Merge pull request #24 from Keyfactor/download_ca_cert

spbsoluble · web-flow · commit e932e22f2f52 · 2023-08-07T16:31:00.000Z
fix(certificates): `IncludeHasPrivateKey` now available for cert lookups that don't use ID
diff --git a/v2/api/certificate.go b/v2/api/certificate.go
@@ -168,13 +168,15 @@ func (c *Client) DownloadCertificate(certId int, thumbprint string, serialNumber
 	}
 
 	//todo: review this as it seems to be returning the wrong cert
-	leaf := certs.Certificates[1]
 
+	var leaf *x509.Certificate
 	if len(certs.Certificates) > 1 {
+		//leaf is last cert in chain
+		leaf = certs.Certificates[len(certs.Certificates)-1]
 		return leaf, certs.Certificates, nil
 	}
 
-	return leaf, nil, nil
+	return certs.Certificates[0], nil, nil
 }
 
 // EnrollCSR takes arguments for EnrollCSRFctArgs to enroll a passed Certificate Signing
@@ -335,7 +337,7 @@ func (c *Client) GetCertificateContext(gca *GetCertificateContextArgs) (*GetCert
 	query := apiQuery{
 		Query: []StringTuple{},
 	}
-	if gca.IncludeLocations != nil || gca.CollectionId != nil || gca.IncludeMetadata != nil {
+	if gca.IncludeLocations != nil || gca.CollectionId != nil || gca.IncludeMetadata != nil || gca.IncludeHasPrivateKey != nil {
 		if gca.IncludeLocations != nil {
 			query.Query = append(query.Query, StringTuple{
 				"includeLocations", strconv.FormatBool(*gca.IncludeLocations),
@@ -351,6 +353,11 @@ func (c *Client) GetCertificateContext(gca *GetCertificateContextArgs) (*GetCert
 				"collectionId", fmt.Sprintf("%d", *gca.CollectionId),
 			})
 		}
+		if gca.IncludeHasPrivateKey != nil {
+			query.Query = append(query.Query, StringTuple{
+				"includeHasPrivateKey", strconv.FormatBool(*gca.IncludeHasPrivateKey),
+			})
+		}
 	}
 
 	var endpoint string
diff --git a/v2/api/certificate_models.go b/v2/api/certificate_models.go
@@ -53,12 +53,13 @@ type RevokeCertArgs struct {
 
 // GetCertificateContextArgs holds the function arguments used for calling the GetCertificateContext method.
 type GetCertificateContextArgs struct {
-	IncludeMetadata  *bool  // Query
-	IncludeLocations *bool  // Query
-	CollectionId     *int   // Query
-	Thumbprint       string // Query
-	CommonName       string // Query
-	Id               int    // Query
+	IncludeMetadata      *bool  // Query
+	IncludeLocations     *bool  // Query
+	CollectionId         *int   // Query
+	Thumbprint           string // Query
+	CommonName           string // Query
+	Id                   int    // Query
+	IncludeHasPrivateKey *bool
 }
 
 // DeployPFXArgs holds the function arguments used for calling the DeployPFXCertificate method.

Original file line number	Diff line number	Diff line change
`@@ -168,13 +168,15 @@ func (c *Client) DownloadCertificate(certId int, thumbprint string, serialNumber`
`168`	`168`	`}`
`169`	`169`
`170`	`170`	`//todo: review this as it seems to be returning the wrong cert`
`171`		`- leaf := certs.Certificates[1]`
`172`	`171`
	`172`	`+ var leaf *x509.Certificate`
`173`	`173`	`if len(certs.Certificates) > 1 {`
	`174`	`+ //leaf is last cert in chain`
	`175`	`+ leaf = certs.Certificates[len(certs.Certificates)-1]`
`174`	`176`	`return leaf, certs.Certificates, nil`
`175`	`177`	`}`
`176`	`178`
`177`		`- return leaf, nil, nil`
	`179`	`+ return certs.Certificates[0], nil, nil`
`178`	`180`	`}`
`179`	`181`
`180`	`182`	`// EnrollCSR takes arguments for EnrollCSRFctArgs to enroll a passed Certificate Signing`
`@@ -335,7 +337,7 @@ func (c Client) GetCertificateContext(gca GetCertificateContextArgs) (*GetCert`
`335`	`337`	`query := apiQuery{`
`336`	`338`	`Query: []StringTuple{},`
`337`	`339`	`}`
`338`		`- if gca.IncludeLocations != nil \|\| gca.CollectionId != nil \|\| gca.IncludeMetadata != nil {`
	`340`	`+ if gca.IncludeLocations != nil \|\| gca.CollectionId != nil \|\| gca.IncludeMetadata != nil \|\| gca.IncludeHasPrivateKey != nil {`
`339`	`341`	`if gca.IncludeLocations != nil {`
`340`	`342`	`query.Query = append(query.Query, StringTuple{`
`341`	`343`	`"includeLocations", strconv.FormatBool(*gca.IncludeLocations),`
`@@ -351,6 +353,11 @@ func (c Client) GetCertificateContext(gca GetCertificateContextArgs) (*GetCert`
`351`	`353`	`"collectionId", fmt.Sprintf("%d", *gca.CollectionId),`
`352`	`354`	`})`
`353`	`355`	`}`
	`356`	`+ if gca.IncludeHasPrivateKey != nil {`
	`357`	`+ query.Query = append(query.Query, StringTuple{`
	`358`	`+ "includeHasPrivateKey", strconv.FormatBool(*gca.IncludeHasPrivateKey),`
	`359`	`+ })`
	`360`	`+ }`
`354`	`361`	`}`
`355`	`362`
`356`	`363`	`var endpoint string`