jandd/cacert-gosigner
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
cacert-gosigner/pkg/messages/messages.go

446 lines
10 KiB
Go
Raw Permalink Normal View History

Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
/*
Update to Go 1.21 - bump go module version to 1.21 - replace deprecated CRL APIs - update dependencies
2023-09-17 07:37:43 +00:00
Copyright 2022-2023 CAcert Inc.
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
//go:generate go run github.com/shamaton/msgpackgen
// Package messages contains structure definitions for protocol messages
package messages
import (
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
"crypto"
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
"crypto/x509"
"encoding/pem"
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
"fmt"
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
"math/big"
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
"sort"
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
"strings"
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
"time"
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
// required for msgpackgen
_ "github.com/dave/jennifer"
"github.com/google/uuid"
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
"git.cacert.org/cacert-gosigner/internal/x509/signing"
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
)
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
type CommandCode int8
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
const (
Refactor client protocol - define protocols.ClientHandler interface as base for client implementations - implement protocols.ClientHandler in clientsim's ClientHandler type - move protocol state handling into protocols.ServerProtocol and protocols.ClientProtocol - move protocolState type into protocols.go - reduce clientsim's TestCommandGenerator responsibility to test command generation
2022-11-29 13:05:10 +00:00
CmdUndef CommandCode = iota
CmdHealth
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
CmdCAInfo
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
CmdFetchCRL
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
CmdSignCertificate
CmdSignOpenPGP
CmdRevokeCertificate
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
)
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
var commandNames = map[CommandCode]string{
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
CmdUndef: "UNDEFINED",
CmdHealth: "HEALTH",
CmdFetchCRL: "FETCH CRL",
CmdCAInfo: "CA INFO",
CmdSignCertificate: "SIG CERT",
CmdSignOpenPGP: "SIG OPENPGP",
CmdRevokeCertificate: "REV CERT",
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
func (c CommandCode) String() string {
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
if name, ok := commandNames[c]; ok {
return name
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
return fmt.Sprintf("unknown %d", c)
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
type ResponseCode int8
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
const (
Refactor client protocol - define protocols.ClientHandler interface as base for client implementations - implement protocols.ClientHandler in clientsim's ClientHandler type - move protocol state handling into protocols.ServerProtocol and protocols.ClientProtocol - move protocolState type into protocols.go - reduce clientsim's TestCommandGenerator responsibility to test command generation
2022-11-29 13:05:10 +00:00
RespError ResponseCode = -1
RespUndef ResponseCode = iota
RespHealth
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
RespCAInfo
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
RespFetchCRL
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
RespSignCertificate
RespSignOpenPGP
RespRevokeCertificate
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
)
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
var responseNames = map[ResponseCode]string{
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
RespError: "ERROR",
RespUndef: "UNDEFINED",
RespHealth: "HEALTH",
RespCAInfo: "CA INFO",
RespFetchCRL: "FETCH CRL",
RespSignCertificate: "SIG CERT",
RespSignOpenPGP: "SIG OPENPGP",
RespRevokeCertificate: "REV CERT",
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
func (c ResponseCode) String() string {
if name, ok := responseNames[c]; ok {
return name
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
return fmt.Sprintf("unknown %d", c)
}
type CommandAnnounce struct {
Code CommandCode `msgpack:"code"`
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
ID string `msgpack:"id"`
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
Created time.Time `msgpack:"created"`
}
func (r *CommandAnnounce) String() string {
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
return fmt.Sprintf("code=%s, id=%s, created=%s", r.Code, r.ID, r.Created.Format(time.RFC3339))
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
func BuildCommandAnnounce(code CommandCode) *CommandAnnounce {
commandID := uuid.NewString()
return &CommandAnnounce{Code: code, ID: commandID, Created: time.Now().UTC()}
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
type ResponseAnnounce struct {
Code ResponseCode `msgpack:"code"`
Created time.Time `msgpack:"created"`
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
ID string `msgpack:"id"`
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
func (r *ResponseAnnounce) String() string {
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
return fmt.Sprintf("code=%s, id=%s, created=%s", r.Code, r.ID, r.Created.Format(time.RFC3339))
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
}
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
func BuildResponseAnnounce(code ResponseCode, commandID string) *ResponseAnnounce {
return &ResponseAnnounce{Code: code, ID: commandID, Created: time.Now().UTC()}
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type CAProfile struct {
Name string `msgpack:"name"`
Description string `msgpack:"description"`
UseFor signing.ProfileUsage `msgpack:"use-for"`
}
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
func (p CAProfile) String() string {
return fmt.Sprintf("profile['%s': '%s']", p.Name, p.UseFor)
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type CertificateStatus string
const (
CertStatusOk CertificateStatus = "ok"
CertStatusFailed CertificateStatus = "failed"
)
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
type CAInfoCommand struct {
Name string `msgpack:"name"`
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (c *CAInfoCommand) String() string {
return fmt.Sprintf("name=%s", c.Name)
Implement CA information command This commit defines command codes for planned commands and response codes for their corresponding responses. The health response from the HSM access component has been reduced to avoid unnecessary data transmissions. A new CA information command has been implemented. This command can be used to retrieve the CA certificate and profile information for a given CA name. The client simulator has been updated to retrieve CA information for all CAs when the list of CAs changes.
