NOISSUE - Refactor CSR generation (#55)

* Refactor CSR generation

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* handle multiple private key types

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix parsing in transport layer

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* Remove logging

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* add multiple key type support

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* update issue cert method

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* make the strings to constants

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* rename signcsr to issuefromcsr

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* move create csr to cli tool

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* refactor issue cert method

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* address comments

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* change variable from any to crypto.PrivateKey

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* Refactor issueCerts

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* fix failing linter

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* refactor issueCerts and issueforcsr

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

* rename getsubject to subjectFromOpts

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

---------

Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>

api/http/endpoint.go

@@ -310,75 +310,24 @@ func viewCAEndpoint(svc certs.Service) endpoint.Endpoint {
 	}
 }
 
-func createCSREndpoint(svc certs.Service) endpoint.Endpoint {
+func issueFromCSREndpoint(svc certs.Service) endpoint.Endpoint {
 	return func(ctx context.Context, request interface{}) (response interface{}, err error) {
-		req := request.(createCSRReq)
+		req := request.(IssueFromCSRReq)
 		if err := req.validate(); err != nil {
-			return createCSRRes{created: false}, err
+			return issueFromCSRRes{}, err
 		}
 
-		csr, err := svc.CreateCSR(ctx, req.Metadata, req.Metadata.EntityID, req.privKey)
+		cert, err := svc.IssueFromCSR(ctx, req.entityID, req.ttl, certs.CSR{CSR: []byte(req.CSR)})
 		if err != nil {
-			return createCSRRes{created: false}, err
+			return issueFromCSRRes{}, err
 		}
 
-		return createCSRRes{
-			created: true,
-			CSR:     csr,
-		}, nil
-	}
-}
-
-func signCSREndpoint(svc certs.Service) endpoint.Endpoint {
-	return func(ctx context.Context, request interface{}) (response interface{}, err error) {
-		req := request.(SignCSRReq)
-		if err := req.validate(); err != nil {
-			return signCSRRes{signed: false}, err
-		}
-
-		err = svc.SignCSR(ctx, req.csrID, req.approve)
-		if err != nil {
-			return signCSRRes{signed: false}, err
-		}
-
-		return signCSRRes{
-			signed: true,
-		}, nil
-	}
-}
-
-func retrieveCSREndpoint(svc certs.Service) endpoint.Endpoint {
-	return func(ctx context.Context, request interface{}) (response interface{}, err error) {
-		req := request.(retrieveCSRReq)
-		if err := req.validate(); err != nil {
-			return retrieveCSRRes{}, err
-		}
-
-		csr, err := svc.RetrieveCSR(ctx, req.csrID)
-		if err != nil {
-			return retrieveCSRRes{}, err
-		}
-
-		return retrieveCSRRes{
-			CSR: csr,
-		}, nil
-	}
-}
-
-func listCSRsEndpoint(svc certs.Service) endpoint.Endpoint {
-	return func(ctx context.Context, request interface{}) (response interface{}, err error) {
-		req := request.(listCSRsReq)
-		if err := req.validate(); err != nil {
-			return listCSRsRes{}, err
-		}
-
-		cp, err := svc.ListCSRs(ctx, req.pm)
-		if err != nil {
-			return listCSRsRes{}, err
-		}
-
-		return listCSRsRes{
-			cp,
+		return issueFromCSRRes{
+			SerialNumber: cert.SerialNumber,
+			Certificate:  string(cert.Certificate),
+			Revoked:      cert.Revoked,
+			ExpiryTime:   cert.ExpiryTime,
+			EntityID:     cert.EntityID,
 		}, nil
 	}
 }

api/http/errors.go

@@ -33,6 +33,9 @@ var (
 	// ErrMissingCN indicates missing common name.
 	ErrMissingCN = errors.New("missing common name")
 
-	// ErrMissingStatus indicates missing status.
-	ErrMissingStatus = errors.New("missing status")
+	// ErrMissingCSR indicates missing csr.
+	ErrMissingCSR = errors.New("missing CSR")
+
+	// ErrMissingPrivKey indicates missing csr.
+	ErrMissingPrivKey = errors.New("missing private key")
 )

api/http/requests.go

@@ -4,8 +4,6 @@
 package http
 
 import (
-	"crypto/rsa"
-
 	"github.com/absmach/certs"
 	"github.com/absmach/certs/errors"
 	"golang.org/x/crypto/ocsp"
@@ -90,50 +88,19 @@ func (req ocspReq) validate() error {
 	return nil
 }
 
