Fix tests and tidy up for review.

ca/certificate-authority.go

@@ -166,12 +166,11 @@ func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest
 	}
 
 	// Store the cert with the certificate authority, if provided
-	digest, err := ca.SA.AddCertificate(certDER)
+	_, err = ca.SA.AddCertificate(certDER)
 	if err != nil {
 		ca.DB.Rollback()
 		return
 	}
-	cert.ID = digest // TODO: Remove
 
 	ca.DB.Commit()
 	return

ca/certificate-authority_test.go

@@ -10,6 +10,7 @@ import (
 	"encoding/asn1"
 	"encoding/hex"
 	"encoding/pem"
+	"fmt"
 	"net/http"
 	"testing"
 	"time"
@@ -352,8 +353,10 @@ func TestIssueCertificate(t *testing.T) {
 		}
 
 		// Verify that the cert got stored in the DB
-		_, err = sa.GetCertificate(certObj.ID)
+		shortSerial := fmt.Sprintf("%x", cert.SerialNumber)[0:16]
-		test.AssertNotError(t, err, "Certificate not found in database")
+		_, err = sa.GetCertificate(shortSerial)
+		test.AssertNotError(t, err,
+			fmt.Sprintf("Certificate %x not found in database", shortSerial))
 	}
 
 	// Test that the CA rejects CSRs with no names

cmd/boulder-wfe/main.go

@@ -99,13 +99,6 @@ func main() {
 
 		// Set up paths
 		wfe.BaseURL = c.WFE.BaseURL
-		wfe.NewRegPath = "/acme/new-reg"
-		wfe.RegPath = "/acme/reg/"
-		wfe.NewAuthzPath = "/acme/new-authz"
-		wfe.AuthzPath = "/acme/authz/"
-		wfe.NewCertPath = "/acme/new-cert"
-		wfe.CertPath = "/acme/cert/"
-		wfe.TermsPath = "/terms"
 		wfe.HandlePaths()
 
 		// Add HandlerTimer to output resp time + success/failure stats to statsd

cmd/boulder/main.go

@@ -95,13 +95,6 @@ func main() {
 
 		// Set up paths
 		wfe.BaseURL = c.WFE.BaseURL
-		wfe.NewRegPath = "/acme/new-reg"
-		wfe.RegPath = "/acme/reg/"
-		wfe.NewAuthzPath = "/acme/new-authz"
-		wfe.AuthzPath = "/acme/authz/"
-		wfe.NewCertPath = "/acme/new-cert"
-		wfe.CertPath = "/acme/cert/"
-		wfe.TermsPath = "/terms"
 		wfe.HandlePaths()
 
 		// We need to tell the RA how to make challenge URIs

core/objects.go

@@ -203,10 +203,6 @@ type Authorization struct {
 // Certificate objects are entirely internal to the server.  The only
 // thing exposed on the wire is the certificate itself.
 type Certificate struct {
-	// An identifier for this authorization, unique across
-	// authorizations and certificates within this instance.
-	ID string
-
 	// The encoded, signed certificate
 	DER jose.JsonBuffer
 

ra/registration-authority_test.go

@@ -11,6 +11,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"encoding/pem"
+	"fmt"
 	"net/url"
 	"testing"
 
@@ -241,9 +242,12 @@ func TestNewCertificate(t *testing.T) {
 
 	cert, err := ra.NewCertificate(certRequest, AccountKey)
 	test.AssertNotError(t, err, "Failed to issue certificate")
+	parsedCert, err := x509.ParseCertificate(cert.DER)
+	test.AssertNotError(t, err, "Failed to parse certificate")
+	shortSerial := fmt.Sprintf("%x", parsedCert.SerialNumber)[0:16]
 
 	// Verify that cert shows up and is as expected
-	dbCert, err := sa.GetCertificate(cert.ID)
+	dbCert, err := sa.GetCertificate(shortSerial)
 	test.AssertNotError(t, err, "Could not fetch certificate from database")
 	test.Assert(t, bytes.Compare(cert.DER, dbCert) == 0, "Certificates differ")
 

sa/storage-authority.go

@@ -177,8 +177,8 @@ func (ssa *SQLStorageAuthority) GetCertificate(id string) (cert []byte, err erro
 		err = errors.New("Invalid certificate serial " + id)
 	}
 	err = ssa.db.QueryRow(
-		"SELECT value FROM certificates WHERE serial > ? LIMIT 1;",
+		"SELECT value FROM certificates WHERE serial LIKE ? LIMIT 1;",
-		id).Scan(&cert)
+		id + "%").Scan(&cert)
 	return
 }
 

test/js/test.js

@@ -417,7 +417,6 @@ function downloadCertificate(resp) {
 
     cli.spinner("Requesting certificate ... done", true);
     console.log();
-    console.log(resp.headers['location']);
     var certB64 = util.b64enc(body);
 
     state.certificate = certB64;

wfe/web-front-end.go

@@ -47,7 +47,16 @@ type WebFrontEndImpl struct {
 
 func NewWebFrontEndImpl(logger *blog.AuditLogger) WebFrontEndImpl {
 	logger.Notice("Web Front End Starting")
-	return WebFrontEndImpl{log: logger}
+	return WebFrontEndImpl{
+		log: logger,
+		NewRegPath:   "/acme/new-reg",
+		RegPath:      "/acme/reg/",
+		NewAuthzPath: "/acme/new-authz",
+		AuthzPath:    "/acme/authz/",
+		NewCertPath:  "/acme/new-cert",
+		CertPath:     "/acme/cert/",
+		TermsPath:    "/terms",
+	}
 }
 
 func (wfe *WebFrontEndImpl) HandlePaths() {
@@ -64,7 +73,6 @@ func (wfe *WebFrontEndImpl) HandlePaths() {
 	http.HandleFunc(wfe.AuthzPath, wfe.Authorization)
 	http.HandleFunc(wfe.CertPath, wfe.Certificate)
 	http.HandleFunc(wfe.TermsPath, wfe.Terms)
-	fmt.Println("Handled ", wfe.TermsPath)
 }
 
 // Method implementations