Reset() { *m = Empty{} }
|
||||
func (m *Empty) String() string { return proto1.CompactTextString(m) }
|
||||
func (*Empty) ProtoMessage() {}
|
||||
func (*Empty) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
|
||||
func (*Empty) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
|
||||
|
||||
func init() {
|
||||
proto1.RegisterType((*Challenge)(nil), "core.Challenge")
|
||||
proto1.RegisterType((*ValidationRecord)(nil), "core.ValidationRecord")
|
||||
proto1.RegisterType((*ProblemDetails)(nil), "core.ProblemDetails")
|
||||
proto1.RegisterType((*Certificate)(nil), "core.Certificate")
|
||||
proto1.RegisterType((*Registration)(nil), "core.Registration")
|
||||
proto1.RegisterType((*Authorization)(nil), "core.Authorization")
|
||||
proto1.RegisterType((*Empty)(nil), "core.Empty")
|
||||
}
|
||||
|
||||
func init() { proto1.RegisterFile("core/proto/core.proto", fileDescriptor0) }
|
||||
|
||||
var fileDescriptor0 = []byte{
|
||||
// 383 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x64, 0x92, 0xcf, 0x6e, 0x13, 0x31,
|
||||
0x10, 0xc6, 0xe5, 0x3a, 0x9b, 0x90, 0xd9, 0x12, 0x52, 0x03, 0x95, 0xb9, 0xad, 0x96, 0xcb, 0x9e,
|
||||
0x5a, 0xd1, 0x37, 0x80, 0x96, 0x43, 0x6f, 0xa8, 0xfc, 0x39, 0x70, 0x33, 0xf1, 0x90, 0x58, 0x75,
|
||||
0xd6, 0xab, 0x99, 0xd9, 0x8a, 0x70, 0xe6, 0xcd, 0x78, 0x31, 0xb4, 0xde, 0x0d, 0x08, 0xf5, 0x36,
|
||||
0x33, 0x9f, 0x47, 0x9a, 0xef, 0xfb, 0x19, 0x5e, 0x6e, 0x12, 0xe1, 0x65, 0x47, 0x49, 0xd2, 0xe5,
|
||||
0x50, 0x5e, 0xe4, 0xd2, 0xcc, 0x86, 0xba, 0xfe, 0xad, 0x60, 0x79, 0xbd, 0x73, 0x31, 0x62, 0xbb,
|
||||
0x45, 0x03, 0x70, 0x12, 0xbc, 0x55, 0x95, 0x6a, 0xb4, 0x39, 0x85, 0x99, 0x1c, 0x3a, 0xb4, 0x27,
|
||||
0x95, 0x6a, 0x96, 0x66, 0x05, 0x73, 0x16, 0x27, 0x3d, 0xdb, 0x79, 0xee, 0x4b, 0xd0, 0x3d, 0x05,
|
||||
0xbb, 0xcc, 0xcd, 0x53, 0x28, 0x24, 0xdd, 0x63, 0x6b, 0x75, 0x6e, 0x2d, 0xac, 0xef, 0xf1, 0xf0,
|
||||
0xb6, 0x97, 0x5d, 0xa2, 0xf0, 0xd3, 0x49, 0x48, 0xad, 0x2d, 0xb2, 0xf2, 0x06, 0xce, 0x1e, 0x5c,
|
||||
0x0c, 0x3e, 0xcf, 0x08, 0x37, 0x89, 0x3c, 0x5b, 0xa8, 0x74, 0x53, 0x5e, 0x9d, 0x5f, 0xe4, 0xdb,
|
||||
0xbe, 0xfc, 0x95, 0xef, 0xb2, 0x6c, 0x5e, 0x43, 0x81, 0x44, 0x89, 0xec, 0xa2, 0x52, 0x4d, 0x79,
|
||||
0xf5, 0x62, 0x7c, 0xf6, 0x81, 0xd2, 0xb7, 0x88, 0xfb, 0x1b, 0x14, 0x17, 0x22, 0xd7, 0xbf, 0x14,
|
||||
0xac, 0x1f, 0x6d, 0xae, 0xe1, 0xc9, 0x2e, 0xb1, 0xb4, 0x6e, 0x8f, 0xd9, 0xd2, 0x72, 0xb0, 0xd4,
|
||||
0x25, 0x92, 0xc9, 0xd2, 0x2b, 0x38, 0x73, 0xde, 0x13, 0x32, 0x23, 0xdf, 0x21, 0xa7, 0xf8, 0x80,
|
||||
0xde, 0xea, 0x4a, 0x37, 0xa7, 0xe6, 0x39, 0x94, 0x93, 0xf4, 0x99, 0xd1, 0xdb, 0x59, 0xa5, 0xa6,
|
||||
0xe1, 0xe8, 0x49, 0x02, 0xb2, 0x2d, 0x2a, 0x7d, 0xcc, 0x21, 0x8e, 0xa1, 0xd4, 0xb7, 0xb0, 0xfa,
|
||||
0xff, 0xb0, 0x61, 0xa7, 0x1b, 0x27, 0x9f, 0x86, 0x2c, 0xd5, 0x31, 0x4b, 0x9f, 0xf5, 0xe9, 0x10,
|
||||
0x03, 0xb0, 0x13, 0xe9, 0x3e, 0x8e, 0xf9, 0x0e, 0x19, 0x16, 0x35, 0x43, 0x79, 0x8d, 0x24, 0xe1,
|
||||
0x7b, 0xd8, 0x38, 0x41, 0x73, 0x0e, 0x2b, 0xc2, 0x6d, 0x60, 0xa1, 0xec, 0xf0, 0xf6, 0x66, 0x82,
|
||||
0x34, 0x60, 0x41, 0x0a, 0x2e, 0xfe, 0xc3, 0xe4, 0xc3, 0x16, 0x59, 0x26, 0x14, 0x25, 0x68, 0x8f,
|
||||
0x34, 0x19, 0x58, 0xc1, 0x3c, 0x30, 0xf7, 0xe8, 0x33, 0x0d, 0x6d, 0x9e, 0xc1, 0x02, 0x7f, 0x74,
|
||||
0x81, 0x70, 0x84, 0xaa, 0xeb, 0x05, 0x14, 0xef, 0xf7, 0x9d, 0x1c, 0xde, 0x2d, 0xbe, 0x16, 0xf9,
|
||||
0x93, 0xfc, 0x09, 0x00, 0x00, 0xff, 0xff, 0xb7, 0xb8, 0x1e, 0x88, 0x3c, 0x02, 0x00, 0x00,
|
||||
// 520 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x64, 0x93, 0xcf, 0x72, 0xd3, 0x30,
|
||||
0x10, 0xc6, 0xc7, 0x55, 0xdc, 0xd4, 0x6b, 0x37, 0x6d, 0x4c, 0x29, 0xe2, 0xe6, 0x71, 0x2f, 0x39,
|
||||
0xb5, 0x43, 0xdf, 0xa0, 0xb4, 0x1c, 0x72, 0xcb, 0x84, 0x3f, 0x07, 0x6e, 0xaa, 0xb5, 0x24, 0x9a,
|
||||
0x38, 0x96, 0x47, 0xda, 0x74, 0x08, 0x67, 0x9e, 0x82, 0x2b, 0x8f, 0xc2, 0x8b, 0x31, 0x5a, 0x3b,
|
||||
0x34, 0xa1, 0x37, 0x69, 0x57, 0xd2, 0xee, 0xfe, 0xbe, 0x4f, 0xf0, 0xba, 0xb2, 0x0e, 0x6f, 0x5a,
|
||||
0x67, 0xc9, 0xde, 0x84, 0xe5, 0x35, 0x2f, 0xf3, 0x41, 0x58, 0x97, 0x7f, 0x22, 0x48, 0xee, 0x97,
|
||||
0xaa, 0xae, 0xb1, 0x59, 0x60, 0x0e, 0x70, 0x64, 0xb4, 0x8c, 0x8a, 0x68, 0x22, 0xf2, 0x0c, 0x06,
|
||||
0xb4, 0x6d, 0x51, 0x1e, 0x15, 0xd1, 0x24, 0xc9, 0x47, 0x70, 0xec, 0x49, 0xd1, 0xc6, 0xcb, 0x63,
|
||||
0xde, 0xa7, 0x20, 0x36, 0xce, 0xc8, 0x84, 0x37, 0xa7, 0x10, 0x93, 0x5d, 0x61, 0x23, 0x05, 0x6f,
|
||||
0x25, 0x9c, 0xaf, 0x70, 0x7b, 0xb7, 0xa1, 0xa5, 0x75, 0xe6, 0x87, 0x22, 0x63, 0x1b, 0x19, 0x73,
|
||||
0xe6, 0x1d, 0x8c, 0x9f, 0x54, 0x6d, 0x34, 0xc7, 0x1c, 0x56, 0xd6, 0x69, 0x2f, 0xa1, 0x10, 0x93,