-type createCSRReq struct {
-	Metadata   certs.CSRMetadata `json:"metadata"`
-	PrivateKey []byte            `json:"private_Key"`
-	privKey    *rsa.PrivateKey
+type IssueFromCSRReq struct {
+	entityID string
+	ttl      string
+	CSR      string `json:"csr"`
 }
 
-func (req createCSRReq) validate() error {
-	if req.Metadata.EntityID == "" {
+func (req IssueFromCSRReq) validate() error {
+	if req.entityID == "" {
 		return errors.Wrap(certs.ErrMalformedEntity, ErrMissingEntityID)
 	}
-	return nil
-}
-
-type SignCSRReq struct {
-	csrID   string
-	approve bool
-}
-
-func (req SignCSRReq) validate() error {
-	if req.csrID == "" {
-		return errors.Wrap(certs.ErrMalformedEntity, ErrMissingEntityID)
+	if len(req.CSR) == 0 {
+		return errors.Wrap(certs.ErrMalformedEntity, ErrMissingCSR)
 	}
 
 	return nil
 }
-
-type listCSRsReq struct {
-	pm certs.PageMetadata
-}
-
-func (req listCSRsReq) validate() error {
-	if req.pm.Status.String() == "" {
-		return errors.Wrap(certs.ErrMalformedEntity, ErrMissingStatus)
-	}
-	return nil
-}
-
-type retrieveCSRReq struct {
-	csrID string
-}
-
-func (req retrieveCSRReq) validate() error {
-	if req.csrID == "" {
-		return errors.Wrap(certs.ErrMalformedEntity, ErrMissingEntityID)
-	}
-	return nil
-}

api/http/responses.go

@@ -9,7 +9,6 @@ import (
 	"net/http"
 	"time"
 
-	"github.com/absmach/certs"
 	"golang.org/x/crypto/ocsp"
 )
 
@@ -203,71 +202,22 @@ type fileDownloadRes struct {
 	ContentType string
 }
 
-type createCSRRes struct {
-	certs.CSR
-	created bool
-}
-
-func (res createCSRRes) Code() int {
-	if res.created {
-		return http.StatusCreated
-	}
-
-	return http.StatusNoContent
-}
-
-func (res createCSRRes) Headers() map[string]string {
-	return map[string]string{}
-}
-
-func (res createCSRRes) Empty() bool {
-	return false
-}
-
-type signCSRRes struct {
-	signed bool
-}
-
-func (res signCSRRes) Code() int {
-	return http.StatusOK
-}
-
-func (res signCSRRes) Headers() map[string]string {
-	return map[string]string{}
-}
-
-func (res signCSRRes) Empty() bool {
-	return true
-}
-
-type listCSRsRes struct {
-	certs.CSRPage
-}
-
-func (res listCSRsRes) Code() int {
-	return http.StatusOK
-}
-
-func (res listCSRsRes) Headers() map[string]string {
-	return map[string]string{}
-}
-
-func (res listCSRsRes) Empty() bool {
-	return false
-}
-
-type retrieveCSRRes struct {
-	certs.CSR
+type issueFromCSRRes struct {
+	SerialNumber string    `json:"serial_number"`
+	Certificate  string    `json:"certificate,omitempty"`
+	Revoked      bool      `json:"revoked"`
+	ExpiryTime   time.Time `json:"expiry_time"`
+	EntityID     string    `json:"entity_id"`
 }
 
-func (res retrieveCSRRes) Code() int {
+func (res issueFromCSRRes) Code() int {
 	return http.StatusOK
 }
 
-func (res retrieveCSRRes) Headers() map[string]string {
+func (res issueFromCSRRes) Headers() map[string]string {
 	return map[string]string{}
 }
 
-func (res retrieveCSRRes) Empty() bool {
+func (res issueFromCSRRes) Empty() bool {
 	return false
 }