luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

Rename GetOctalFormatted and add serial number to ParsedCertBundle. Basically a noop.

Browse source
This commit is contained in:
Jeff Mitchell 2016-09-16 11:05:43 -04:00
parent 271ab5a4bd
commit 897d3c6d2c
4 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
builtin/logical/pki/backend_test.go
View file

@ -986,7 +986,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int
if len(revokedList) != 1 { if len(revokedList) != 1 {
t.Fatalf("length of revoked list not 1; %d", len(revokedList)) t.Fatalf("length of revoked list not 1; %d", len(revokedList))
} }
revokedString := certutil.GetOctalFormatted(revokedList[0].SerialNumber.Bytes(), ":") revokedString := certutil.GetHexFormatted(revokedList[0].SerialNumber.Bytes(), ":")
if revokedString != reqdata["serial_number"].(string) { if revokedString != reqdata["serial_number"].(string) {
t.Fatalf("got serial %s, expecting %s", revokedString, reqdata["serial_number"].(string)) t.Fatalf("got serial %s, expecting %s", revokedString, reqdata["serial_number"].(string))
} }
@ -1144,7 +1144,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int
} }
found := false found := false
for _, revEntry := range revokedList { for _, revEntry := range revokedList {
revokedString := certutil.GetOctalFormatted(revEntry.SerialNumber.Bytes(), ":") revokedString := certutil.GetHexFormatted(revEntry.SerialNumber.Bytes(), ":")
if revokedString == reqdata["serial_number"].(string) { if revokedString == reqdata["serial_number"].(string) {
found = true found = true
} }
@ -1259,7 +1259,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int
foundRsa := false foundRsa := false
foundEc := false foundEc := false
for _, revEntry := range revokedList { for _, revEntry := range revokedList {
revokedString := certutil.GetOctalFormatted(revEntry.SerialNumber.Bytes(), ":") revokedString := certutil.GetHexFormatted(revEntry.SerialNumber.Bytes(), ":")
if revokedString == reqdata["rsa_int_serial_number"].(string) { if revokedString == reqdata["rsa_int_serial_number"].(string) {
foundRsa = true foundRsa = true
} }

4
helper/certutil/certutil_test.go
View file

@ -13,7 +13,7 @@ import (
// Tests converting back and forth between a CertBundle and a ParsedCertBundle. // Tests converting back and forth between a CertBundle and a ParsedCertBundle.
// //
// Also tests the GetSubjKeyID, GetOctalFormatted, and // Also tests the GetSubjKeyID, GetHexFormatted, and
// ParsedCertBundle.getSigner functions. // ParsedCertBundle.getSigner functions.
func TestCertBundleConversion(t *testing.T) { func TestCertBundleConversion(t *testing.T) {
cbuts := []*CertBundle{ cbuts := []*CertBundle{
@ -189,7 +189,7 @@ func compareCertBundleToParsedCertBundle(cbut *CertBundle, pcbut *ParsedCertBund
return fmt.Errorf("CertBundle has unknown private key type") return fmt.Errorf("CertBundle has unknown private key type")
} }
if cb.SerialNumber != GetOctalFormatted(pcbut.Certificate.SerialNumber.Bytes(), ":") { if cb.SerialNumber != GetHexFormatted(pcbut.Certificate.SerialNumber.Bytes(), ":") {
return fmt.Errorf("Bundle serial number does not match") return fmt.Errorf("Bundle serial number does not match")
} }

5
helper/certutil/helpers.go
View file

@ -20,10 +20,9 @@ import (
"github.com/mitchellh/mapstructure" "github.com/mitchellh/mapstructure"
) )
// GetOctalFormatted returns the byte buffer formatted in octal with // GetHexFormatted returns the byte buffer formatted in hex with
// the specified separator between bytes. // the specified separator between bytes.
// FIXME: where did I originally copy this code from? This ain't octal, it's hex. func GetHexFormatted(buf []byte, sep string) string {
func GetOctalFormatted(buf []byte, sep string) string {
var ret bytes.Buffer var ret bytes.Buffer
for _, cur := range buf { for _, cur := range buf {
if ret.Len() > 0 { if ret.Len() > 0 {

9
helper/certutil/types.go
View file

@ -14,6 +14,7 @@ import (
"crypto/x509" "crypto/x509"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"math/big"
"strings" "strings"
"github.com/hashicorp/vault/helper/errutil" "github.com/hashicorp/vault/helper/errutil"
@ -86,6 +87,7 @@ type ParsedCertBundle struct {
IssuingCA *x509.Certificate IssuingCA *x509.Certificate
CertificateBytes []byte CertificateBytes []byte
Certificate *x509.Certificate Certificate *x509.Certificate
SerialNumber *big.Int
} }
// CSRBundle contains a key type, a PEM-encoded private key, // CSRBundle contains a key type, a PEM-encoded private key,
@ -173,8 +175,11 @@ func (c *CertBundle) ToParsedCertBundle() (*ParsedCertBundle, error) {
} }
} }
result.SerialNumber = result.Certificate.SerialNumber
// Populate if it isn't there already
if len(c.SerialNumber) == 0 && len(c.Certificate) > 0 { if len(c.SerialNumber) == 0 && len(c.Certificate) > 0 {
c.SerialNumber = GetOctalFormatted(result.Certificate.SerialNumber.Bytes(), ":") c.SerialNumber = GetHexFormatted(result.Certificate.SerialNumber.Bytes(), ":")
} }
return result, nil return result, nil
@ -189,7 +194,7 @@ func (p *ParsedCertBundle) ToCertBundle() (*CertBundle, error) {
} }
if p.Certificate != nil { if p.Certificate != nil {
result.SerialNumber = strings.TrimSpace(GetOctalFormatted(p.Certificate.SerialNumber.Bytes(), ":")) result.SerialNumber = strings.TrimSpace(GetHexFormatted(p.Certificate.SerialNumber.Bytes(), ":"))
} }
if p.CertificateBytes != nil && len(p.CertificateBytes) > 0 { if p.CertificateBytes != nil && len(p.CertificateBytes) > 0 {