Renamed RenewOrRekey to Rekey

dharanikumar-s · dharanikumar-s · commit dfda49792905 · 2020-07-08T11:47:59.000+05:30
diff --git a/api/api.go b/api/api.go
@@ -36,7 +36,7 @@ type Authority interface {
 	Root(shasum string) (*x509.Certificate, error)
 	Sign(cr *x509.CertificateRequest, opts provisioner.Options, signOpts ...provisioner.SignOption) ([]*x509.Certificate, error)
 	Renew(peer *x509.Certificate) ([]*x509.Certificate, error)
-	RenewOrRekey(peer *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error)
+	Rekey(peer *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error)
 	LoadProvisionerByCertificate(*x509.Certificate) (provisioner.Interface, error)
 	LoadProvisionerByID(string) (provisioner.Interface, error)
 	GetProvisioners(cursor string, limit int) (provisioner.List, string, error)
diff --git a/api/api_test.go b/api/api_test.go
@@ -613,7 +613,7 @@ func (m *mockAuthority) Renew(cert *x509.Certificate) ([]*x509.Certificate, erro
 	return []*x509.Certificate{m.ret1.(*x509.Certificate), m.ret2.(*x509.Certificate)}, m.err
 }
 
-func (m *mockAuthority) RenewOrRekey(oldcert *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {
+func (m *mockAuthority) Rekey(oldcert *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {
 	if m.renewOrRekey != nil {
 		return m.renewOrRekey(oldcert, pk)
 	}
diff --git a/api/rekey.go b/api/rekey.go
@@ -43,7 +43,7 @@ func (h *caHandler) Rekey(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	certChain, err := h.Authority.RenewOrRekey(r.TLS.PeerCertificates[0], body.CsrPEM.CertificateRequest.PublicKey)
+	certChain, err := h.Authority.Rekey(r.TLS.PeerCertificates[0], body.CsrPEM.CertificateRequest.PublicKey)
 	if err != nil {
 		WriteError(w, errs.Wrap(http.StatusInternalServerError, err, "cahandler.Rekey"))
 		return
diff --git a/authority/tls.go b/authority/tls.go
@@ -139,16 +139,16 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts provisioner.Opti
 // Renew creates a new Certificate identical to the old certificate, except
 // with a validity window that begins 'now'.
 func (a *Authority) Renew(oldCert *x509.Certificate) ([]*x509.Certificate, error) {
-	return a.RenewOrRekey(oldCert, oldCert.PublicKey)
+	return a.Rekey(oldCert, oldCert.PublicKey)
 }
 
 // Func is used for renewing or rekeying based on the public key passed.
-func (a *Authority) RenewOrRekey(oldCert *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {
+func (a *Authority) Rekey(oldCert *x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {
 	opts := []interface{}{errs.WithKeyVal("serialNumber", oldCert.SerialNumber.String())}
 
 	// Check step provisioner extensions
 	if err := a.authorizeRenew(oldCert); err != nil {
-		return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.RenewOrRekey", opts...)
+		return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.Rekey", opts...)
 	}
 
 	// Durations
@@ -201,7 +201,7 @@ func (a *Authority) RenewOrRekey(oldCert *x509.Certificate, pk crypto.PublicKey)
 			pubBytes, err := x509.MarshalPKIXPublicKey(pk)
 			if err != nil {
 				return nil, errs.Wrap(http.StatusInternalServerError, err,
-					"authority.RenewOrRekey; error marshaling public key", opts...)
+					"authority.Rekey; error marshaling public key", opts...)
 			}
 			hash := sha1.Sum(pubBytes)
 			skiExtension := pkix.Extension{
@@ -214,23 +214,23 @@ func (a *Authority) RenewOrRekey(oldCert *x509.Certificate, pk crypto.PublicKey)
 
 	leaf, err := x509util.NewLeafProfileWithTemplate(newCert, a.x509Issuer, a.x509Signer)
 	if err != nil {
-		return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.RenewOrRekey", opts...)
+		return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.Rekey", opts...)
 	}
 	crtBytes, err := leaf.CreateCertificate()
 	if err != nil {
 		return nil, errs.Wrap(http.StatusInternalServerError, err,
-			"authority.RenewOrRekey; error renewing certificate from existing server certificate", opts...)
+			"authority.Rekey; error renewing certificate from existing server certificate", opts...)
 	}
 
