tokenserver/appengine/impl/certchecker/rpc_is_revoked_cert.go - infra/luci/luci-go - Git at Google

 // Copyright 2016 The LUCI Authors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package certchecker

 import (
 	"context"
 	"math/big"

 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"

 	"go.chromium.org/luci/tokenserver/api/admin/v1"
 )

 // IsRevokedCertRPC implements CertificateAuthorities.IsRevokedCert RPC method.
 type IsRevokedCertRPC struct {
 }

 // IsRevokedCert says whether a certificate serial number is in the CRL.
 func (r *IsRevokedCertRPC) IsRevokedCert(c context.Context, req *admin.IsRevokedCertRequest) (*admin.IsRevokedCertResponse, error) {
 	sn := big.Int{}
 	if _, ok := sn.SetString(req.Sn, 0); !ok {
 		return nil, status.Errorf(codes.InvalidArgument, "can't parse 'sn'")
 	}

 	checker, err := GetCertChecker(c, req.Ca)
 	if err != nil {
 		if details, ok := err.(Error); ok && details.Reason == NoSuchCA {
 			return nil, status.Errorf(codes.NotFound, "no such CA: %q", req.Ca)
 		}
 		return nil, status.Errorf(codes.Internal, "failed to check %q CRL - %s", req.Ca, err)
 	}

 	revoked, err := checker.CRL.IsRevokedSN(c, &sn)
 	if err != nil {
 		return nil, status.Errorf(codes.Internal, "failed to check %q CRL - %s", req.Ca, err)
 	}

 	return &admin.IsRevokedCertResponse{Revoked: revoked}, nil
 }
	// Copyright 2016 The LUCI Authors.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package certchecker

	import (
	"context"
	"math/big"

	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/status"

	"go.chromium.org/luci/tokenserver/api/admin/v1"
	)

	// IsRevokedCertRPC implements CertificateAuthorities.IsRevokedCert RPC method.
	type IsRevokedCertRPC struct {
	}

	// IsRevokedCert says whether a certificate serial number is in the CRL.
	func (r IsRevokedCertRPC) IsRevokedCert(c context.Context, req admin.IsRevokedCertRequest) (*admin.IsRevokedCertResponse, error) {
	sn := big.Int{}
	if _, ok := sn.SetString(req.Sn, 0); !ok {
	return nil, status.Errorf(codes.InvalidArgument, "can't parse 'sn'")
	}

	checker, err := GetCertChecker(c, req.Ca)
	if err != nil {
	if details, ok := err.(Error); ok && details.Reason == NoSuchCA {
	return nil, status.Errorf(codes.NotFound, "no such CA: %q", req.Ca)
	}
	return nil, status.Errorf(codes.Internal, "failed to check %q CRL - %s", req.Ca, err)
	}

	revoked, err := checker.CRL.IsRevokedSN(c, &sn)
	if err != nil {
	return nil, status.Errorf(codes.Internal, "failed to check %q CRL - %s", req.Ca, err)
	}

	return &admin.IsRevokedCertResponse{Revoked: revoked}, nil
	}