|
||||
0xf4, 0xf6, 0xf2, 0x9a, 0x7b, 0xfb, 0xf2, 0x2f, 0x3d, 0xe7, 0x74, 0x7e, 0x05, 0x31, 0x3a, 0x67,
|
||||
0x9d, 0x1c, 0x16, 0xd1, 0x24, 0xbd, 0xbd, 0xe8, 0x8e, 0xcd, 0x9c, 0x7d, 0xac, 0x71, 0xfd, 0x80,
|
||||
0xa4, 0x4c, 0xed, 0xcb, 0x9f, 0x11, 0x9c, 0xbf, 0xb8, 0x79, 0x0e, 0x27, 0x4b, 0xeb, 0xa9, 0x51,
|
||||
0x6b, 0xe4, 0x91, 0x92, 0x30, 0x52, 0x6b, 0x1d, 0xf5, 0x23, 0xbd, 0x85, 0xb1, 0xd2, 0xda, 0xa1,
|
||||
0xf7, 0xe8, 0xe7, 0xe8, 0x6d, 0xfd, 0x84, 0x5a, 0x8a, 0x42, 0x4c, 0xb2, 0xfc, 0x15, 0xa4, 0x7d,
|
||||
0xea, 0xb3, 0x47, 0x2d, 0x07, 0x45, 0xd4, 0x07, 0xbb, 0x99, 0xc8, 0xa0, 0x97, 0x71, 0x21, 0x76,
|
||||
0x1c, 0xea, 0x0e, 0x4a, 0x39, 0x85, 0xd1, 0x61, 0x63, 0xe1, 0x4e, 0xdb, 0x45, 0x3e, 0x05, 0x96,
|
||||
0xd1, 0x8e, 0xa5, 0xe6, 0x7c, 0xdf, 0x48, 0x0e, 0xb0, 0x24, 0x6a, 0x3f, 0x76, 0x7c, 0x03, 0xc3,
|
||||
0xb8, 0xf4, 0x90, 0xde, 0xa3, 0x23, 0xf3, 0xcd, 0x54, 0x8a, 0x30, 0xbf, 0x84, 0x91, 0xc3, 0x85,
|
||||
0xf1, 0xe4, 0x78, 0xc2, 0xe9, 0x43, 0x2f, 0x52, 0x90, 0x05, 0x9d, 0x51, 0xf5, 0xb3, 0x4c, 0xda,
|
||||
0x2c, 0xd0, 0x53, 0x2f, 0x45, 0x0a, 0x42, 0xa3, 0xeb, 0x07, 0x18, 0xc1, 0xb1, 0xf1, 0x7e, 0x83,
|
||||
0x9a, 0xd5, 0x10, 0xf9, 0x19, 0x0c, 0xf1, 0x7b, 0x6b, 0x1c, 0x76, 0xa2, 0x8a, 0xf2, 0x57, 0x04,
|
||||
0xd9, 0x7c, 0xaf, 0xcc, 0x81, 0x1f, 0x52, 0x10, 0x2b, 0xdc, 0x72, 0x9d, 0x2c, 0x5c, 0xad, 0x6c,
|
||||
0x43, 0xaa, 0x22, 0x26, 0x96, 0xe4, 0x6f, 0xe0, 0xac, 0x0f, 0xf8, 0x99, 0x43, 0x8f, 0x0d, 0x71,
|
||||
0xd1, 0x93, 0x7c, 0x0c, 0x89, 0x5a, 0x38, 0xc4, 0x75, 0x08, 0x75, 0x2e, 0x18, 0x43, 0x62, 0x1a,
|
||||
0x43, 0x46, 0xd5, 0xd3, 0x19, 0x57, 0xce, 0x42, 0xa8, 0x72, 0xa8, 0x08, 0xf5, 0x1d, 0xb1, 0xd2,
|
||||
0x62, 0xcf, 0x71, 0x27, 0x0c, 0xf7, 0x77, 0x04, 0xa7, 0x07, 0x9e, 0xda, 0xeb, 0x8e, 0x19, 0x1a,
|
||||
0x8d, 0x4d, 0x00, 0x86, 0xae, 0x87, 0xf1, 0x12, 0x9a, 0xf8, 0xef, 0xe5, 0x01, 0x9f, 0xdb, 0xe3,
|
||||
0xd0, 0x81, 0xb9, 0x02, 0xa8, 0x76, 0x7f, 0x22, 0xb0, 0x09, 0xfe, 0x3c, 0xeb, 0x8c, 0xf7, 0xfc,
|
||||
0x57, 0x2e, 0x20, 0xab, 0xec, 0xfa, 0xd1, 0x34, 0xfc, 0xb8, 0xe7, 0xae, 0xb3, 0x72, 0x08, 0xf1,
|
||||
0x87, 0x75, 0x4b, 0xdb, 0xf7, 0xc3, 0xaf, 0x31, 0xff, 0xb3, 0xbf, 0x01, 0x00, 0x00, 0xff, 0xff,
|
||||
0xbb, 0xf8, 0xbc, 0xd0, 0x7f, 0x03, 0x00, 0x00,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
syntax = "proto2";
|
||||
|
||||
package core;
|
||||
|
||||
option go_package = "proto";
|
||||
|
||||
message Challenge {
|
||||
|
|
@ -40,4 +39,25 @@ message Certificate {
|
|||
optional int64 expires = 6; // Unix timestamp (nanoseconds)
|
||||
}
|
||||
|
||||
message Registration {
|
||||
optional int64 id = 1;
|
||||
optional bytes key = 2;
|
||||
repeated string contact = 3;
|
||||
optional bool contactsPresent = 4;
|
||||
optional string agreement = 5;
|
||||
optional bytes initialIP = 6;
|
||||
optional int64 createdAt = 7; // Unix timestamp (nanoseconds)
|
||||
optional string status = 8;
|
||||
}
|
||||
|
||||
message Authorization {
|
||||
optional string id = 1;
|
||||
optional string identifier = 2;
|
||||
optional int64 registrationID = 3;
|
||||
optional string status = 4;
|
||||
optional int64 expires = 5; // Unix timestamp (nanoseconds)
|
||||
repeated core.Challenge challenges = 6;
|
||||
optional bytes combinations = 7;
|
||||
}
|
||||
|
||||
message Empty {}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ import (
|
|||
"github.com/letsencrypt/boulder/core"
|
||||
corepb "github.com/letsencrypt/boulder/core/proto"
|
||||
"github.com/letsencrypt/boulder/probs"
|
||||
rapb "github.com/letsencrypt/boulder/ra/proto"
|
||||
sapb "github.com/letsencrypt/boulder/sa/proto"
|
||||
vapb "github.com/letsencrypt/boulder/va/proto"
|
||||
)
|
||||
|
||||
|
|
@ -238,7 +238,7 @@ func argsToPerformValidationRequest(domain string, challenge core.Challenge, aut
|
|||
|
||||
}
|
||||
|
||||
func registrationToPB(reg core.Registration) (*rapb.Registration, error) {
|
||||
func registrationToPB(reg core.Registration) (*corepb.Registration, error) {
|
||||
keyBytes, err := reg.Key.MarshalJSON()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -250,14 +250,14 @@ func registrationToPB(reg core.Registration) (*rapb.Registration, error) {
|
|||
createdAt := reg.CreatedAt.UnixNano()
|
||||
status := string(reg.Status)
|
||||
var contacts []string
|
||||
// Since the default value of rapb.Registration.Contact is a slice
|
||||
// Since the default value of corepb.Registration.Contact is a slice
|
||||
// we need a indicator as to if the value is actually important on
|
||||
// the other side (pb -> reg).
