letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

delete ca.RevokeCertificate 

Also, delete the unused core.CertificateAuthorityDatabase while we're
here.

Fixes #1319
This commit is contained in:
Jeff Hodges 2016-01-04 23:59:19 -08:00
parent 42e984b5ae
commit f6473efcc2
4 changed files with 0 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ca/certificate-authority.go
View File

@ -218,12 +218,6 @@ func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest
return ocspResponse, err return ocspResponse, err
} }
// RevokeCertificate revokes the trust of the Cert referred to by the provided Serial.
func (ca *CertificateAuthorityImpl) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
err = ca.SA.MarkCertificateRevoked(serial, reasonCode)
return err
}
// IssueCertificate attempts to convert a CSR into a signed Certificate, while // IssueCertificate attempts to convert a CSR into a signed Certificate, while
// enforcing all policies. Names (domains) in the CertificateRequest will be // enforcing all policies. Names (domains) in the CertificateRequest will be
// lowercased before storage. // lowercased before storage.

4
cmd/ocsp-updater/main_test.go
View File

@ -29,10 +29,6 @@ func (ca *mockCA) GenerateOCSP(xferObj core.OCSPSigningRequest) (ocsp []byte, er
return return
} }
func (ca *mockCA) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
return
}
type mockPub struct { type mockPub struct {
sa core.StorageAuthority sa core.StorageAuthority
} }

8
core/interfaces.go
View File

@ -12,7 +12,6 @@ import (
"time" "time"
jose "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose" jose "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
gorp "github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
) )
// A WebFrontEnd object supplies methods that can be hooked into // A WebFrontEnd object supplies methods that can be hooked into
@ -83,7 +82,6 @@ type RegistrationAuthority interface {
type CertificateAuthority interface { type CertificateAuthority interface {
// [RegistrationAuthority] // [RegistrationAuthority]
IssueCertificate(x509.CertificateRequest, int64) (Certificate, error) IssueCertificate(x509.CertificateRequest, int64) (Certificate, error)
RevokeCertificate(string, RevocationCode) error
GenerateOCSP(OCSPSigningRequest) ([]byte, error) GenerateOCSP(OCSPSigningRequest) ([]byte, error)
} }
@ -133,12 +131,6 @@ type StorageAuthority interface {
StorageAdder StorageAdder
} }
// CertificateAuthorityDatabase represents an atomic sequence source
type CertificateAuthorityDatabase interface {
IncrementAndGetSerial(*gorp.Transaction) (int64, error)
Begin() (*gorp.Transaction, error)
}
// Publisher defines the public interface for the Boulder Publisher // Publisher defines the public interface for the Boulder Publisher
type Publisher interface { type Publisher interface {
SubmitToCT([]byte) error SubmitToCT([]byte) error

31
rpc/rpc-wrappers.go
View File

@ -42,7 +42,6 @@ const (
MethodNewCertificate = "NewCertificate" // RA MethodNewCertificate = "NewCertificate" // RA
MethodUpdateRegistration = "UpdateRegistration" // RA, SA MethodUpdateRegistration = "UpdateRegistration" // RA, SA
MethodUpdateAuthorization = "UpdateAuthorization" // RA MethodUpdateAuthorization = "UpdateAuthorization" // RA
MethodRevokeCertificate = "RevokeCertificate" // CA
MethodRevokeCertificateWithReg = "RevokeCertificateWithReg" // RA MethodRevokeCertificateWithReg = "RevokeCertificateWithReg" // RA
MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA
MethodOnValidationUpdate = "OnValidationUpdate" // RA MethodOnValidationUpdate = "OnValidationUpdate" // RA
@ -704,19 +703,6 @@ func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (
return return
}) })
rpc.Handle(MethodRevokeCertificate, func(req []byte) (response []byte, err error) {
var revokeReq revokeCertificateRequest
err = json.Unmarshal(req, &revokeReq)
if err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodRevokeCertificate, err, req)
return
}
err = impl.RevokeCertificate(revokeReq.Serial, revokeReq.ReasonCode)
return
})
rpc.Handle(MethodGenerateOCSP, func(req []byte) (response []byte, err error) { rpc.Handle(MethodGenerateOCSP, func(req []byte) (response []byte, err error) {
var xferObj core.OCSPSigningRequest var xferObj core.OCSPSigningRequest
err = json.Unmarshal(req, &xferObj) err = json.Unmarshal(req, &xferObj)
@ -767,23 +753,6 @@ func (cac CertificateAuthorityClient) IssueCertificate(csr x509.CertificateReque
return return
} }
// RevokeCertificate sends a request to revoke a certificate
func (cac CertificateAuthorityClient) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
var revokeReq revokeCertificateRequest
revokeReq.Serial = serial
revokeReq.ReasonCode = reasonCode
data, err := json.Marshal(revokeReq)
if err != nil {
// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
errorCondition(MethodRevokeCertificate, err, revokeReq)
return
}
_, err = cac.rpc.DispatchSync(MethodRevokeCertificate, data)
return
}
// GenerateOCSP sends a request to generate an OCSP response // GenerateOCSP sends a request to generate an OCSP response
func (cac CertificateAuthorityClient) GenerateOCSP(signRequest core.OCSPSigningRequest) (resp []byte, err error) { func (cac CertificateAuthorityClient) GenerateOCSP(signRequest core.OCSPSigningRequest) (resp []byte, err error) {
data, err := json.Marshal(signRequest) data, err := json.Marshal(signRequest)