 	serverCert, err := x509.ParseCertificate(crtBytes)
 	if err != nil {
 		return nil, errs.Wrap(http.StatusInternalServerError, err,
-			"authority.RenewOrRekey; error parsing new server certificate", opts...)
+			"authority.Rekey; error parsing new server certificate", opts...)
 	}
 
 	if err = a.db.StoreCertificate(serverCert); err != nil {
 		if err != db.ErrNotImplemented {
-			return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.RenewOrRekey; error storing certificate in db", opts...)
+			return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.Rekey; error storing certificate in db", opts...)
 		}
 	}
 
diff --git a/authority/tls_test.go b/authority/tls_test.go
@@ -370,7 +370,7 @@ ZYtQ9Ot36qc=
 	}
 }
 
-func TestAuthority_RenewOrRekey(t *testing.T) {
+func TestAuthority_Rekey(t *testing.T) {
 	pub, _, err := keys.GenerateDefaultKeyPair()
 	assert.FatalError(t, err)
 	pub1, _, err := keys.GenerateDefaultKeyPair()
@@ -430,14 +430,14 @@ func TestAuthority_RenewOrRekey(t *testing.T) {
 			return &renewTest{
 				auth: _a,
 				cert: cert,
-				err:  errors.New("authority.RenewOrRekey; error renewing certificate from existing server certificate"),
+				err:  errors.New("authority.Rekey; error renewing certificate from existing server certificate"),
 				code: http.StatusInternalServerError,
 			}, nil
 		},
 		"fail-unauthorized": func() (*renewTest, error) {
 			return &renewTest{
 				cert: certNoRenew,
-				err:  errors.New("authority.RenewOrRekey: authority.authorizeRenew: jwk.AuthorizeRenew; renew is disabled for jwk provisioner dev:IMi94WBNI6gP5cNHXlZYNUzvMjGdHyBRmFoo-lCEaqk"),
+				err:  errors.New("authority.Rekey: authority.authorizeRenew: jwk.AuthorizeRenew; renew is disabled for jwk provisioner dev:IMi94WBNI6gP5cNHXlZYNUzvMjGdHyBRmFoo-lCEaqk"),
 				code: http.StatusUnauthorized,
 			}, nil
 		},
@@ -480,9 +480,9 @@ func TestAuthority_RenewOrRekey(t *testing.T) {
 
 			var certChain []*x509.Certificate
 			if tc.auth != nil {
-				certChain, err = tc.auth.RenewOrRekey(tc.cert, pub1)
+				certChain, err = tc.auth.Rekey(tc.cert, pub1)
 			} else {
-				certChain, err = a.RenewOrRekey(tc.cert, pub1)
+				certChain, err = a.Rekey(tc.cert, pub1)
 			}
 			if err != nil {
 				if assert.NotNil(t, tc.err, fmt.Sprintf("unexpected error: %s", err)) {

Original file line number	Diff line number	Diff line change
`@@ -613,7 +613,7 @@ func (m mockAuthority) Renew(cert x509.Certificate) ([]*x509.Certificate, erro`
`613`	`613`	`return []x509.Certificate{m.ret1.(x509.Certificate), m.ret2.(*x509.Certificate)}, m.err`
`614`	`614`	`}`
`615`	`615`
`616`		`-func (m mockAuthority) RenewOrRekey(oldcert x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {`
	`616`	`+func (m mockAuthority) Rekey(oldcert x509.Certificate, pk crypto.PublicKey) ([]*x509.Certificate, error) {`
`617`	`617`	`if m.renewOrRekey != nil {`
`618`	`618`	`return m.renewOrRekey(oldcert, pk)`
`619`	`619`	`}`
Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ func (h caHandler) Rekey(w http.ResponseWriter, r http.Request) {`
`43`	`43`	`return`
`44`	`44`	`}`
`45`	`45`
`46`		`- certChain, err := h.Authority.RenewOrRekey(r.TLS.PeerCertificates[0], body.CsrPEM.CertificateRequest.PublicKey)`
	`46`	`+ certChain, err := h.Authority.Rekey(r.TLS.PeerCertificates[0], body.CsrPEM.CertificateRequest.PublicKey)`
`47`	`47`	`if err != nil {`
`48`	`48`	`WriteError(w, errs.Wrap(http.StatusInternalServerError, err, "cahandler.Rekey"))`
`49`	`49`	`return`