|
||||
contactsPresent := reg.Contact != nil
|
||||
if reg.Contact != nil {
|
||||
contacts = *reg.Contact
|
||||
}
|
||||
return &rapb.Registration{
|
||||
return &corepb.Registration{
|
||||
Id: ®.ID,
|
||||
Key: keyBytes,
|
||||
Contact: contacts,
|
||||
|
|
@ -269,7 +269,7 @@ func registrationToPB(reg core.Registration) (*rapb.Registration, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func pbToRegistration(pb *rapb.Registration) (core.Registration, error) {
|
||||
func pbToRegistration(pb *corepb.Registration) (core.Registration, error) {
|
||||
var key jose.JsonWebKey
|
||||
err := key.UnmarshalJSON(pb.Key)
|
||||
if err != nil {
|
||||
|
|
@ -305,7 +305,7 @@ func pbToRegistration(pb *rapb.Registration) (core.Registration, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func authzToPB(authz core.Authorization) (*rapb.Authorization, error) {
|
||||
func authzToPB(authz core.Authorization) (*corepb.Authorization, error) {
|
||||
challs := make([]*corepb.Challenge, len(authz.Challenges))
|
||||
for i, c := range authz.Challenges {
|
||||
pbChall, err := challengeToPB(c)
|
||||
|
|
@ -323,7 +323,7 @@ func authzToPB(authz core.Authorization) (*rapb.Authorization, error) {
|
|||
if authz.Expires != nil {
|
||||
expires = authz.Expires.UnixNano()
|
||||
}
|
||||
return &rapb.Authorization{
|
||||
return &corepb.Authorization{
|
||||
Id: &authz.ID,
|
||||
Identifier: &authz.Identifier.Value,
|
||||
RegistrationID: &authz.RegistrationID,
|
||||
|
|
@ -334,7 +334,7 @@ func authzToPB(authz core.Authorization) (*rapb.Authorization, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func pbToAuthz(pb *rapb.Authorization) (core.Authorization, error) {
|
||||
func pbToAuthz(pb *corepb.Authorization) (core.Authorization, error) {
|
||||
challs := make([]core.Challenge, len(pb.Challenges))
|
||||
for i, c := range pb.Challenges {
|
||||
chall, err := pbToChallenge(c)
|
||||
|
|
@ -360,10 +360,68 @@ func pbToAuthz(pb *rapb.Authorization) (core.Authorization, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func registrationValid(reg *rapb.Registration) bool {
|
||||
func registrationValid(reg *corepb.Registration) bool {
|
||||
return !(reg.Id == nil || reg.Key == nil || reg.Agreement == nil || reg.InitialIP == nil || reg.CreatedAt == nil || reg.Status == nil || reg.ContactsPresent == nil)
|
||||
}
|
||||
|
||||
func authorizationValid(authz *rapb.Authorization) bool {
|
||||
func authorizationValid(authz *corepb.Authorization) bool {
|
||||
return !(authz.Id == nil || authz.Identifier == nil || authz.RegistrationID == nil || authz.Status == nil || authz.Expires == nil)
|
||||
}
|
||||
|
||||
func certificateValid(cert *corepb.Certificate) bool {
|
||||
return !(cert.RegistrationID == nil || cert.Serial == nil || cert.Digest == nil || cert.Der == nil || cert.Issued == nil || cert.Expires == nil)
|
||||
}
|
||||
|
||||
func sctToPB(sct core.SignedCertificateTimestamp) *sapb.SignedCertificateTimestamp {
|
||||
id := int64(sct.ID)
|
||||
version := int64(sct.SCTVersion)
|
||||
timestamp := int64(sct.Timestamp)
|
||||
return &sapb.SignedCertificateTimestamp{
|
||||
Id: &id,
|
||||
SctVersion: &version,
|
||||
LogID: &sct.LogID,
|
||||
Timestamp: ×tamp,
|
||||
Extensions: sct.Extensions,
|
||||
Signature: sct.Signature,
|
||||
CertificateSerial: &sct.CertificateSerial,
|
||||
}
|
||||
}
|
||||
|
||||
func pbToSCT(pb *sapb.SignedCertificateTimestamp) core.SignedCertificateTimestamp {
|
||||
return core.SignedCertificateTimestamp{
|
||||
ID: int(*pb.Id),
|
||||
SCTVersion: uint8(*pb.SctVersion),
|
||||
LogID: *pb.LogID,
|
||||
Timestamp: uint64(*pb.Timestamp),
|
||||
Extensions: pb.Extensions,
|
||||
Signature: pb.Signature,
|
||||
CertificateSerial: *pb.CertificateSerial,
|
||||
}
|
||||
}
|
||||
|
||||
func sctValid(sct *sapb.SignedCertificateTimestamp) bool {
|
||||
return !(sct.Id == nil || sct.SctVersion == nil || sct.LogID == nil || sct.Timestamp == nil || sct.Signature == nil || sct.CertificateSerial == nil)
|
||||
}
|
||||
|
||||
func certToPB(cert core.Certificate) *corepb.Certificate {
|
||||
issued, expires := cert.Issued.UnixNano(), cert.Expires.UnixNano()
|
||||
return &corepb.Certificate{
|
||||
RegistrationID: &cert.RegistrationID,
|
||||
Serial: &cert.Serial,
|
||||
Digest: &cert.Digest,
|
||||
Der: cert.DER,
|
||||
Issued: &issued,
|
||||
Expires: &expires,
|
||||
}
|
||||
}
|
||||
|
||||
func pbToCert(pb *corepb.Certificate) core.Certificate {
|
||||
return core.Certificate{
|
||||
RegistrationID: *pb.RegistrationID,
|
||||
Serial: *pb.Serial,
|
||||
Digest: *pb.Digest,
|
||||
DER: pb.Der,
|
||||
Issued: time.Unix(0, *pb.Issued),
|
||||
Expires: time.Unix(0, *pb.Expires),
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -276,3 +276,37 @@ func TestAuthz(t *testing.T) {
|
|||
test.AssertNotError(t, err, "pbToAuthz failed")
|
||||
test.AssertDeepEquals(t, inAuthz, outAuthz)
|
||||
}
|
||||
|
||||
func TestSCT(t *testing.T) {
|
||||
sct := core.SignedCertificateTimestamp{
|
||||
ID: 10,
|
||||
SCTVersion: 1,
|
||||
LogID: "logid",
|
||||
Timestamp: 100,
|
||||
Extensions: []byte{255},
|
||||
Signature: []byte{1},
|
||||
CertificateSerial: "serial",
|
||||
}
|
||||
|
||||
sctPB := sctToPB(sct)
|
||||
outSCT := pbToSCT(sctPB)
|
||||
|
||||
test.AssertDeepEquals(t, sct, outSCT)
|
||||
}
|
||||
|
||||
func TestCert(t *testing.T) {
|
||||
now := time.Now()
|
||||
cert := core.Certificate{
|
||||
RegistrationID: 1,
|
||||
Serial: "serial",
|
||||
Digest: "digest",
|
||||
DER: []byte{255},
|
||||
Issued: now,
|
||||
Expires: now.Add(time.Hour),
|
||||
}
|
||||
|
||||
certPB := certToPB(cert)
|
||||
outCert := pbToCert(certPB)
|
||||
|
||||
test.AssertDeepEquals(t, cert, outCert)
|
||||
}
|
||||
|
|
|
|||
923
grpc/wrappers.go
923
grpc/wrappers.go
File diff suppressed because it is too large
Load Diff
|
|
@ -9,8 +9,6 @@ It is generated from these files:
|
|||
ra/proto/ra.proto
|
||||
|
||||
It has these top-level messages:
|
||||
Registration
|
||||
Authorization
|
||||
NewAuthorizationRequest
|
||||
NewCertificateRequest
|
||||
UpdateRegistrationRequest
|
||||
|
|
@ -41,156 +39,18 @@ var _ = math.Inf
|
|||
// proto package needs to be updated.
|
||||
const _ = proto1.ProtoPackageIsVersion2 // please upgrade the proto package
|
||||
|
||||
type Registration struct {
|
||||
Id *int64 `protobuf:"varint,1,opt,name=id" json:"id,omitempty"`
|
||||
Key []byte `protobuf:"bytes,2,opt,name=key" json:"key,omitempty"`
|
||||
Contact []string `protobuf:"bytes,3,rep,name=contact" json:"contact,omitempty"`
|
||||
ContactsPresent *bool `protobuf:"varint,4,opt,name=contactsPresent" json:"contactsPresent,omitempty"`
|
||||
Agreement *string `protobuf:"bytes,5,opt,name=agreement" json:"agreement,omitempty"`
|
||||
InitialIP []byte `protobuf:"bytes,6,opt,name=initialIP" json:"initialIP,omitempty"`
|
||||
CreatedAt *int64 `protobuf:"varint,7,opt,name=createdAt" json:"createdAt,omitempty"`
|
||||
Status *string `protobuf:"bytes,8,opt,name=status" json:"status,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *Registration) Reset() { *m = Registration{} }
|
||||
func (m *Registration) String() string { return proto1.CompactTextString(m) }
|
||||
func (*Registration) ProtoMessage() {}
|
||||
func (*Registration) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
|
||||
|
||||
func (m *Registration) GetId() int64 {
|
||||
if m != nil && m.Id != nil {
|
||||
return *m.Id
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Registration) GetKey() []byte {
|
||||
if m != nil {
|
||||
return m.Key
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetContact() []string {
|
||||
if m != nil {
|
||||
return m.Contact
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetContactsPresent() bool {
