diff options
Diffstat (limited to 'server/store/store.go')
-rw-r--r-- | server/store/store.go | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/server/store/store.go b/server/store/store.go new file mode 100644 index 0000000..ad4922a --- /dev/null +++ b/server/store/store.go @@ -0,0 +1,39 @@ +package store + +import ( + "golang.org/x/crypto/ssh" + + "github.com/nsheridan/cashier/server/certutil" +) + +// CertStorer records issued certs in a persistent store for audit and +// revocation purposes. +type CertStorer interface { + Get(id string) (*CertRecord, error) + SetCert(cert *ssh.Certificate) error + SetRecord(record *CertRecord) error + List() ([]*CertRecord, error) + Revoke(id string) error + GetRevoked() ([]*CertRecord, error) + Close() error +} + +// A CertRecord is a representation of a ssh certificate used by a CertStorer. +type CertRecord struct { + KeyID string + Principals []string + CreatedAt uint64 + Expires uint64 + Revoked bool + Raw string +} + +func parseCertificate(cert *ssh.Certificate) *CertRecord { + return &CertRecord{ + KeyID: cert.KeyId, + Principals: cert.ValidPrincipals, + CreatedAt: cert.ValidAfter, + Expires: cert.ValidBefore, + Raw: certutil.GetPublicKey(cert), + } +} |