summaryrefslogtreecommitdiff
path: root/modules/caddypki
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2022-03-25 11:28:54 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2022-03-25 11:28:54 -0600
commitd06d0e79f839a26ab2cf81b00ba2d180623c57a9 (patch)
treec215c3c16ad9280df4721b53460bd36aa5893489 /modules/caddypki
parenta58f240d3ecbb59285303746406cab50217f8d24 (diff)
go.mod: Upgrade CertMagic to v0.16.0
Includes several breaking changes; code base updated accordingly. - Added lots of context arguments - Use fs.ErrNotExist - Rename ACMEManager -> ACMEIssuer; CertificateManager -> Manager
Diffstat (limited to 'modules/caddypki')
-rw-r--r--modules/caddypki/ca.go24
1 files changed, 14 insertions, 10 deletions
diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go
index 7fefee6..c9bdeee 100644
--- a/modules/caddypki/ca.go
+++ b/modules/caddypki/ca.go
@@ -18,7 +18,9 @@ import (
"crypto"
"crypto/x509"
"encoding/json"
+ "errors"
"fmt"
+ "io/fs"
"path"
"sync"
"time"
@@ -76,12 +78,14 @@ type CA struct {
rootCertPath string // mainly used for logging purposes if trusting
log *zap.Logger
+ ctx caddy.Context
}
// Provision sets up the CA.
func (ca *CA) Provision(ctx caddy.Context, id string, log *zap.Logger) error {
ca.mu = new(sync.RWMutex)
ca.log = log.Named("ca." + id)
+ ca.ctx = ctx
if id == "" {
return fmt.Errorf("CA ID is required (use 'local' for the default CA)")
@@ -215,9 +219,9 @@ func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority
}
func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, err error) {
- rootCertPEM, err := ca.storage.Load(ca.storageKeyRootCert())
+ rootCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootCert())
if err != nil {
- if _, ok := err.(certmagic.ErrNotExist); !ok {
+ if !errors.Is(err, fs.ErrNotExist) {
return nil, nil, fmt.Errorf("loading root cert: %v", err)
}
@@ -235,7 +239,7 @@ func (ca CA) loadOrGenRoot() (rootCert *x509.Certificate, rootKey interface{}, e
}
}
if rootKey == nil {
- rootKeyPEM, err := ca.storage.Load(ca.storageKeyRootKey())
+ rootKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyRootKey())
if err != nil {
return nil, nil, fmt.Errorf("loading root key: %v", err)
}
@@ -259,7 +263,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
if err != nil {
return nil, nil, fmt.Errorf("encoding root certificate: %v", err)
}
- err = ca.storage.Store(ca.storageKeyRootCert(), rootCertPEM)
+ err = ca.storage.Store(ca.ctx, ca.storageKeyRootCert(), rootCertPEM)
if err != nil {
return nil, nil, fmt.Errorf("saving root certificate: %v", err)
}
@@ -267,7 +271,7 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
if err != nil {
return nil, nil, fmt.Errorf("encoding root key: %v", err)
}
- err = ca.storage.Store(ca.storageKeyRootKey(), rootKeyPEM)
+ err = ca.storage.Store(ca.ctx, ca.storageKeyRootKey(), rootKeyPEM)
if err != nil {
return nil, nil, fmt.Errorf("saving root key: %v", err)
}
@@ -276,9 +280,9 @@ func (ca CA) genRoot() (rootCert *x509.Certificate, rootKey interface{}, err err
}
func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateKey) (interCert *x509.Certificate, interKey crypto.PrivateKey, err error) {
- interCertPEM, err := ca.storage.Load(ca.storageKeyIntermediateCert())
+ interCertPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateCert())
if err != nil {
- if _, ok := err.(certmagic.ErrNotExist); !ok {
+ if !errors.Is(err, fs.ErrNotExist) {
return nil, nil, fmt.Errorf("loading intermediate cert: %v", err)
}
@@ -297,7 +301,7 @@ func (ca CA) loadOrGenIntermediate(rootCert *x509.Certificate, rootKey crypto.Pr
}
if interKey == nil {
- interKeyPEM, err := ca.storage.Load(ca.storageKeyIntermediateKey())
+ interKeyPEM, err := ca.storage.Load(ca.ctx, ca.storageKeyIntermediateKey())
if err != nil {
return nil, nil, fmt.Errorf("loading intermediate key: %v", err)
}
@@ -321,7 +325,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK
if err != nil {
return nil, nil, fmt.Errorf("encoding intermediate certificate: %v", err)
}
- err = ca.storage.Store(ca.storageKeyIntermediateCert(), interCertPEM)
+ err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateCert(), interCertPEM)
if err != nil {
return nil, nil, fmt.Errorf("saving intermediate certificate: %v", err)
}
@@ -329,7 +333,7 @@ func (ca CA) genIntermediate(rootCert *x509.Certificate, rootKey crypto.PrivateK
if err != nil {
return nil, nil, fmt.Errorf("encoding intermediate key: %v", err)
}
- err = ca.storage.Store(ca.storageKeyIntermediateKey(), interKeyPEM)
+ err = ca.storage.Store(ca.ctx, ca.storageKeyIntermediateKey(), interKeyPEM)
if err != nil {
return nil, nil, fmt.Errorf("saving intermediate key: %v", err)
}