|
||||
if m != nil && m.ContactsPresent != nil {
|
||||
return *m.ContactsPresent
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func (m *Registration) GetAgreement() string {
|
||||
if m != nil && m.Agreement != nil {
|
||||
return *m.Agreement
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Registration) GetInitialIP() []byte {
|
||||
if m != nil {
|
||||
return m.InitialIP
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Registration) GetCreatedAt() int64 {
|
||||
if m != nil && m.CreatedAt != nil {
|
||||
return *m.CreatedAt
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Registration) GetStatus() string {
|
||||
if m != nil && m.Status != nil {
|
||||
return *m.Status
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
type Authorization struct {
|
||||
Id *string `protobuf:"bytes,1,opt,name=id" json:"id,omitempty"`
|
||||
Identifier *string `protobuf:"bytes,2,opt,name=identifier" json:"identifier,omitempty"`
|
||||
RegistrationID *int64 `protobuf:"varint,3,opt,name=registrationID" json:"registrationID,omitempty"`
|
||||
Status *string `protobuf:"bytes,4,opt,name=status" json:"status,omitempty"`
|
||||
Expires *int64 `protobuf:"varint,5,opt,name=expires" json:"expires,omitempty"`
|
||||
Challenges []*core.Challenge `protobuf:"bytes,6,rep,name=challenges" json:"challenges,omitempty"`
|
||||
Combinations []byte `protobuf:"bytes,7,opt,name=combinations" json:"combinations,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *Authorization) Reset() { *m = Authorization{} }
|
||||
func (m *Authorization) String() string { return proto1.CompactTextString(m) }
|
||||
func (*Authorization) ProtoMessage() {}
|
||||
func (*Authorization) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
|
||||
|
||||
func (m *Authorization) GetId() string {
|
||||
if m != nil && m.Id != nil {
|
||||
return *m.Id
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetIdentifier() string {
|
||||
if m != nil && m.Identifier != nil {
|
||||
return *m.Identifier
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetRegistrationID() int64 {
|
||||
if m != nil && m.RegistrationID != nil {
|
||||
return *m.RegistrationID
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Authorization) GetStatus() string {
|
||||
if m != nil && m.Status != nil {
|
||||
return *m.Status
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (m *Authorization) GetExpires() int64 {
|
||||
if m != nil && m.Expires != nil {
|
||||
return *m.Expires
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (m *Authorization) GetChallenges() []*core.Challenge {
|
||||
if m != nil {
|
||||
return m.Challenges
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Authorization) GetCombinations() []byte {
|
||||
if m != nil {
|
||||
return m.Combinations
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type NewAuthorizationRequest struct {
|
||||
Authz *Authorization `protobuf:"bytes,1,opt,name=authz" json:"authz,omitempty"`
|
||||
RegID *int64 `protobuf:"varint,2,opt,name=regID" json:"regID,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
Authz *core.Authorization `protobuf:"bytes,1,opt,name=authz" json:"authz,omitempty"`
|
||||
RegID *int64 `protobuf:"varint,2,opt,name=regID" json:"regID,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *NewAuthorizationRequest) Reset() { *m = NewAuthorizationRequest{} }
|
||||
func (m *NewAuthorizationRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*NewAuthorizationRequest) ProtoMessage() {}
|
||||
func (*NewAuthorizationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
|
||||
func (*NewAuthorizationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
|
||||
|
||||
func (m *NewAuthorizationRequest) GetAuthz() *Authorization {
|
||||
func (m *NewAuthorizationRequest) GetAuthz() *core.Authorization {
|
||||
if m != nil {
|
||||
return m.Authz
|
||||
}
|
||||
|
|
@ -213,7 +73,7 @@ type NewCertificateRequest struct {
|
|||
func (m *NewCertificateRequest) Reset() { *m = NewCertificateRequest{} }
|
||||
func (m *NewCertificateRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*NewCertificateRequest) ProtoMessage() {}
|
||||
func (*NewCertificateRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
|
||||
func (*NewCertificateRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
|
||||
|
||||
func (m *NewCertificateRequest) GetCsr() []byte {
|
||||
if m != nil {
|
||||
|
|
@ -230,24 +90,24 @@ func (m *NewCertificateRequest) GetRegID() int64 {
|
|||
}
|
||||
|
||||
type UpdateRegistrationRequest struct {
|
||||
Base *Registration `protobuf:"bytes,1,opt,name=base" json:"base,omitempty"`
|
||||
Update *Registration `protobuf:"bytes,2,opt,name=update" json:"update,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
Base *core.Registration `protobuf:"bytes,1,opt,name=base" json:"base,omitempty"`
|
||||
Update *core.Registration `protobuf:"bytes,2,opt,name=update" json:"update,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *UpdateRegistrationRequest) Reset() { *m = UpdateRegistrationRequest{} }
|
||||
func (m *UpdateRegistrationRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*UpdateRegistrationRequest) ProtoMessage() {}
|
||||
func (*UpdateRegistrationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
|
||||
func (*UpdateRegistrationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
|
||||
|
||||
func (m *UpdateRegistrationRequest) GetBase() *Registration {
|
||||
func (m *UpdateRegistrationRequest) GetBase() *core.Registration {
|
||||
if m != nil {
|
||||
return m.Base
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *UpdateRegistrationRequest) GetUpdate() *Registration {
|
||||
func (m *UpdateRegistrationRequest) GetUpdate() *core.Registration {
|
||||
if m != nil {
|
||||
return m.Update
|
||||
}
|
||||
|
|
@ -255,18 +115,18 @@ func (m *UpdateRegistrationRequest) GetUpdate() *Registration {
|
|||
}
|
||||
|
||||
type UpdateAuthorizationRequest struct {
|
||||
Authz *Authorization `protobuf:"bytes,1,opt,name=authz" json:"authz,omitempty"`
|
||||
ChallengeIndex *int64 `protobuf:"varint,2,opt,name=challengeIndex" json:"challengeIndex,omitempty"`
|
||||
Response *core.Challenge `protobuf:"bytes,3,opt,name=response" json:"response,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
Authz *core.Authorization `protobuf:"bytes,1,opt,name=authz" json:"authz,omitempty"`
|
||||
ChallengeIndex *int64 `protobuf:"varint,2,opt,name=challengeIndex" json:"challengeIndex,omitempty"`
|
||||
Response *core.Challenge `protobuf:"bytes,3,opt,name=response" json:"response,omitempty"`
|
||||
XXX_unrecognized []byte `json:"-"`
|
||||
}
|
||||
|
||||
func (m *UpdateAuthorizationRequest) Reset() { *m = UpdateAuthorizationRequest{} }
|
||||
func (m *UpdateAuthorizationRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*UpdateAuthorizationRequest) ProtoMessage() {}
|
||||
func (*UpdateAuthorizationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
|
||||
func (*UpdateAuthorizationRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
|
||||
|
||||
func (m *UpdateAuthorizationRequest) GetAuthz() *Authorization {
|
||||
func (m *UpdateAuthorizationRequest) GetAuthz() *core.Authorization {
|
||||
if m != nil {
|
||||
return m.Authz
|
||||
}
|
||||
|
|
@ -297,7 +157,7 @@ type RevokeCertificateWithRegRequest struct {
|
|||
func (m *RevokeCertificateWithRegRequest) Reset() { *m = RevokeCertificateWithRegRequest{} }
|
||||
func (m *RevokeCertificateWithRegRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*RevokeCertificateWithRegRequest) ProtoMessage() {}
|
||||
func (*RevokeCertificateWithRegRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
|
||||
func (*RevokeCertificateWithRegRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
