leonwww/dns/src/gurt_server/ca.rs

use crate::crypto;
use anyhow::Result;
use sqlx::PgPool;

pub struct CaCertificate {
    pub ca_cert_pem: String,
    pub ca_key_pem: String,
}

pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> {
    if let Some(ca_cert) = get_active_ca(db).await? {
        return Ok(ca_cert);
    }

    log::info!("Generating new CA certificate...");
    let (ca_key_pem, ca_cert_pem) = crypto::generate_ca_cert()?;

    sqlx::query(
        "INSERT INTO ca_certificates (ca_cert_pem, ca_key_pem, is_active) VALUES ($1, $2, TRUE)"
    )
    .bind(&ca_cert_pem)
    .bind(&ca_key_pem)
    .execute(db)
    .await?;

    log::info!("CA certificate generated and stored");
    
    Ok(CaCertificate {
        ca_cert_pem,
        ca_key_pem,
    })
}

async fn get_active_ca(db: &PgPool) -> Result<Option<CaCertificate>> {
    let result: Option<(String, String)> = sqlx::query_as(
        "SELECT ca_cert_pem, ca_key_pem FROM ca_certificates WHERE is_active = TRUE ORDER BY created_at DESC LIMIT 1"
    )
    .fetch_optional(db)
    .await?;

    Ok(result.map(|(ca_cert_pem, ca_key_pem)| CaCertificate {
        ca_cert_pem,
        ca_key_pem,
    }))
}
CA 2025-08-22 17:31:54 +03:00			`use crate::crypto;`
			`use anyhow::Result;`
			`use sqlx::PgPool;`

			`pub struct CaCertificate {`
			`pub ca_cert_pem: String,`
			`pub ca_key_pem: String,`
			`}`

			`pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> {`
			`if let Some(ca_cert) = get_active_ca(db).await? {`
			`return Ok(ca_cert);`
			`}`

			`log::info!("Generating new CA certificate...");`
			`let (ca_key_pem, ca_cert_pem) = crypto::generate_ca_cert()?;`

			`sqlx::query(`
			`"INSERT INTO ca_certificates (ca_cert_pem, ca_key_pem, is_active) VALUES ($1, $2, TRUE)"`
			`)`
			`.bind(&ca_cert_pem)`
			`.bind(&ca_key_pem)`
			`.execute(db)`
			`.await?;`

			`log::info!("CA certificate generated and stored");`

			`Ok(CaCertificate {`
			`ca_cert_pem,`
			`ca_key_pem,`
			`})`
			`}`

			`async fn get_active_ca(db: &PgPool) -> Result<Option<CaCertificate>> {`
			`let result: Option<(String, String)> = sqlx::query_as(`
			`"SELECT ca_cert_pem, ca_key_pem FROM ca_certificates WHERE is_active = TRUE ORDER BY created_at DESC LIMIT 1"`
			`)`
			`.fetch_optional(db)`
			`.await?;`

			`Ok(result.map(\|(ca_cert_pem, ca_key_pem)\| CaCertificate {`
			`ca_cert_pem,`
			`ca_key_pem,`
			`}))`
			`}`