CA
This commit is contained in:
Face
45
dns/src/gurt_server/ca.rs
Normal file
45
dns/src/gurt_server/ca.rs
Normal file
@@ -0,0 +1,45 @@
|
||||
use crate::crypto;
|
||||
use anyhow::Result;
|
||||
use sqlx::PgPool;
|
||||
|
||||
pub struct CaCertificate {
|
||||
pub ca_cert_pem: String,
|
||||
pub ca_key_pem: String,
|
||||
}
|
||||
|
||||
pub async fn get_or_create_ca(db: &PgPool) -> Result<CaCertificate> {
|
||||
if let Some(ca_cert) = get_active_ca(db).await? {
|
||||
return Ok(ca_cert);
|
||||
}
|
||||
|
||||
log::info!("Generating new CA certificate...");
|
||||
let (ca_key_pem, ca_cert_pem) = crypto::generate_ca_cert()?;
|
||||
|
||||
sqlx::query(
|
||||
"INSERT INTO ca_certificates (ca_cert_pem, ca_key_pem, is_active) VALUES ($1, $2, TRUE)"
|
||||
)
|
||||
.bind(&ca_cert_pem)
|
||||
.bind(&ca_key_pem)
|
||||
.execute(db)
|
||||
.await?;
|
||||
|
||||
log::info!("CA certificate generated and stored");
|
||||
|
||||
Ok(CaCertificate {
|
||||
ca_cert_pem,
|
||||
ca_key_pem,
|
||||
})
|
||||
}
|
||||
|
||||
async fn get_active_ca(db: &PgPool) -> Result<Option<CaCertificate>> {
|
||||
let result: Option<(String, String)> = sqlx::query_as(
|
||||
"SELECT ca_cert_pem, ca_key_pem FROM ca_certificates WHERE is_active = TRUE ORDER BY created_at DESC LIMIT 1"
|
||||
)
|
||||
.fetch_optional(db)
|
||||
.await?;
|
||||
|
||||
Ok(result.map(|(ca_cert_pem, ca_key_pem)| CaCertificate {
|
||||
ca_cert_pem,
|
||||
ca_key_pem,
|
||||
}))
|
||||
}
|
||||
Reference in New Issue
Block a user