|
||||
|
||||
func (m *RevokeCertificateWithRegRequest) GetCert() []byte {
|
||||
if m != nil {
|
||||
|
|
@ -333,7 +193,7 @@ func (m *AdministrativelyRevokeCertificateRequest) Reset() {
|
|||
func (m *AdministrativelyRevokeCertificateRequest) String() string { return proto1.CompactTextString(m) }
|
||||
func (*AdministrativelyRevokeCertificateRequest) ProtoMessage() {}
|
||||
func (*AdministrativelyRevokeCertificateRequest) Descriptor() ([]byte, []int) {
|
||||
return fileDescriptor0, []int{7}
|
||||
return fileDescriptor0, []int{5}
|
||||
}
|
||||
|
||||
func (m *AdministrativelyRevokeCertificateRequest) GetCert() []byte {
|
||||
|
|
@ -358,8 +218,6 @@ func (m *AdministrativelyRevokeCertificateRequest) GetAdminName() string {
|
|||
}
|
||||
|
||||
func init() {
|
||||
proto1.RegisterType((*Registration)(nil), "ra.Registration")
|
||||
proto1.RegisterType((*Authorization)(nil), "ra.Authorization")
|
||||
proto1.RegisterType((*NewAuthorizationRequest)(nil), "ra.NewAuthorizationRequest")
|
||||
proto1.RegisterType((*NewCertificateRequest)(nil), "ra.NewCertificateRequest")
|
||||
proto1.RegisterType((*UpdateRegistrationRequest)(nil), "ra.UpdateRegistrationRequest")
|
||||
|
|
@ -379,14 +237,14 @@ const _ = grpc.SupportPackageIsVersion3
|
|||
// Client API for RegistrationAuthority service
|
||||
|
||||
type RegistrationAuthorityClient interface {
|
||||
NewRegistration(ctx context.Context, in *Registration, opts ...grpc.CallOption) (*Registration, error)
|
||||
NewAuthorization(ctx context.Context, in *NewAuthorizationRequest, opts ...grpc.CallOption) (*Authorization, error)
|
||||
NewRegistration(ctx context.Context, in *core.Registration, opts ...grpc.CallOption) (*core.Registration, error)
|
||||
NewAuthorization(ctx context.Context, in *NewAuthorizationRequest, opts ...grpc.CallOption) (*core.Authorization, error)
|
||||
NewCertificate(ctx context.Context, in *NewCertificateRequest, opts ...grpc.CallOption) (*core.Certificate, error)
|
||||
UpdateRegistration(ctx context.Context, in *UpdateRegistrationRequest, opts ...grpc.CallOption) (*Registration, error)
|
||||
UpdateAuthorization(ctx context.Context, in *UpdateAuthorizationRequest, opts ...grpc.CallOption) (*Authorization, error)
|
||||
UpdateRegistration(ctx context.Context, in *UpdateRegistrationRequest, opts ...grpc.CallOption) (*core.Registration, error)
|
||||
UpdateAuthorization(ctx context.Context, in *UpdateAuthorizationRequest, opts ...grpc.CallOption) (*core.Authorization, error)
|
||||
RevokeCertificateWithReg(ctx context.Context, in *RevokeCertificateWithRegRequest, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
DeactivateRegistration(ctx context.Context, in *Registration, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
DeactivateAuthorization(ctx context.Context, in *Authorization, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
DeactivateRegistration(ctx context.Context, in *core.Registration, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
DeactivateAuthorization(ctx context.Context, in *core.Authorization, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
AdministrativelyRevokeCertificate(ctx context.Context, in *AdministrativelyRevokeCertificateRequest, opts ...grpc.CallOption) (*core.Empty, error)
|
||||
}
|
||||
|
||||
|
|
@ -398,8 +256,8 @@ func NewRegistrationAuthorityClient(cc *grpc.ClientConn) RegistrationAuthorityCl
|
|||
return ®istrationAuthorityClient{cc}
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) NewRegistration(ctx context.Context, in *Registration, opts ...grpc.CallOption) (*Registration, error) {
|
||||
out := new(Registration)
|
||||
func (c *registrationAuthorityClient) NewRegistration(ctx context.Context, in *core.Registration, opts ...grpc.CallOption) (*core.Registration, error) {
|
||||
out := new(core.Registration)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/NewRegistration", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -407,8 +265,8 @@ func (c *registrationAuthorityClient) NewRegistration(ctx context.Context, in *R
|
|||
return out, nil
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) NewAuthorization(ctx context.Context, in *NewAuthorizationRequest, opts ...grpc.CallOption) (*Authorization, error) {
|
||||
out := new(Authorization)
|
||||
func (c *registrationAuthorityClient) NewAuthorization(ctx context.Context, in *NewAuthorizationRequest, opts ...grpc.CallOption) (*core.Authorization, error) {
|
||||
out := new(core.Authorization)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/NewAuthorization", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -425,8 +283,8 @@ func (c *registrationAuthorityClient) NewCertificate(ctx context.Context, in *Ne
|
|||
return out, nil
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) UpdateRegistration(ctx context.Context, in *UpdateRegistrationRequest, opts ...grpc.CallOption) (*Registration, error) {
|
||||
out := new(Registration)
|
||||
func (c *registrationAuthorityClient) UpdateRegistration(ctx context.Context, in *UpdateRegistrationRequest, opts ...grpc.CallOption) (*core.Registration, error) {
|
||||
out := new(core.Registration)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/UpdateRegistration", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -434,8 +292,8 @@ func (c *registrationAuthorityClient) UpdateRegistration(ctx context.Context, in
|
|||
return out, nil
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) UpdateAuthorization(ctx context.Context, in *UpdateAuthorizationRequest, opts ...grpc.CallOption) (*Authorization, error) {
|
||||
out := new(Authorization)
|
||||
func (c *registrationAuthorityClient) UpdateAuthorization(ctx context.Context, in *UpdateAuthorizationRequest, opts ...grpc.CallOption) (*core.Authorization, error) {
|
||||
out := new(core.Authorization)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/UpdateAuthorization", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -452,7 +310,7 @@ func (c *registrationAuthorityClient) RevokeCertificateWithReg(ctx context.Conte
|
|||
return out, nil
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) DeactivateRegistration(ctx context.Context, in *Registration, opts ...grpc.CallOption) (*core.Empty, error) {
|
||||
func (c *registrationAuthorityClient) DeactivateRegistration(ctx context.Context, in *core.Registration, opts ...grpc.CallOption) (*core.Empty, error) {
|
||||
out := new(core.Empty)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/DeactivateRegistration", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
|
|
@ -461,7 +319,7 @@ func (c *registrationAuthorityClient) DeactivateRegistration(ctx context.Context
|
|||
return out, nil
|
||||
}
|
||||
|
||||
func (c *registrationAuthorityClient) DeactivateAuthorization(ctx context.Context, in *Authorization, opts ...grpc.CallOption) (*core.Empty, error) {
|
||||
func (c *registrationAuthorityClient) DeactivateAuthorization(ctx context.Context, in *core.Authorization, opts ...grpc.CallOption) (*core.Empty, error) {
|
||||
out := new(core.Empty)
|
||||
err := grpc.Invoke(ctx, "/ra.RegistrationAuthority/DeactivateAuthorization", in, out, c.cc, opts...)
|
||||
if err != nil {
|
||||
|
|
@ -482,14 +340,14 @@ func (c *registrationAuthorityClient) AdministrativelyRevokeCertificate(ctx cont
|
|||
// Server API for RegistrationAuthority service
|
||||
|
||||
type RegistrationAuthorityServer interface {
|
||||
NewRegistration(context.Context, *Registration) (*Registration, error)
|
||||
NewAuthorization(context.Context, *NewAuthorizationRequest) (*Authorization, error)
|
||||
NewRegistration(context.Context, *core.Registration) (*core.Registration, error)
|
||||
NewAuthorization(context.Context, *NewAuthorizationRequest) (*core.Authorization, error)
