Головна сторінка Огляд Довідка
Увійти
cloudflare
/
cfssl
дзеркало https://github.com/cloudflare/cfssl
Слідкувати 1
Зірка 0
Відгалуження 0
Файли Проблеми
Гілка: master
Гілки Теги
cfssl
/
api
/
certinfo
/
certinfo.go

certinfo.go 2.2 KB
Постійне посилання Історія Запис

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. // Package certinfo implements the HTTP handler for the certinfo command.
    2. 

  2. package certinfo
    3. 

  3. 

  4. import (
    5. 

  5. 	"errors"
    6. 

  6. 	"net/http"
    7. 

  7. 

  8. 	"github.com/cloudflare/cfssl/api"
    9. 

  9. 	"github.com/cloudflare/cfssl/certdb"
    10. 

  10. 	"github.com/cloudflare/cfssl/certinfo"
    11. 

  11. 	"github.com/cloudflare/cfssl/log"
    12. 

  12. )
    13. 

  13. 

  14. // Handler accepts requests for either remote or uploaded
    15. 

  15. // certificates to be bundled, and returns a certificate bundle (or
    16. 

  16. // error).
    17. 

  17. type Handler struct {
    18. 

  18. 	dbAccessor certdb.Accessor
    19. 

  19. }
    20. 

  20. 

  21. // NewHandler creates a new bundler that uses the root bundle and
    22. 

  22. // intermediate bundle in the trust chain.
    23. 

  23. func NewHandler() http.Handler {
    24. 

  24. 	return api.HTTPHandler{Handler: new(Handler), Methods: []string{"POST"}}
    25. 

  25. }
    26. 

  26. 

  27. // NewAccessorHandler creates a new bundler with database access via the
    28. 

  28. // certdb.Accessor interface. If this handler is constructed it will be possible
    29. 

  29. // to lookup certificates issued earlier by the CA.
    30. 

  30. func NewAccessorHandler(dbAccessor certdb.Accessor) http.Handler {
    31. 

  31. 	return api.HTTPHandler{
    32. 

  32. 		Handler: &Handler{
    33. 

  33. 			dbAccessor: dbAccessor,
    34. 

  34. 		},
    35. 

  35. 		Methods: []string{"POST"},
    36. 

  36. 	}
    37. 

  37. }
    38. 

  38. 

  39. // Handle implements an http.Handler interface for the bundle handler.
    40. 

  40. func (h *Handler) Handle(w http.ResponseWriter, r *http.Request) (err error) {
    41. 

  41. 	blob, matched, err := api.ProcessRequestFirstMatchOf(r,
    42. 

  42. 		[][]string{
    43. 

  43. 			{"certificate"},
    44. 

  44. 			{"domain"},
    45. 

  45. 			{"serial", "authority_key_id"},
    46. 

  46. 		})
    47. 

  47. 	if err != nil {
    48. 

  48. 		log.Warningf("invalid request: %v", err)
    49. 

  49. 		return err
    50. 

  50. 	}
    51. 

  51. 

  52. 	var cert *certinfo.Certificate
    53. 

  53. 	switch matched[0] {
    54. 

  54. 	case "domain":
    55. 

  55. 		if cert, err = certinfo.ParseCertificateDomain(blob["domain"]); err != nil {
    56. 

  56. 			log.Warningf("couldn't parse remote certificate: %v", err)
    57. 

  57. 			return err
    58. 

  58. 		}
    59. 

  59. 	case "certificate":
    60. 

  60. 		if cert, err = certinfo.ParseCertificatePEM([]byte(blob["certificate"])); err != nil {
    61. 

  61. 			log.Warningf("bad PEM certificate: %v", err)
    62. 

  62. 			return err
    63. 

  63. 		}
    64. 

  64. 	case "serial", "authority_key_id":
    65. 

  65. 		if h.dbAccessor == nil {
    66. 

  66. 			log.Warning("could not find certificates with db access")
    67. 

  67. 

  68. 			return errors.New("cannot lookup certificate from serial without db access")
    69. 

  69. 		}
    70. 

  70. 

  71. 		if cert, err = certinfo.ParseSerialNumber(blob["serial"], blob["authority_key_id"], h.dbAccessor); err != nil {
    72. 

  72. 			log.Warningf("couldn't find certificate: %v", err)
    73. 

  73. 

  74. 			return err
    75. 

  75. 		}
    76. 

  76. 	}
    77. 

  77. 

  78. 	return api.SendResponse(w, cert)
    79. 

  79. }
    80. 

  80.