2022-12-02 17:31:59 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type CAInfoResponse struct {
Name string `msgpack:"name"`
Certificate []byte `msgpack:"certificate"`
Signing bool `msgpack:"signing"`
Profiles []CAProfile `msgpack:"profiles"`
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (r CAInfoResponse) String() string {
return fmt.Sprintf("certificate name=%s, signing=%t, profiles=[%s]", r.Name, r.Signing, r.Profiles)
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
type FetchCRLCommand struct {
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
IssuerID string `msgpack:"issuer_id"`
LastKnownID []byte `msgpack:"last_known_id"`
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (c *FetchCRLCommand) String() string {
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
builder := &strings.Builder{}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
_, _ = fmt.Fprintf(builder, "issuerId='%s'", c.IssuerID)
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
if c.LastKnownID != nil {
_, _ = fmt.Fprintf(builder, ", lastKnownId=0x%x", new(big.Int).SetBytes(c.LastKnownID))
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
}
return builder.String()
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type FetchCRLResponse struct {
IssuerID string `msgpack:"issuer_id"`
IsDelta bool `msgpack:"is_delta"`
UnChanged bool `msgpack:"unchanged"`
CRLData []byte `msgpack:"crl_data"`
CRLNumber []byte `msgpack:"crl_number"`
Implement health check infrastructure This commit adds health check capabilities to the hsm.Access and health response data to the messages returned by the health command.
2022-08-03 13:45:27 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
func (r *FetchCRLResponse) String() string {
builder := &strings.Builder{}
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
_, _ = fmt.Fprintf(
builder,
"issuer id=%s, delta=%t, unchanged=%t, CRL number=0x%x",
r.IssuerID,
r.IsDelta,
r.UnChanged,
new(big.Int).SetBytes(r.CRLNumber),
)
if r.UnChanged {
return builder.String()
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
if r.IsDelta {
_, _ = fmt.Fprintf(builder, ", delta CRL data of %d bytes not shown", len(r.CRLData))
Switch to logrus for structured logging
2022-11-20 09:07:02 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
return builder.String()
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
}
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
revocationList, err := x509.ParseRevocationList(r.CRLData)
if err != nil {
_, _ = fmt.Fprintf(builder, ", could not parse CRL: %s", err.Error())
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
return builder.String()
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
_, _ = fmt.Fprintf(
builder,
", CRL info: issuer=%s, number=0x%x, next update=%s, revoked certificates=%d",
revocationList.Issuer,
revocationList.Number,
revocationList.NextUpdate,
Update to Go 1.21 - bump go module version to 1.21 - replace deprecated CRL APIs - update dependencies
2023-09-17 07:37:43 +00:00
len(revocationList.RevokedCertificateEntries),
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
)
_, _ = builder.WriteString(", CRL data:\n")
_ = pem.Encode(builder, &pem.Block{
Type: "CERTIFICATE REVOCATION LIST",
Bytes: r.CRLData,
})
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
return builder.String()
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type HealthCommand struct{}
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (c *HealthCommand) String() string {
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
return ""
Implement configuration support for CA profiles
2022-11-30 17:42:40 +00:00
}
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
type HealthInfo struct {
Source string
Healthy bool
MoreInfo map[string]string
}
func (i *HealthInfo) String() string {
builder := &strings.Builder{}
_, _ = fmt.Fprintf(builder, "source: %s, healthy: %v", i.Source, i.Healthy)
if len(i.MoreInfo) > 0 {
keys := make([]string, 0, len(i.MoreInfo))
parts := make([]string, len(i.MoreInfo))
for k := range i.MoreInfo {
keys = append(keys, k)
}
sort.Strings(keys)
for j, k := range keys {
parts[j] = fmt.Sprintf("'%s': '%s'", k, i.MoreInfo[k])
}
builder.WriteRune('[')
builder.WriteString(strings.Join(parts, ", "))
builder.WriteRune(']')
}
return builder.String()
}
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
type HealthResponse struct {
Version string `msgpack:"version"`
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
Healthy bool `msgpack:"healthy"`
Info []*HealthInfo
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (r *HealthResponse) String() string {
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
builder := &strings.Builder{}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