|
||||
NewCertificate(context.Context, *NewCertificateRequest) (*core.Certificate, error)
|
||||
UpdateRegistration(context.Context, *UpdateRegistrationRequest) (*Registration, error)
|
||||
UpdateAuthorization(context.Context, *UpdateAuthorizationRequest) (*Authorization, error)
|
||||
UpdateRegistration(context.Context, *UpdateRegistrationRequest) (*core.Registration, error)
|
||||
UpdateAuthorization(context.Context, *UpdateAuthorizationRequest) (*core.Authorization, error)
|
||||
RevokeCertificateWithReg(context.Context, *RevokeCertificateWithRegRequest) (*core.Empty, error)
|
||||
DeactivateRegistration(context.Context, *Registration) (*core.Empty, error)
|
||||
DeactivateAuthorization(context.Context, *Authorization) (*core.Empty, error)
|
||||
DeactivateRegistration(context.Context, *core.Registration) (*core.Empty, error)
|
||||
DeactivateAuthorization(context.Context, *core.Authorization) (*core.Empty, error)
|
||||
AdministrativelyRevokeCertificate(context.Context, *AdministrativelyRevokeCertificateRequest) (*core.Empty, error)
|
||||
}
|
||||
|
||||
|
|
@ -498,7 +356,7 @@ func RegisterRegistrationAuthorityServer(s *grpc.Server, srv RegistrationAuthori
|
|||
}
|
||||
|
||||
func _RegistrationAuthority_NewRegistration_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(Registration)
|
||||
in := new(core.Registration)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -510,7 +368,7 @@ func _RegistrationAuthority_NewRegistration_Handler(srv interface{}, ctx context
|
|||
FullMethod: "/ra.RegistrationAuthority/NewRegistration",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(RegistrationAuthorityServer).NewRegistration(ctx, req.(*Registration))
|
||||
return srv.(RegistrationAuthorityServer).NewRegistration(ctx, req.(*core.Registration))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
|
@ -606,7 +464,7 @@ func _RegistrationAuthority_RevokeCertificateWithReg_Handler(srv interface{}, ct
|
|||
}
|
||||
|
||||
func _RegistrationAuthority_DeactivateRegistration_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(Registration)
|
||||
in := new(core.Registration)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -618,13 +476,13 @@ func _RegistrationAuthority_DeactivateRegistration_Handler(srv interface{}, ctx
|
|||
FullMethod: "/ra.RegistrationAuthority/DeactivateRegistration",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(RegistrationAuthorityServer).DeactivateRegistration(ctx, req.(*Registration))
|
||||
return srv.(RegistrationAuthorityServer).DeactivateRegistration(ctx, req.(*core.Registration))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _RegistrationAuthority_DeactivateAuthorization_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(Authorization)
|
||||
in := new(core.Authorization)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -636,7 +494,7 @@ func _RegistrationAuthority_DeactivateAuthorization_Handler(srv interface{}, ctx
|
|||
FullMethod: "/ra.RegistrationAuthority/DeactivateAuthorization",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(RegistrationAuthorityServer).DeactivateAuthorization(ctx, req.(*Authorization))
|
||||
return srv.(RegistrationAuthorityServer).DeactivateAuthorization(ctx, req.(*core.Authorization))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
|
@ -707,45 +565,35 @@ var _RegistrationAuthority_serviceDesc = grpc.ServiceDesc{
|
|||
func init() { proto1.RegisterFile("ra/proto/ra.proto", fileDescriptor0) }
|
||||
|
||||
var fileDescriptor0 = []byte{
|
||||
// 632 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x9c, 0x54, 0x4d, 0x6f, 0xd3, 0x40,
|
||||
0x10, 0x8d, 0xeb, 0x7c, 0xd4, 0x93, 0x34, 0x69, 0x06, 0xda, 0xba, 0x41, 0x14, 0xd7, 0xbd, 0xf8,
|
||||
0x80, 0x52, 0xa9, 0x1c, 0x10, 0xe2, 0x42, 0x69, 0x10, 0x4a, 0x85, 0xa2, 0x2a, 0x12, 0x42, 0x20,
|
||||
0x21, 0xb1, 0xb5, 0x87, 0x64, 0xd5, 0xc4, 0x0e, 0xbb, 0x9b, 0xb6, 0xe9, 0x1f, 0x41, 0xe2, 0xca,
|
||||
0x1f, 0x45, 0xde, 0x38, 0x4d, 0x6d, 0xb7, 0x10, 0x71, 0x5b, 0xcf, 0xce, 0xbc, 0x79, 0xef, 0xed,
|
||||
0x93, 0xa1, 0x29, 0xd8, 0xe1, 0x44, 0x44, 0x2a, 0x3a, 0x14, 0xac, 0xad, 0x0f, 0xb8, 0x26, 0x58,
|
||||
0x6b, 0xcb, 0x8f, 0x04, 0x25, 0x17, 0xf1, 0x71, 0x7e, 0xe5, 0xfe, 0x32, 0xa0, 0xd6, 0xa7, 0x01,
|
||||
0x97, 0x4a, 0x30, 0xc5, 0xa3, 0x10, 0x01, 0xd6, 0x78, 0x60, 0x1b, 0x8e, 0xe1, 0x99, 0x58, 0x05,
|
||||
0xf3, 0x82, 0x66, 0xf6, 0x9a, 0x63, 0x78, 0x35, 0x6c, 0x40, 0xc5, 0x8f, 0x42, 0xc5, 0x7c, 0x65,
|
||||
0x9b, 0x8e, 0xe9, 0x59, 0xb8, 0x03, 0x8d, 0xa4, 0x20, 0xcf, 0x04, 0x49, 0x0a, 0x95, 0x5d, 0x74,
|
||||
0x0c, 0x6f, 0x1d, 0x9b, 0x60, 0xb1, 0x81, 0x20, 0x1a, 0xc7, 0xa5, 0x92, 0x63, 0x78, 0x56, 0x5c,
|
||||
0xe2, 0x21, 0x57, 0x9c, 0x8d, 0xba, 0x67, 0x76, 0x59, 0xe3, 0x35, 0xc1, 0xf2, 0x05, 0x31, 0x45,
|
||||
0xc1, 0xb1, 0xb2, 0x2b, 0x7a, 0x5f, 0x1d, 0xca, 0x52, 0x31, 0x35, 0x95, 0xf6, 0x7a, 0x3c, 0xe5,
|
||||
0xfe, 0x36, 0x60, 0xe3, 0x78, 0xaa, 0x86, 0x91, 0xe0, 0x37, 0x59, 0x76, 0x16, 0x22, 0x00, 0x0f,
|
||||
0x28, 0x54, 0xfc, 0x3b, 0x27, 0xa1, 0x49, 0x5a, 0xb8, 0x0d, 0x75, 0x71, 0x47, 0x4d, 0xb7, 0x63,
|
||||
0x9b, 0x19, 0xe4, 0xa2, 0xee, 0x6b, 0x40, 0x85, 0xae, 0x27, 0x5c, 0x90, 0xd4, 0x04, 0x4d, 0x3c,
|
||||
0x00, 0xf0, 0x87, 0x6c, 0x34, 0xa2, 0x70, 0x40, 0xd2, 0x2e, 0x3b, 0xa6, 0x57, 0x3d, 0x6a, 0xb4,
|
||||
0xb5, 0x51, 0x27, 0x8b, 0x3a, 0x3e, 0x86, 0x9a, 0x1f, 0x8d, 0xcf, 0x79, 0xa8, 0xc1, 0xa5, 0x66,
|
||||
0x5d, 0x73, 0x4f, 0x61, 0xa7, 0x47, 0x57, 0x29, 0x9e, 0x7d, 0xfa, 0x31, 0x25, 0xa9, 0xd0, 0x81,
|
||||
0x12, 0x9b, 0xaa, 0xe1, 0x8d, 0x66, 0x5c, 0x3d, 0x6a, 0xb6, 0x05, 0x6b, 0xa7, 0x05, 0x6d, 0x40,
|
||||
0x49, 0xd0, 0xa0, 0xdb, 0xd1, 0xfc, 0x4d, 0xf7, 0x05, 0x6c, 0xf5, 0xe8, 0xea, 0x84, 0x44, 0xac,
|
||||
0xca, 0x67, 0x8a, 0x16, 0x48, 0x55, 0x30, 0x7d, 0x29, 0x34, 0x4e, 0x2d, 0x3b, 0xf4, 0x15, 0x76,
|
||||
0x3f, 0x4e, 0x02, 0xdd, 0xbc, 0x94, 0xbe, 0x18, 0xdc, 0x83, 0xe2, 0x39, 0x93, 0x94, 0x30, 0xd8,
|
||||
0x8c, 0x19, 0xa4, 0xde, 0xdb, 0x81, 0xf2, 0x54, 0x0f, 0x6b, 0xb0, 0x7b, 0x3a, 0xdc, 0x19, 0xb4,
|
||||
0xe6, 0xf0, 0xff, 0x29, 0x71, 0x1b, 0xea, 0xb7, 0xd6, 0x76, 0xc3, 0x80, 0xae, 0xe7, 0xb4, 0x71,
|
||||
0x1f, 0xd6, 0x05, 0xc9, 0x49, 0x14, 0x4a, 0xd2, 0xaf, 0x94, 0x37, 0xdc, 0xfd, 0x00, 0xcf, 0xfa,
|
||||
0x74, 0x19, 0x5d, 0xd0, 0x1d, 0x47, 0x3e, 0x71, 0x35, 0xec, 0xd3, 0x60, 0xb1, 0xbf, 0x06, 0x45,
|
||||
0x9f, 0x84, 0x4a, 0x9c, 0x89, 0xbf, 0xa2, 0x80, 0x92, 0x0d, 0xb7, 0x3e, 0xe9, 0x10, 0xb8, 0x9f,
|
||||
0xc1, 0x3b, 0x0e, 0xc6, 0x3c, 0x4c, 0xa4, 0x5d, 0xd2, 0x68, 0x96, 0x43, 0x5f, 0x05, 0x36, 0xce,
|
||||
0x77, 0x8c, 0xd3, 0x63, 0xe3, 0x39, 0x73, 0xeb, 0xe8, 0x67, 0x09, 0xb6, 0xee, 0x9a, 0x96, 0x38,
|
||||
0xa0, 0x66, 0xf8, 0x12, 0x1a, 0x3d, 0xba, 0x4a, 0x59, 0x9e, 0xb3, 0xb8, 0x95, 0x37, 0xbd, 0x80,
|
||||
0x1d, 0xd8, 0xcc, 0xc6, 0x0a, 0x9f, 0xc4, 0x7d, 0x0f, 0x84, 0xad, 0x95, 0xb7, 0xde, 0x2d, 0xe0,
|
||||
0x1b, 0xa8, 0xa7, 0x03, 0x85, 0xbb, 0x09, 0x46, 0x5e, 0x74, 0xab, 0x99, 0xf8, 0xbf, 0xbc, 0x71,
|
||||
0x0b, 0xf8, 0x1e, 0x30, 0x9f, 0x2e, 0x7c, 0x1a, 0xa3, 0x3c, 0x98, 0xba, 0x7b, 0x05, 0x9d, 0xc2,
|
||||
0xa3, 0x7b, 0x72, 0x84, 0x7b, 0x4b, 0xa4, 0xd5, 0x65, 0xf5, 0xc0, 0x7e, 0x28, 0x18, 0x78, 0x30,
|
||||
0xdf, 0xfd, 0xd7, 0xd8, 0xb4, 0xaa, 0x73, 0xa9, 0xef, 0xc6, 0x13, 0x35, 0x73, 0x0b, 0xf8, 0x0a,
|
||||
0xb6, 0x3b, 0xc4, 0x7c, 0xc5, 0x2f, 0xb3, 0x42, 0xf3, 0x8f, 0x95, 0x19, 0x7d, 0x0d, 0x3b, 0xcb,
|
||||
0xd1, 0xb4, 0xb4, 0x3c, 0xf5, 0xec, 0xf0, 0x37, 0xd8, 0xff, 0x67, 0x24, 0xf1, 0xb9, 0x86, 0x59,
|
||||
0x31, 0xb9, 0x99, 0x0d, 0x6f, 0x2b, 0x5f, 0x4a, 0xfa, 0x4f, 0xff, 0x27, 0x00, 0x00, 0xff, 0xff,
|
||||
0xfc, 0x41, 0x7b, 0x84, 0x18, 0x06, 0x00, 0x00,
|
||||
// 465 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x9c, 0x54, 0xc1, 0x6e, 0xd3, 0x40,
|
