diff options
| author | Jeremy Clerc <jclerc@google.com> | 2015-09-12 11:09:09 +0200 |
|---|---|---|
| committer | Jeremy Clerc <jeremy@clerc.io> | 2015-09-12 11:09:09 +0200 |
| commit | b071349a3ddf92e655f8c82425c4bb9e27f4449e (patch) | |
| tree | cae3f12524675901559377d36744d41989a3bb6b /pkg/easyca/easyca.go | |
| parent | 7a2991a99a3a1c3050515b7ea9e591871db43db8 (diff) | |
| download | easypki-b071349a3ddf92e655f8c82425c4bb9e27f4449e.tar.xz | |
avoid nested code in easyca.GenCRL
Diffstat (limited to 'pkg/easyca/easyca.go')
| -rw-r--r-- | pkg/easyca/easyca.go | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/pkg/easyca/easyca.go b/pkg/easyca/easyca.go index 06bb587..26bf5f0 100644 --- a/pkg/easyca/easyca.go +++ b/pkg/easyca/easyca.go @@ -185,27 +185,29 @@ func GenCRL(pkiroot string, expire int) error { if len(matches) != 7 { return fmt.Errorf("wrong line format %v elems: %v, %v", len(matches), matches, scanner.Text()) } - if matches[1] == "R" { - crt, err := GetCertificate(filepath.Join(pkiroot, "issued", matches[5])) - if err != nil { - return fmt.Errorf("get certificate %v: %v", matches[5], err) - } + if matches[1] != "R" { + continue + } - matchedSerial := big.NewInt(0) - fmt.Sscanf(matches[4], "%X", matchedSerial) - if matchedSerial.Cmp(crt.SerialNumber) != 0 { - return fmt.Errorf("serial in index does not match revoked certificate: %v", matches[0]) - } - revocationTime, err := time.Parse("060102150405", strings.TrimSuffix(matches[3], "Z")) - if err != nil { - return fmt.Errorf("parse revocation time: %v", err) - } - revokedCerts = append(revokedCerts, pkix.RevokedCertificate{ - SerialNumber: crt.SerialNumber, - RevocationTime: revocationTime, - Extensions: crt.Extensions, - }) + crt, err := GetCertificate(filepath.Join(pkiroot, "issued", matches[5])) + if err != nil { + return fmt.Errorf("get certificate %v: %v", matches[5], err) + } + + matchedSerial := big.NewInt(0) + fmt.Sscanf(matches[4], "%X", matchedSerial) + if matchedSerial.Cmp(crt.SerialNumber) != 0 { + return fmt.Errorf("serial in index does not match revoked certificate: %v", matches[0]) + } + revocationTime, err := time.Parse("060102150405", strings.TrimSuffix(matches[3], "Z")) + if err != nil { + return fmt.Errorf("parse revocation time: %v", err) } + revokedCerts = append(revokedCerts, pkix.RevokedCertificate{ + SerialNumber: crt.SerialNumber, + RevocationTime: revocationTime, + Extensions: crt.Extensions, + }) } caCrt, caKey, err := GetCA(pkiroot) if err != nil { @@ -387,7 +389,7 @@ func GeneratePKIStructure(pkiroot string) error { {Name: "index.txt.attr", Content: "unique_subject = no"}, } for _, f := range files { - // if using := here i get needs identifier, hm ? + // if using := here i get needs identifier, hm ?, needs to declare err before var err error f.File, err = os.Create(filepath.Join(pkiroot, f.Name)) if err != nil { |