Change to KeyAuthorization in sa

core/objects.go

@@ -240,6 +240,11 @@ func NewKeyAuthorizationFromString(input string) (ka KeyAuthorization, err error
 	return
 }
 
+// String produces the string representation of a key authorization
+func (ka KeyAuthorization) String() string {
+	return ka.Token + "." + ka.Thumbprint
+}
+
 // Match determines whether this KeyAuthorization matches the given token and key
 func (ka KeyAuthorization) Match(token string, key *jose.JsonWebKey) bool {
 	if key == nil {
@@ -256,7 +261,7 @@ func (ka KeyAuthorization) Match(token string, key *jose.JsonWebKey) bool {
 
 // MarshalJSON packs a key authorization into its string representation
 func (ka KeyAuthorization) MarshalJSON() (result []byte, err error) {
-	return json.Marshal(ka.Token + "." + ka.Thumbprint)
+	return json.Marshal(ka.String())
 }
 
 // UnmarshalJSON unpacks a key authorization from a string

sa/_db/migrations/20150928221914_AddAuthorizedKey.sql

@@ -2,11 +2,11 @@
 -- +goose Up
 -- SQL in section 'Up' is executed when this migration is applied
 
-ALTER TABLE `challenges` ADD COLUMN (
-  `authorizedKey` mediumblob
-);
+ALTER TABLE `challenges` ADD COLUMN (`keyAuthorization` mediumblob);
+ALTER TABLE `challenges` DROP COLUMN `validation`;
 
 -- +goose Down
 -- SQL section 'Down' is executed when this migration is rolled back
 
-ALTER TABLE `challenges` DROP COLUMN `authorizedKey`;
+ALTER TABLE `challenges` DROP COLUMN `keyAuthorization`;
+ALTER TABLE `challenges` ADD COLUMN (`validation` mediumblob);

sa/model.go

@@ -47,8 +47,7 @@ type challModel struct {
 	Validated        *time.Time      `db:"validated"`
 	Token            string          `db:"token"`
 	TLS              *bool           `db:"tls"`
-	Validation       []byte          `db:"validation"`
-	AuthorizedKey    []byte          `db:"authorizedKey"`
+	KeyAuthorization string          `db:"keyAuthorization"`
 	ValidationRecord []byte          `db:"validationRecord"`
 	AccountKey       []byte          `db:"accountKey"`
 
@@ -102,17 +101,8 @@ func challengeToModel(c *core.Challenge, authID string) (*challModel, error) {
 		Token:           c.Token,
 		TLS:             c.TLS,
 	}
-	if c.Validation != nil {
-		cm.Validation = []byte(c.Validation.FullSerialize())
-		if len(cm.Validation) > mediumBlobSize {
-			return nil, fmt.Errorf("Validation object is too large to store in the database")
-		}
-	}
-	if c.AuthorizedKey != nil {
-		cm.AuthorizedKey = []byte(c.AuthorizedKey)
-		if len(cm.AuthorizedKey) > mediumBlobSize {
-			return nil, fmt.Errorf("AuthorizedKeys object is too large to store in the database")
-		}
+	if c.KeyAuthorization != nil {
+		cm.KeyAuthorization = c.KeyAuthorization.String()
 	}
 	if c.Error != nil {
 		errJSON, err := json.Marshal(c.Error)
@@ -149,20 +139,19 @@ func challengeToModel(c *core.Challenge, authID string) (*challModel, error) {
 
 func modelToChallenge(cm *challModel) (core.Challenge, error) {
 	c := core.Challenge{
-		ID:            cm.ID,
-		Type:          cm.Type,
-		Status:        cm.Status,
-		Validated:     cm.Validated,
-		Token:         cm.Token,
-		TLS:           cm.TLS,
-		AuthorizedKey: core.JSONBuffer(cm.AuthorizedKey),
+		ID:        cm.ID,
+		Type:      cm.Type,
+		Status:    cm.Status,
+		Validated: cm.Validated,
+		Token:     cm.Token,
+		TLS:       cm.TLS,
 	}
-	if len(cm.Validation) > 0 {
-		val, err := jose.ParseSigned(string(cm.Validation))
+	if len(cm.KeyAuthorization) > 0 {
+		ka, err := core.NewKeyAuthorizationFromString(cm.KeyAuthorization)
 		if err != nil {
 			return core.Challenge{}, err
 		}
-		c.Validation = val
+		c.KeyAuthorization = &ka
 	}
 	if len(cm.Error) > 0 {
 		var problem core.ProblemDetails