||||
0x14, 0x4c, 0x9a, 0x06, 0xe8, 0x4b, 0x69, 0xc9, 0xab, 0xd2, 0xa6, 0x46, 0x40, 0xba, 0x5c, 0x72,
|
||||
0x40, 0xa9, 0x54, 0x8e, 0x15, 0x12, 0xa5, 0x05, 0x29, 0x52, 0xe4, 0x43, 0x24, 0x84, 0xe0, 0xc4,
|
||||
0xe2, 0x3c, 0xe2, 0x15, 0x89, 0xd7, 0xac, 0xd7, 0x09, 0x29, 0xdf, 0xc3, 0x7f, 0x22, 0xaf, 0x37,
|
||||
0x24, 0x76, 0x6c, 0x35, 0xf4, 0xb6, 0xd6, 0xbe, 0x99, 0x9d, 0x99, 0x37, 0x32, 0x34, 0x15, 0x3f,
|
||||
0x0f, 0x95, 0xd4, 0xf2, 0x5c, 0xf1, 0x9e, 0x39, 0xe0, 0x8e, 0xe2, 0x4e, 0xcb, 0x93, 0x8a, 0xec,
|
||||
0x45, 0x72, 0x4c, 0xaf, 0xd8, 0x00, 0x4e, 0x5c, 0x9a, 0x5f, 0xc5, 0xda, 0x97, 0x4a, 0xdc, 0x72,
|
||||
0x2d, 0x64, 0x30, 0xa4, 0x9f, 0x31, 0x45, 0x1a, 0x19, 0xd4, 0x79, 0xac, 0xfd, 0xdb, 0x76, 0xb5,
|
||||
0x53, 0xed, 0x36, 0x2e, 0x8e, 0x7a, 0x06, 0x96, 0x19, 0xc5, 0xc7, 0x50, 0x57, 0x34, 0xee, 0xdf,
|
||||
0xb4, 0x77, 0x3a, 0xd5, 0x6e, 0x8d, 0xbd, 0x86, 0x96, 0x4b, 0xf3, 0x6b, 0x52, 0x5a, 0x7c, 0x17,
|
||||
0x1e, 0xd7, 0xb4, 0xe4, 0x6a, 0x40, 0xcd, 0x8b, 0x94, 0x61, 0xda, 0xcf, 0x83, 0x38, 0x9c, 0x7e,
|
||||
0x0c, 0x47, 0x66, 0x78, 0x2c, 0x22, 0xad, 0x32, 0x22, 0x3a, 0xb0, 0xfb, 0x8d, 0x47, 0x64, 0x35,
|
||||
0x60, 0xaa, 0x61, 0x7d, 0x10, 0x19, 0x3c, 0x88, 0x0d, 0xdc, 0xd0, 0x15, 0xce, 0xb0, 0xdf, 0xe0,
|
||||
0xa4, 0x4f, 0xdc, 0xdb, 0xe8, 0x31, 0x1c, 0x78, 0x3e, 0x9f, 0x4c, 0x28, 0x18, 0x53, 0x3f, 0x18,
|
||||
0xd1, 0xaf, 0x54, 0x3c, 0x9e, 0xc1, 0x23, 0x45, 0x51, 0x28, 0x83, 0x88, 0xda, 0x35, 0x03, 0x3f,
|
||||
0x4c, 0xe1, 0xd7, 0xcb, 0x69, 0x36, 0x80, 0x17, 0x43, 0x9a, 0xc9, 0x1f, 0xb4, 0x96, 0xcb, 0x27,
|
||||
0xa1, 0xfd, 0x21, 0x8d, 0x97, 0x0a, 0xf6, 0x61, 0xd7, 0x23, 0xa5, 0x6d, 0x3e, 0xc9, 0x97, 0x1c,
|
||||
0x91, 0x7d, 0xe1, 0x5f, 0x5a, 0x35, 0x93, 0xd6, 0x67, 0xe8, 0x5e, 0x8d, 0xa6, 0x22, 0xb0, 0xe6,
|
||||
0x66, 0x34, 0x59, 0x6c, 0xb0, 0x6f, 0x43, 0xdb, 0x84, 0x3d, 0x9e, 0xf0, 0xb8, 0x7c, 0x9a, 0x2a,
|
||||
0xdf, 0xbb, 0xf8, 0x53, 0x87, 0xd6, 0x7a, 0x6c, 0x36, 0x01, 0xbd, 0xc0, 0x4b, 0x38, 0x74, 0x69,
|
||||
0x9e, 0x89, 0xbd, 0x20, 0x66, 0xa7, 0x28, 0xfa, 0x0a, 0x7e, 0x80, 0x27, 0xf9, 0x8a, 0xe1, 0xd3,
|
||||
0x9e, 0xe2, 0xbd, 0x92, 0xe2, 0x39, 0x45, 0x0b, 0x60, 0x15, 0x7c, 0x0b, 0x07, 0xd9, 0x72, 0xe1,
|
||||
0xa9, 0x65, 0xd9, 0xb4, 0xee, 0x34, 0xed, 0x16, 0x56, 0x37, 0xac, 0x82, 0x7d, 0xc0, 0xcd, 0xa6,
|
||||
0xe1, 0xb3, 0x84, 0xa5, 0xb4, 0x81, 0x25, 0xa6, 0x06, 0x70, 0x54, 0xd0, 0x28, 0x7c, 0xbe, 0xe2,
|
||||
0xfa, 0x1f, 0x6b, 0x2e, 0xb4, 0xcb, 0x2a, 0x82, 0x2f, 0x13, 0xca, 0x3b, 0x0a, 0xe4, 0x34, 0x52,
|
||||
0xde, 0xf7, 0xd3, 0x50, 0x2f, 0x58, 0x05, 0x2f, 0xe1, 0xf8, 0x86, 0xb8, 0xa7, 0xc5, 0x2c, 0x6f,
|
||||
0xb6, 0x68, 0x6d, 0x39, 0xf0, 0x1b, 0x38, 0x59, 0x81, 0xb3, 0xf6, 0x8a, 0xe4, 0xe7, 0xe1, 0x5f,
|
||||
0xe1, 0xec, 0xce, 0x82, 0xe2, 0xab, 0xc4, 0xd4, 0xb6, 0x3d, 0xce, 0xbd, 0xf0, 0xee, 0xe1, 0x97,
|
||||
0xba, 0xf9, 0x79, 0xfd, 0x0d, 0x00, 0x00, 0xff, 0xff, 0xeb, 0x14, 0xc6, 0x23, 0xeb, 0x04, 0x00,
|
||||
0x00,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,40 +6,19 @@ option go_package = "proto";
|
|||
import "core/proto/core.proto";
|
||||
|
||||
service RegistrationAuthority {
|
||||
rpc NewRegistration(Registration) returns (Registration) {}
|
||||
rpc NewAuthorization(NewAuthorizationRequest) returns (Authorization) {}
|
||||
rpc NewRegistration(core.Registration) returns (core.Registration) {}
|
||||
rpc NewAuthorization(NewAuthorizationRequest) returns (core.Authorization) {}
|
||||
rpc NewCertificate(NewCertificateRequest) returns (core.Certificate) {}
|
||||
rpc UpdateRegistration(UpdateRegistrationRequest) returns (Registration) {}
|
||||
rpc UpdateAuthorization(UpdateAuthorizationRequest) returns (Authorization) {}
|
||||
rpc UpdateRegistration(UpdateRegistrationRequest) returns (core.Registration) {}
|
||||
rpc UpdateAuthorization(UpdateAuthorizationRequest) returns (core.Authorization) {}
|
||||
rpc RevokeCertificateWithReg(RevokeCertificateWithRegRequest) returns (core.Empty) {}
|
||||
rpc DeactivateRegistration(Registration) returns (core.Empty) {}
|
||||
rpc DeactivateAuthorization(Authorization) returns (core.Empty) {}
|
||||
rpc DeactivateRegistration(core.Registration) returns (core.Empty) {}
|
||||
rpc DeactivateAuthorization(core.Authorization) returns (core.Empty) {}
|
||||
rpc AdministrativelyRevokeCertificate(AdministrativelyRevokeCertificateRequest) returns (core.Empty) {}
|
||||
}
|
||||
|
||||
message Registration {
|
||||
optional int64 id = 1;
|
||||
optional bytes key = 2;
|
||||
repeated string contact = 3;
|
||||
optional bool contactsPresent = 4;
|
||||
optional string agreement = 5;
|
||||
optional bytes initialIP = 6;
|
||||
optional int64 createdAt = 7; // Unix timestamp (nanoseconds)
|
||||
optional string status = 8;
|
||||
}
|
||||
|
||||
message Authorization {
|
||||
optional string id = 1;
|
||||
optional string identifier = 2;
|
||||
optional int64 registrationID = 3;
|
||||
optional string status = 4;
|
||||
optional int64 expires = 5; // Unix timestamp (nanoseconds)
|
||||
repeated core.Challenge challenges = 6;
|
||||
optional bytes combinations = 7;
|
||||
}
|
||||
|
||||
message NewAuthorizationRequest {
|
||||
optional Authorization authz = 1;
|
||||
optional core.Authorization authz = 1;
|
||||
optional int64 regID = 2;
|
||||
}
|
||||
|
||||
|
|
@ -49,12 +28,12 @@ message NewCertificateRequest {
|
|||
}
|
||||
|
||||
message UpdateRegistrationRequest {
|
||||
optional Registration base = 1;
|
||||
optional Registration update = 2;
|
||||
optional core.Registration base = 1;
|
||||
optional core.Registration update = 2;
|
||||
}
|
||||
|
||||
message UpdateAuthorizationRequest {
|
||||
optional Authorization authz = 1;
|
||||
optional core.Authorization authz = 1;
|
||||
optional int64 challengeIndex = 2;
|
||||
optional core.Challenge response = 3;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
package proto
|
||||
|
||||
//go:generate sh -c "cd ../.. && protoc --go_out=plugins=grpc,Mcore/proto/core.proto=github.com/letsencrypt/boulder/core/proto:. sa/proto/sa.proto"
|
||||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,156 @@
|
|||
syntax = "proto2";
|
||||
|
||||
package sa;
|
||||
option go_package = "proto";
|
||||
|
||||
import "core/proto/core.proto";
|
||||
|
||||
service StorageAuthority {
|
||||
// Getters
|
||||
rpc GetRegistration(RegistrationID) returns (core.Registration) {}
|
||||
rpc GetRegistrationByKey(JsonWebKey) returns (core.Registration) {}
|
||||
rpc GetAuthorization(AuthorizationID) returns (core.Authorization) {}
|
||||
rpc GetValidAuthorizations(GetValidAuthorizationsRequest) returns (ValidAuthorizations) {}
|
||||
rpc GetCertificate(Serial) returns (core.Certificate) {}
|
||||
rpc GetCertificateStatus(Serial) returns (CertificateStatus) {}
|
||||
rpc CountCertificatesRange(Range) returns (Count) {}
|
||||
rpc CountCertificatesByNames(CountCertificatesByNamesRequest) returns (CountByNames) {}
|
||||
rpc CountRegistrationsByIP(CountRegistrationsByIPRequest) returns (Count) {}
|
||||
rpc CountPendingAuthorizations(RegistrationID) returns (Count) {}
|
||||
rpc GetSCTReceipt(GetSCTReceiptRequest) returns (SignedCertificateTimestamp) {}
|
||||
rpc CountFQDNSets(CountFQDNSetsRequest) returns (Count) {}
|
||||
rpc FQDNSetExists(FQDNSetExistsRequest) returns (Exists) {}
|
||||
// Adders
|
||||
rpc NewRegistration(core.Registration) returns (core.Registration) {}
|
||||
rpc UpdateRegistration(core.Registration) returns (core.Empty) {}
|
||||
rpc NewPendingAuthorization(core.Authorization) returns (core.Authorization) {}
|
||||
rpc UpdatePendingAuthorization(core.Authorization) returns (core.Empty) {}
|
||||
rpc FinalizeAuthorization(core.Authorization) returns (core.Empty) {}
|
||||
rpc MarkCertificateRevoked(MarkCertificateRevokedRequest) returns (core.Empty) {}