_, _ = fmt.Fprintf(builder, "signer version=%s, healthy=%v, health data=[", r.Version, r.Healthy)
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
infos := make([]string, len(r.Info))
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
for i, info := range r.Info {
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
infos[i] = fmt.Sprintf("{%s}", info)
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
Test and refactor messages - add unit tests for all handwritten code in messages package - use uuid.NewString() instead of uuid.NewUUID() to avoid unnecessary error handling - sort code in messages.go to put type related code close to each other - move checkFailed from hsm.Access.Healthy method to messages.CertificateInfoFailed - add typing for Status field of messages.CertificateInfo
2022-12-01 10:34:07 +00:00
builder.WriteString(strings.Join(infos, ", "))
builder.WriteRune(']')
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
return builder.String()
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type SignCertificateCommand struct {
IssuerID string `msgpack:"issuer_id"`
ProfileName string `msgpack:"profile_name"`
CSRData []byte `msgpack:"csr_data"`
CommonName string `msgpack:"cn"`
Organization string `msgpack:"o"`
OrganizationalUnit string `msgpack:"ou"`
Update to Go 1.21 - bump go module version to 1.21 - replace deprecated CRL APIs - update dependencies
2023-09-17 07:37:43 +00:00
Locality string `msgpack:"locality"`
Province string `msgpack:"province"`
Country string `msgpack:"country"`
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
Hostnames []string `msgpack:"hostnames"`
EmailAddresses []string `msgpack:"email_addresses"`
PreferredHash crypto.Hash `msgpack:"preferred_hash"`
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
func (c *SignCertificateCommand) String() string {
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
builder := &strings.Builder{}
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
_, _ = fmt.Fprintf(
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
builder, "issuer_id=%s, profile_name=%s, cn=%s", c.IssuerID, c.ProfileName, c.CommonName,
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
)
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
if c.Organization != "" {
_, _ = fmt.Fprintf(builder, ", o=%s", c.Organization)
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
if c.OrganizationalUnit != "" {
_, _ = fmt.Fprintf(builder, ", ou=%s", c.OrganizationalUnit)
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
}
Update to Go 1.21 - bump go module version to 1.21 - replace deprecated CRL APIs - update dependencies
2023-09-17 07:37:43 +00:00
if c.Locality != "" {
_, _ = fmt.Fprintf(builder, "l=%s", c.Locality)
}
if c.Province != "" {
_, _ = fmt.Fprintf(builder, "st=%s", c.Province)
}
if c.Country != "" {
_, _ = fmt.Fprintf(builder, "st=%s", c.Country)
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
if len(c.Hostnames) > 0 {
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
builder.WriteString(", hostnames=[")
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
builder.WriteString(strings.Join(c.Hostnames, ", "))
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
builder.WriteRune(']')
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
if len(c.EmailAddresses) > 0 {
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
builder.WriteString(", email_addresses=[")
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
builder.WriteString(strings.Join(c.EmailAddresses, ", "))
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
builder.WriteRune(']')
}
Implement delta CRL support This commit provides real CRL support with persistent storage of CRLs as well as support for delta CRLs using github.com/balacode/go-delta
2022-11-30 17:47:18 +00:00
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
return builder.String()
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
}
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
type SignCertificateResponse struct {
CertificateData []byte `msgpack:"cert_data"`
Implement serial link and protocol handling infrastructure This commit adds basic serial link and protocol support. None of the commands from the docs/design.md document is implemented yet. The following new packages have been added: - seriallink containing the serial link handler including COBS decoding and encoding - protocol containing the protocol handler including msgpack unmarshalling and marshaling - health containing a rudimentary health check implementation - messages containing command and response types and generated msgpack marshaling code A client simulation command has been added in cmd/clientsim. README.md got instructions how to run the client simulator. The docs/config.sample.yaml contains a new section for the serial connection parameters.
