Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PKI Responses Part 4 #18612

Merged
merged 42 commits into from
Mar 14, 2023
Merged

PKI Responses Part 4 #18612

Show file tree
Hide file tree
Changes from 17 commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
dd36bea
First response structures
AnPucel Jan 5, 2023
1695f5e
Root responses
AnPucel Jan 5, 2023
f2f5454
Sign issuers responses
AnPucel Jan 6, 2023
f5c34ad
Tidy responses
AnPucel Jan 9, 2023
59e3d20
path roles pki
AnPucel Jan 9, 2023
d6d705e
Go fmt
AnPucel Jan 9, 2023
c7d817c
formatting
AnPucel Jan 9, 2023
14e5fe0
Changelog
AnPucel Jan 9, 2023
ab5cf29
Fix list
AnPucel Jan 12, 2023
77bdc1b
Fix required for keys
AnPucel Jan 12, 2023
033fd1d
Remove wrong fields from response
AnPucel Jan 12, 2023
66fdde7
Delete --> no content
AnPucel Jan 12, 2023
cc9d9c9
Small delete fixes
AnPucel Jan 12, 2023
d93ca6a
Change to accepted
AnPucel Jan 12, 2023
b967a9f
Change to int
AnPucel Jan 12, 2023
b0d3f72
Change string --> int
AnPucel Jan 12, 2023
b1ed8f4
More string to int
AnPucel Jan 12, 2023
b586dbf
Merge branch 'main' into anpucel/PKIResponse4
AnPucel Feb 6, 2023
02bb5d1
Tests
AnPucel Feb 6, 2023
2934c56
crl/rotate test
AnPucel Feb 6, 2023
3ff152f
Fix revoke
AnPucel Feb 6, 2023
9b13941
missed one
AnPucel Feb 6, 2023
7292f58
Update revocation time
AnPucel Feb 7, 2023
ab83a0f
root/self-signed
AnPucel Feb 7, 2023
5d1f062
tidy-status
AnPucel Feb 7, 2023
6666ccc
config/auto-tidy
AnPucel Feb 7, 2023
fa6e7da
tidy-cancel
AnPucel Feb 7, 2023
95a0370
roles
AnPucel Feb 7, 2023
e941b0c
Remove changelog for single changelog
AnPucel Feb 7, 2023
1532b21
format
AnPucel Feb 7, 2023
68cedd9
Merge branch 'main' into anpucel/PKIResponse4
AnPucel Feb 15, 2023
9f773c8
Missed a few
AnPucel Feb 15, 2023
448e4aa
format
AnPucel Feb 15, 2023
6d55ae9
Fix path
AnPucel Feb 15, 2023
fc7d273
Merge branch 'main' into anpucel/PKIResponse4
AnPucel Feb 22, 2023
048e431
Making fields optional for tidy-cancel
AnPucel Feb 22, 2023
0c987e1
Add tidy test and fixing
AnPucel Feb 22, 2023
101c402
Adding test and fixing some tests
AnPucel Feb 23, 2023
29406c4
Go fmt
AnPucel Feb 23, 2023
61ee66d
Remove http_* fields from responses
AnPucel Mar 14, 2023
145de04
Merge branch 'main' into anpucel/PKIREsponse4
AnPucel Mar 14, 2023
58bc03e
Removing more fields
AnPucel Mar 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions builtin/logical/pki/path_resign_crls.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"errors"
"fmt"
"math/big"
"net/http"
"strconv"
"strings"
"time"
Expand Down Expand Up @@ -77,6 +78,18 @@ base64 encoded. Defaults to "pem".`,
Operations: map[logical.Operation]framework.OperationHandler{
logical.UpdateOperation: &framework.PathOperation{
Callback: b.pathUpdateResignCrlsHandler,
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"crl": {
Type: framework.TypeString,
Description: `CRL`,
Required: true,
},
},
}},
},
},
},

Expand Down Expand Up @@ -133,6 +146,18 @@ value (string)`,
Operations: map[logical.Operation]framework.OperationHandler{
logical.UpdateOperation: &framework.PathOperation{
Callback: b.pathUpdateSignRevocationListHandler,
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"crl": {
Type: framework.TypeString,
Description: `CRL`,
Required: true,
},
},
}},
},
},
},

Expand Down
71 changes: 71 additions & 0 deletions builtin/logical/pki/path_revoke.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"crypto/x509"
"encoding/pem"
"fmt"
"net/http"
"strings"

"github.com/hashicorp/vault/sdk/framework"
Expand All @@ -25,6 +26,18 @@ func pathListCertsRevoked(b *backend) *framework.Path {
Operations: map[logical.Operation]framework.OperationHandler{
logical.ListOperation: &framework.PathOperation{
Callback: b.pathListRevokedCertsHandler,
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"keys": {
Type: framework.TypeStringSlice,
Description: `List of Keys`,
Required: false,
averche marked this conversation as resolved.
Show resolved Hide resolved
},
},
}},
},
},
},

Expand Down Expand Up @@ -56,6 +69,23 @@ signed by an issuer in this mount.`,
// If this needs to write, the entire request will be forwarded to the
// active node of the current performance cluster, but we don't want to
// forward invalid revoke requests there.
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"revocation_time": {
Type: framework.TypeInt,
Description: `Revocation Time`,
Required: true,
},
"revocation_time_rfc3339": {
Type: framework.TypeInt,
Description: `Revocation Time`,
Required: false,
},
},
}},
},
},
},

Expand Down Expand Up @@ -92,6 +122,23 @@ be in PEM format.`,
// If this needs to write, the entire request will be forwarded to the
// active node of the current performance cluster, but we don't want to
// forward invalid revoke requests there.
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"revocation_time": {
Type: framework.TypeInt,
Description: `Revocation Time`,
Required: true,
},
"revocation_time_rfc3339": {
Type: framework.TypeInt,
Description: `Revocation Time`,
Required: false,
},
},
}},
},
},
},

Expand All @@ -111,6 +158,18 @@ func pathRotateCRL(b *backend) *framework.Path {
// so this request should be forwarded when it is first seen, not
// when it is ready to write.
ForwardPerformanceStandby: true,
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"success": {
Type: framework.TypeBool,
Description: `Whether rotation was successful`,
Required: true,
},
},
}},
},
},
},

Expand All @@ -130,6 +189,18 @@ func pathRotateDeltaCRL(b *backend) *framework.Path {
// so this request should be forwarded when it is first seen, not
// when it is ready to write.
ForwardPerformanceStandby: true,
Responses: map[int][]framework.Response{
http.StatusOK: {{
Description: "OK",
Fields: map[string]*framework.FieldSchema{
"success": {
Type: framework.TypeBool,
Description: `Whether rotation was successful`,
Required: true,
},
},
}},
},
},
},

Expand Down
Loading