File: revoke.go

package info (click to toggle)
acmetool 0.2.2-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 792 kB
  • sloc: sh: 349; makefile: 105
file content (49 lines) | stat: -rw-r--r-- 924 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
package storageops

import (
	"fmt"
	"github.com/hlandau/acmetool/storage"
	"github.com/hlandau/acmetool/util"
)

func RevokeByCertificateOrKeyID(s storage.Store, id string) error {
	c := s.CertificateByID(id)
	if c == nil {
		return revokeByKeyID(s, id)
	}

	if c.Revoked {
		log.Warnf("%v already revoked", c)
		return nil
	}

	c.RevocationDesired = true
	return s.SaveCertificate(c)
}

func revokeByKeyID(s storage.Store, keyID string) error {
	k := s.KeyByID(keyID)
	if k == nil {
		return fmt.Errorf("cannot find certificate or key with given ID: %q", keyID)
	}

	var merr util.MultiError
	s.VisitCertificates(func(c *storage.Certificate) error {
		if c.Key != k {
			return nil // continue
		}

		err := RevokeByCertificateOrKeyID(s, c.ID())
		if err != nil {
			merr = append(merr, fmt.Errorf("failed to mark %v for revocation: %v", c, err))
		}

		return nil
	})

	if len(merr) > 0 {
		return merr
	}

	return nil
}