-
Notifications
You must be signed in to change notification settings - Fork 2
/
CertificateStore.ts
69 lines (62 loc) · 2.11 KB
/
CertificateStore.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import { CertificationPath } from '../pki/CertificationPath';
/**
* Store of certificates.
*/
export abstract class CertificateStore {
/**
* Store `subjectCertificate` as long as it's still valid.
*
* @param path
* @param issuerId
*
* Whilst we could take the {issuerId} from the leaf certificate in the {path}, we
* must not rely on it because we don't have enough information/context here to be certain that
* the value is legitimate. Additionally, the value has to be present in an X.509 extension,
* which could be absent if produced by a non-compliant implementation.
*/
public async save(path: CertificationPath, issuerId: string): Promise<void> {
if (new Date() < path.leafCertificate.expiryDate) {
await this.saveData(
path.serialize(),
await path.leafCertificate.calculateSubjectId(),
path.leafCertificate.expiryDate,
issuerId,
);
}
}
public async retrieveLatest(
subjectId: string,
issuerId: string,
): Promise<CertificationPath | null> {
const serialization = await this.retrieveLatestSerialization(subjectId, issuerId);
if (!serialization) {
return null;
}
const path = CertificationPath.deserialize(serialization);
return new Date() < path.leafCertificate.expiryDate ? path : null;
}
public async retrieveAll(
subjectId: string,
issuerId: string,
): Promise<readonly CertificationPath[]> {
const allSerializations = await this.retrieveAllSerializations(subjectId, issuerId);
return allSerializations
.map(CertificationPath.deserialize)
.filter((p) => new Date() < p.leafCertificate.expiryDate);
}
public abstract deleteExpired(): Promise<void>;
protected abstract saveData(
serialization: ArrayBuffer,
subjectId: string,
subjectCertificateExpiryDate: Date,
issuerId: string,
): Promise<void>;
protected abstract retrieveLatestSerialization(
subjectId: string,
issuerId: string,
): Promise<ArrayBuffer | null>;
protected abstract retrieveAllSerializations(
subjectId: string,
issuerId: string,
): Promise<readonly ArrayBuffer[]>;
}