From dee5a19d36554a8f9a365efd65d13b134889bf63 Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Sun, 19 Jun 2016 23:44:25 +0100
Subject: first pass at a certificate store

---
 server/store/store.go | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 server/store/store.go

(limited to 'server/store/store.go')

diff --git a/server/store/store.go b/server/store/store.go
new file mode 100644
index 0000000..ad4922a
--- /dev/null
+++ b/server/store/store.go
@@ -0,0 +1,39 @@
+package store
+
+import (
+	"golang.org/x/crypto/ssh"
+
+	"github.com/nsheridan/cashier/server/certutil"
+)
+
+// CertStorer records issued certs in a persistent store for audit and
+// revocation purposes.
+type CertStorer interface {
+	Get(id string) (*CertRecord, error)
+	SetCert(cert *ssh.Certificate) error
+	SetRecord(record *CertRecord) error
+	List() ([]*CertRecord, error)
+	Revoke(id string) error
+	GetRevoked() ([]*CertRecord, error)
+	Close() error
+}
+
+// A CertRecord is a representation of a ssh certificate used by a CertStorer.
+type CertRecord struct {
+	KeyID      string
+	Principals []string
+	CreatedAt  uint64
+	Expires    uint64
+	Revoked    bool
+	Raw        string
+}
+
+func parseCertificate(cert *ssh.Certificate) *CertRecord {
+	return &CertRecord{
+		KeyID:      cert.KeyId,
+		Principals: cert.ValidPrincipals,
+		CreatedAt:  cert.ValidAfter,
+		Expires:    cert.ValidBefore,
+		Raw:        certutil.GetPublicKey(cert),
+	}
+}
-- 
cgit v1.2.3