Intial implementation of CSR

Signed-off-by: nyagamunene <[email protected]>
absmach · Nov 20, 2024 · c40b718 · c40b718
1 parent bdaaa5f
commit c40b718
Show file tree

Hide file tree

Showing 7 changed files with 70 additions and 0 deletions.
diff --git a/certs.go b/certs.go
@@ -32,6 +32,30 @@ type PageMetadata struct {
 	EntityID string `json:"entity_id,omitempty" db:"entity_id"`
 }
 
+type CSRMetadata struct {
+	CommonName         string   `json:"common_name"`
+	Organization       []string `json:"organization"`
+	OrganizationalUnit []string `json:"organizational_unit"`
+	Country            []string `json:"country"`
+	Province           []string `json:"province"`
+	Locality           []string `json:"locality"`
+	StreetAddress      []string `json:"street_address"`
+	PostalCode         []string `json:"postal_code"`
+	EmailAddress       string   `json:"email_address"`
+	DNSNames           []string `json:"dns_names"`
+	IPAddresses        []string `json:"ip_addresses"`
+}
+
+type CSR struct {
+	CSR          []byte    `json:"csr"`
+	PrivateKey   []byte    `json:"private_key"`
+	EntityID     string    `json:"entity_id"`
+	Status       string    `json:"status"`
+	SubmittedAt  time.Time `json:"submitted_at"`
+	ProcessedAt  time.Time `json:"processed_at"`
+	SerialNumber string    `json:"serial_number"`
+}
+
 type Service interface {
 	// RenewCert renews a certificate from the database.
 	RenewCert(ctx context.Context, serialNumber string) error
@@ -73,6 +97,18 @@ type Service interface {
 
 	// RemoveCert deletes a cert for a provided  entityID.
 	RemoveCert(ctx context.Context, entityId string) error
+
+	// CreateCSR creates a new Certificate Signing Request
+	CreateCSR(ctx context.Context, metadata CSRMetadata, entityID string) (CSR, error)
+
+	// ProcessCSR processes a pending CSR and either approves or rejects it
+	ProcessCSR(ctx context.Context, csrID string, approve bool) error
+
+	// ListCSRs returns a list of CSRs based on filter criteria
+	ListCSRs(ctx context.Context, entityID string, status string) ([]CSR, error)
+
+	// RetrieveCSR retrieves a specific CSR by ID
+	RetrieveCSR(ctx context.Context, csrID string) (CSR, error)
 }
 
 type Repository interface {

diff --git a/postgres/certs.go → postgres/certs/certs.go b/postgres/certs.go → postgres/certs/certs.go
diff --git a/postgres/certs_test.go → postgres/certs/certs_test.go b/postgres/certs_test.go → postgres/certs/certs_test.go
diff --git a/postgres/init.go → postgres/certs/init.go b/postgres/init.go → postgres/certs/init.go
diff --git a/postgres/setup_test.go → postgres/certs/setup_test.go b/postgres/setup_test.go → postgres/certs/setup_test.go
diff --git a/postgres/csr/csr.go b/postgres/csr/csr.go
diff --git a/postgres/csr/init.go b/postgres/csr/init.go
@@ -0,0 +1,34 @@
+// Copyright (c) Abstract Machines
+// SPDX-License-Identifier: Apache-2.0
+
+package postgres
+
+import (
+	_ "github.com/jackc/pgx/v5/stdlib"
+	migrate "github.com/rubenv/sql-migrate"
+)
+
+func Migration() *migrate.MemoryMigrationSource {
+	return &migrate.MemoryMigrationSource{
+		Migrations: []*migrate.Migration{
+			{
+				Id: "certs_1",
+				Up: []string{
+					`CREATE TABLE IF NOT EXISTS certs (
+						serial_number VARCHAR(40) UNIQUE NOT NULL,
+                        certificate    TEXT,
+                    	key            TEXT,
+                    	revoked        BOOLEAN,
+                        expiry_time    TIMESTAMP,
+						entity_id      VARCHAR(36),
+						type 		   TEXT CHECK (type IN ('RootCA', 'IntermediateCA', 'ClientCert')),
+                        PRIMARY KEY (serial_number)
+                    )`,
+				},
+				Down: []string{
+					"DROP TABLE certs",
+				},
+			},
+		},
+	}
+}