diff --git a/admin/api/certificate.go b/admin/api/certificate.go
index 4eeb91ac..b962be6f 100644
--- a/admin/api/certificate.go
+++ b/admin/api/certificate.go
@@ -2,6 +2,8 @@ package api
import (
"crypto/rand"
+ "crypto/x509"
+ "crypto/x509/pkix"
"encoding/base32"
"encoding/json"
"errors"
@@ -11,9 +13,9 @@ import (
"math/big"
"os"
"path"
- "time"
"strconv"
"strings"
+ "time"
"srs.epita.fr/fic-server/admin/pki"
"srs.epita.fr/fic-server/libfic"
@@ -31,8 +33,12 @@ func init() {
router.GET("/api/ca/", apiHandler(infoCA))
router.GET("/api/ca.pem", apiHandler(getCAPEM))
router.POST("/api/ca/new", apiHandler(
- func(_ httprouter.Params, _ []byte) (interface{}, error) {
- return true, pki.GenerateCA(time.Date(2019, 01, 19, 0, 0, 0, 0, time.UTC), time.Date(2019, 01, 23, 23, 59, 59, 0, time.UTC))
+ func(_ httprouter.Params, body []byte) (interface{}, error) {
+ var upki PKISettings
+ if err := json.Unmarshal(body, &upki); err != nil {
+ return nil, err
+ }
+ return true, pki.GenerateCA(upki.NotBefore, upki.NotAfter)
}))
router.GET("/api/teams/:tid/certificates", apiHandler(teamHandler(
@@ -83,7 +89,7 @@ func init() {
}
func genHtpasswd() (ret string, err error) {
- var teams []fic.Team
+ var teams []fic.Team
teams, err = fic.GetTeams()
if err != nil {
return
@@ -125,24 +131,33 @@ func genHtpasswd() (ret string, err error) {
return
}
+type PKISettings struct {
+ Version int `json:"version"`
+ SerialNumber *big.Int `json:"serialnumber"`
+ Issuer pkix.Name `json:"issuer"`
+ Subject pkix.Name `json:"subject"`
+ NotBefore time.Time `json:"notbefore"`
+ NotAfter time.Time `json:"notafter"`
+ SignatureAlgorithm x509.SignatureAlgorithm `json:"signatureAlgorithm,"`
+ PublicKeyAlgorithm x509.PublicKeyAlgorithm `json:"publicKeyAlgorithm"`
+}
+
func infoCA(_ httprouter.Params, _ []byte) (interface{}, error) {
_, cacert, err := pki.LoadCA()
if err != nil {
return nil, err
}
- ret := map[string]interface{}{}
-
- ret["version"] = cacert.Version
- ret["serialnumber"] = cacert.SerialNumber
- ret["issuer"] = cacert.Issuer
- ret["subject"] = cacert.Subject
- ret["notbefore"] = cacert.NotBefore
- ret["notafter"] = cacert.NotAfter
- ret["signatureAlgorithm"] = cacert.SignatureAlgorithm
- ret["publicKeyAlgorithm"] = cacert.PublicKeyAlgorithm
-
- return ret, nil
+ return PKISettings{
+ Version: cacert.Version,
+ SerialNumber: cacert.SerialNumber,
+ Issuer: cacert.Issuer,
+ Subject: cacert.Subject,
+ NotBefore: cacert.NotBefore,
+ NotAfter: cacert.NotAfter,
+ SignatureAlgorithm: cacert.SignatureAlgorithm,
+ PublicKeyAlgorithm: cacert.PublicKeyAlgorithm,
+ }, nil
}
func getCAPEM(_ httprouter.Params, _ []byte) (interface{}, error) {
@@ -214,7 +229,7 @@ func generateClientCert(_ httprouter.Params, _ []byte) (interface{}, error) {
type CertExported struct {
Id string `json:"id"`
Creation time.Time `json:"creation"`
- IdTeam *uint64 `json:"id_team"`
+ IdTeam *uint64 `json:"id_team"`
Revoked *time.Time `json:"revoked"`
}
diff --git a/admin/static/js/app.js b/admin/static/js/app.js
index 2040eb8b..4e19079e 100644
--- a/admin/static/js/app.js
+++ b/admin/static/js/app.js
@@ -570,6 +570,12 @@ angular.module("FICApp")
})
.controller("PKIController", function($scope, $rootScope, Certificate, CACertificate, Team, $location, $http) {
+ var ts = Date.now() - Date.now() % 86400000;
+ var d = new Date(ts);
+ $scope.notBefore = d.toISOString();
+ var f = new Date(ts + 3 * 86400000);
+ $scope.notAfter = f.toISOString();
+
$scope.teams = Team.query();
$scope.certificates = Certificate.query();
$scope.certificates.$promise.then(function(certificates) {
@@ -612,7 +618,7 @@ angular.module("FICApp")
};
$scope.generateCA = function() {
- $http.post("/api/ca/new").then(function() {
+ $http.post("/api/ca/new", {"notbefore": $scope.notBefore, "notafter": $scope.notAfter}).then(function() {
$scope.ca = CACertificate.get();
}, function(response) {
$rootScope.newBox('danger', 'An error occurs when generating CA:', response.data.errmsg);
diff --git a/admin/static/views/pki.html b/admin/static/views/pki.html
index 41031b26..3a4dc8be 100644
--- a/admin/static/views/pki.html
+++ b/admin/static/views/pki.html
@@ -115,6 +115,19 @@
Aucune CA n'a été générée pour le moment.
+
+
+