pierre/SolarEnergy
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases 3 Wiki Activity

Start to build sync route

Browse Source
This commit is contained in:
Pierre HUBERT
2024-09-04 22:43:23 +02:00
parent ee938a3aa6
commit 1b02a812b4
7 changed files with 191 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
central_backend/src/crypto/pki.rs
View File

@ -76,6 +76,17 @@ impl CertData {
crl: None,
})
}
/// Check if a certificate is revoked
pub fn is_revoked(&self, cert: &X509) -> anyhow::Result<bool> {
let crl = X509Crl::from_pem(&std::fs::read(
self.crl.as_ref().ok_or(PKIError::MissingCRL)?,
)?)?;
let res = crl.get_by_cert(cert);
Ok(matches!(res, CrlStatus::Revoked(_)))
}
}
/// Generate private key
@ -480,21 +491,10 @@ pub fn gen_certificate_for_device(csr: &X509Req) -> anyhow::Result<String> {
Ok(String::from_utf8(cert)?)
}
/// Check if a certificate is revoked
fn is_revoked(cert: &X509, ca: &CertData) -> anyhow::Result<bool> {
let crl = X509Crl::from_pem(&std::fs::read(
ca.crl.as_ref().ok_or(PKIError::MissingCRL)?,
)?)?;
let res = crl.get_by_cert(cert);
Ok(matches!(res, CrlStatus::Revoked(_)))
}
/// Revoke a certificate
pub fn revoke(cert: &X509, ca: &CertData) -> anyhow::Result<()> {
// Check if certificate is already revoked
if is_revoked(cert, ca)? {
if ca.is_revoked(cert)? {
// No op
return Ok(());
}