|
||||
rpc AddCertificate(AddCertificateRequest) returns (AddCertificateResponse) {}
|
||||
rpc AddSCTReceipt(SignedCertificateTimestamp) returns (core.Empty) {}
|
||||
rpc RevokeAuthorizationsByDomain(RevokeAuthorizationsByDomainRequest) returns (RevokeAuthorizationsByDomainResponse) {}
|
||||
rpc DeactivateRegistration(RegistrationID) returns (core.Empty) {}
|
||||
rpc DeactivateAuthorization(AuthorizationID) returns (core.Empty) {}
|
||||
}
|
||||
|
||||
message RegistrationID {
|
||||
optional int64 id = 1;
|
||||
}
|
||||
|
||||
message JsonWebKey {
|
||||
optional bytes jwk = 1;
|
||||
}
|
||||
|
||||
message AuthorizationID {
|
||||
optional string id = 1;
|
||||
}
|
||||
|
||||
message GetValidAuthorizationsRequest {
|
||||
optional int64 registrationID = 1;
|
||||
repeated string domains = 2;
|
||||
optional int64 now = 3; // Unix timestamp (nanoseconds)
|
||||
}
|
||||
|
||||
message ValidAuthorizations {
|
||||
message MapElement {
|
||||
optional string domain = 1;
|
||||
optional core.Authorization authz = 2;
|
||||
}
|
||||
repeated MapElement valid = 1;
|
||||
}
|
||||
|
||||
message CertificateStatus {
|
||||
optional string serial = 1;
|
||||
optional bool subscriberApproved = 2;
|
||||
optional string status = 3;
|
||||
optional int64 ocspLastUpdated = 4;
|
||||
optional int64 revokedDate = 5;
|
||||
optional int64 revokedReason = 6;
|
||||
optional int64 lastExpirationNagSent = 7;
|
||||
optional bytes ocspResponse = 8;
|
||||
optional int64 notAfter = 9;
|
||||
optional bool isExpired = 10;
|
||||
}
|
||||
|
||||
message Serial {
|
||||
optional string serial = 1;
|
||||
}
|
||||
|
||||
message Range {
|
||||
optional int64 earliest = 1; // Unix timestamp (nanoseconds)
|
||||
optional int64 latest = 2; // Unix timestamp (nanoseconds)
|
||||
}
|
||||
|
||||
message Count {
|
||||
optional int64 count = 1;
|
||||
}
|
||||
|
||||
message CountCertificatesByNamesRequest {
|
||||
optional Range range = 1;
|
||||
repeated string names = 2;
|
||||
}
|
||||
|
||||
message CountByNames {
|
||||
message MapElement {
|
||||
optional string name = 1;
|
||||
optional int64 count = 2;
|
||||
}
|
||||
repeated MapElement countByNames = 1;
|
||||
}
|
||||
|
||||
message CountRegistrationsByIPRequest {
|
||||
optional bytes ip = 1;
|
||||
optional Range range = 2;
|
||||
}
|
||||
|
||||
message GetSCTReceiptRequest {
|
||||
optional string serial = 1;
|
||||
optional string logID = 2;
|
||||
}
|
||||
|
||||
message CountFQDNSetsRequest {
|
||||
optional int64 window = 1;
|
||||
repeated string domains = 2;
|
||||
}
|
||||
|
||||
message FQDNSetExistsRequest {
|
||||
repeated string domains = 1;
|
||||
}
|
||||
|
||||
message Exists {
|
||||
optional bool exists = 1;
|
||||
}
|
||||
|
||||
message MarkCertificateRevokedRequest {
|
||||
optional string serial = 1;
|
||||
optional int64 code = 2;
|
||||
}
|
||||
|
||||
message AddCertificateRequest {
|
||||
optional bytes der = 1;
|
||||
optional int64 regID = 2;
|
||||
}
|
||||
|
||||
message AddCertificateResponse {
|
||||
optional string digest = 1;
|
||||
}
|
||||
|
||||
message SignedCertificateTimestamp {
|
||||
optional int64 id = 1;
|
||||
optional int64 sctVersion = 2;
|
||||
optional string logID = 3;
|
||||
optional int64 timestamp = 4;
|
||||
optional bytes extensions = 5;
|
||||
optional bytes signature = 6;
|
||||
optional string certificateSerial = 7;
|
||||
}
|
||||
|
||||
message RevokeAuthorizationsByDomainRequest {
|
||||
optional string domain = 1;
|
||||
}
|
||||
|
||||
message RevokeAuthorizationsByDomainResponse {
|
||||
optional int64 finalized = 1;
|
||||
optional int64 pending = 2;
|
||||
}
|
||||
|
|
@ -7,15 +7,14 @@
|
|||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "90s"
|
||||
"timeout": "15s"
|
||||
},
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
}
|
||||
},
|
||||
|
||||
|
|
|
|||
|
|
@ -4,6 +4,13 @@
|
|||
"rsaProfile": "rsaEE",
|
||||
"ecdsaProfile": "ecdsaEE",
|
||||
"debugAddr": "localhost:8001",
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
},
|
||||
"grpc": {
|
||||
"address": "boulder:9093",
|
||||
"clientIssuerPath": "test/grpc-creds/minica.pem",
|
||||
|
|
@ -119,11 +126,7 @@
|
|||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"serviceQueue": "CA.server",
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"serviceQueue": "CA.server"
|
||||
},
|
||||
"features": {
|
||||
"IDNASupport": true
|
||||
|
|
|
|||
|
|
@ -12,13 +12,12 @@
|
|||
"nagCheckInterval": "24h",
|
||||
"emailTemplate": "test/example-expiration-template",
|
||||
"debugAddr": "localhost:8008",
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
}
|
||||
},
|
||||
|
||||
|
|
@ -31,4 +30,4 @@
|
|||
"stdoutlevel": 6,
|
||||
"sysloglevel": 4
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,17 +22,19 @@
|
|||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "10s"
|
||||
},
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
},
|
||||
"CA": {
|
||||
"server": "CA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
},
|
||||
"caService": {
|
||||
"serverAddresses": ["boulder:9093"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
}
|
||||
},
|
||||
|
||||
|
|
|
|||
|
|
@ -8,12 +8,11 @@
|
|||
"prefix": "Boulder"
|
||||
},
|
||||
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,14 +12,17 @@
|
|||
"boulder-client"
|
||||
]
|
||||
},
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
},
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"serviceQueue": "Publisher.server",
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"serviceQueue": "Publisher.server"
|
||||
}
|
||||
},
|
||||
|
||||
|
|
|
|||
|
|
@ -16,21 +16,28 @@
|
|||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "90s"
|
||||
"timeout": "15s"
|
||||
},
|
||||
"caService": {
|
||||
"serverAddresses": ["boulder:9093"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "90s"
|
||||
"timeout": "15s"
|
||||
},
|
||||
"publisherService": {
|
||||
"serverAddresses": ["boulder:9091"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "10s"
|
||||
"timeout": "15s"
|
||||
},
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
},
|
||||
"grpc": {
|
||||
"address": "boulder:9094",
|
||||
|
|
@ -44,11 +51,7 @@
|
|||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
"serviceQueue": "RA.server",
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"serviceQueue": "RA.server"
|
||||
},
|
||||
"features": {
|
||||
"IDNASupport": true,
|
||||
|
|
|
|||
|
|
@ -4,6 +4,15 @@
|
|||
"maxDBConns": 10,
|
||||
"maxConcurrentRPCServerRequests": 16,
|
||||
"debugAddr": "localhost:8003",
|
||||
"grpc": {
|
||||
"address": "boulder:9095",
|
||||
"clientIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"serverCertificatePath": "test/grpc-creds/boulder-server/cert.pem",
|
||||
"serverKeyPath": "test/grpc-creds/boulder-server/key.pem",
|
||||
"clientNames": [
|
||||
"boulder-client"
|
||||
]
|
||||
},
|
||||
"amqp": {
|
||||
"serverURLFile": "test/secrets/amqp_url",
|
||||
"insecure": true,
|
||||
|
|
|
|||
|
|
@ -18,15 +18,14 @@
|
|||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "10s"
|
||||
"timeout": "15s"
|
||||
},
|
||||
"amqp": {
|
||||
"server": "amqp://guest:guest@localhost:5673",
|
||||
"insecure": true,
|
||||
"SA": {
|
||||
"server": "SA.server",
|
||||
"rpcTimeout": "15s"
|
||||
}
|
||||
"saService": {
|
||||
"serverAddresses": ["boulder:9095"],
|
||||
"serverIssuerPath": "test/grpc-creds/minica.pem",
|
||||
"clientCertificatePath": "test/grpc-creds/boulder-client/cert.pem",
|
||||
"clientKeyPath": "test/grpc-creds/boulder-client/key.pem",
|
||||
"timeout": "15s"
|
||||
},
|
||||
"features": {
|
||||
"AllowAccountDeactivation": true,
|
||||
|
|
|
|||
Loading…
Reference in New Issue