2022-08-03 12:38:36 +00:00
}
Implement command type handling This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command.
2022-11-20 17:59:37 +00:00
Implement sign certificate command - decouple config and messages - cainfo maps from config.Profile to messages.CAProfile - config parses profile usage - validity can be configured per certificate profile, defaults are defined in a defaultValidity method of the profile usage - the client simulator emits certificate signing requests at random intervals - add implementation of SingCertificateCommand to MsgPackHandler - remove indirection signing.RequestSignature
2022-12-11 12:32:05 +00:00
func (r *SignCertificateResponse) String() string {
return fmt.Sprintf("cert_data of %d bytes", len(r.CertificateData))
Protocol improvements - add a client generated command ID for tracing commands and responses - define protocol delimiter in protocol.CobsDelimiter - apply code simplifications suggested by golangci-lint - add Makefile - add compile time build information for signer binary - make sure that dependencies for msgpackgen survive go mod tidy - extract MsgPackHandler into its own file - add CRL number to fetch CRL response - remove port.Flush() to avoid removing written data before it reaches the client
2022-11-28 16:10:46 +00:00
}
Define command and response for RevokeCertificate
2022-12-11 13:00:47 +00:00
type RevokeCertificateCommand struct {
IssuerID string `msgpack:"issuer_id"`
Serial []byte `msgpack:"serial_number"`
Reason string `msgpack:"reason"`
}
func (c *RevokeCertificateCommand) String() string {
builder := &strings.Builder{}
_, _ = fmt.Fprintf(
builder,
"issuerID=%s, serial=0x%s", c.IssuerID, new(big.Int).SetBytes(c.Serial).Text(16),
)
if c.Reason != "" {
_, _ = fmt.Fprintf(builder, ", reason=%s", c.Reason)
}
return builder.String()
}
type RevokeCertificateResponse struct {
IssuerID string `msgpack:"issuer_id"`
Serial []byte `msgpack:"serial_number"`
RevokedAt time.Time `msgpack:"revoked_at"`
}
func (r *RevokeCertificateResponse) String() string {
return fmt.Sprintf(
"issuerID=%s, serial=0x%s, revoked_at=%s",
r.IssuerID, new(big.Int).SetBytes(r.Serial).Text(16), r.RevokedAt.Format(time.RFC3339),
)
}
Define command and response for SignOpenPGP
2022-12-11 13:01:48 +00:00
type SignOpenPGPCommand struct {
IssuerID string `msgpack:"issuer_id"`
ProfileName string `msgpack:"profile_name"`
PublicKey []byte `msgpack:"public_key"`
CommonName string `msgpack:"cn"`
EmailAddresses []string `msgpack:"email_addresses"`
}
func (c *SignOpenPGPCommand) String() string {
builder := &strings.Builder{}
_, _ = fmt.Fprintf(
builder, "issuer_id=%s, profile_name=%s, cn=%s", c.IssuerID, c.ProfileName, c.CommonName,
)
if len(c.EmailAddresses) > 0 {
builder.WriteString(", email_addresses=[")
builder.WriteString(strings.Join(c.EmailAddresses, ", "))
builder.WriteRune(']')
}
return builder.String()
}
type SignOpenPGPResponse struct {
SignatureData []byte `msgpack:"signature_data"`
}
func (r *SignOpenPGPResponse) String() string {
return fmt.Sprintf("sig_data of %d bytes", len(r.SignatureData))
}
Cleanup command and response types - use consistent method recipient names - move ErrorResponse to the end of the messages - fix email address output in SignCertificateCommand String() method
2022-12-11 13:03:45 +00:00
type ErrorResponse struct {
Message string `msgpack:"message"`
}
func (r *ErrorResponse) String() string {
return fmt.Sprintf("message=%s", r.Message)
}
Reference in a new issue Copy permalink