From 7e5c8aaeb51d95c8dcdce4e8fa99ac7d1ec260d8 Mon Sep 17 00:00:00 2001 From: sbailey <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 27 Jul 2023 11:01:09 -0700 Subject: [PATCH 1/2] fix(certs): Download cert can now download a cert w/o a chain --- v2/api/certificate.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/v2/api/certificate.go b/v2/api/certificate.go index 024ebc6..aacbae9 100644 --- a/v2/api/certificate.go +++ b/v2/api/certificate.go @@ -168,13 +168,15 @@ func (c *Client) DownloadCertificate(certId int, thumbprint string, serialNumber } //todo: review this as it seems to be returning the wrong cert - leaf := certs.Certificates[1] + var leaf *x509.Certificate if len(certs.Certificates) > 1 { + //leaf is last cert in chain + leaf = certs.Certificates[len(certs.Certificates)-1] return leaf, certs.Certificates, nil } - return leaf, nil, nil + return certs.Certificates[0], nil, nil } // EnrollCSR takes arguments for EnrollCSRFctArgs to enroll a passed Certificate Signing From 4c416687d6ec15e515ff493dac140ffdc4c8f56d Mon Sep 17 00:00:00 2001 From: sbailey <1661003+spbsoluble@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:28:46 -0700 Subject: [PATCH 2/2] fix(models): `certificate_models.GetCertificateContextArgs` now allows `IncludeHasPrivateKey` query param fix(certificates): Certificate lookups w/o certificate ID now allow for `IncludeHasPrivateKey` --- v2/api/certificate.go | 7 ++++++- v2/api/certificate_models.go | 13 +++++++------ 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/v2/api/certificate.go b/v2/api/certificate.go index aacbae9..e96e228 100644 --- a/v2/api/certificate.go +++ b/v2/api/certificate.go @@ -337,7 +337,7 @@ func (c *Client) GetCertificateContext(gca *GetCertificateContextArgs) (*GetCert query := apiQuery{ Query: []StringTuple{}, } - if gca.IncludeLocations != nil || gca.CollectionId != nil || gca.IncludeMetadata != nil { + if gca.IncludeLocations != nil || gca.CollectionId != nil || gca.IncludeMetadata != nil || gca.IncludeHasPrivateKey != nil { if gca.IncludeLocations != nil { query.Query = append(query.Query, StringTuple{ "includeLocations", strconv.FormatBool(*gca.IncludeLocations), @@ -353,6 +353,11 @@ func (c *Client) GetCertificateContext(gca *GetCertificateContextArgs) (*GetCert "collectionId", fmt.Sprintf("%d", *gca.CollectionId), }) } + if gca.IncludeHasPrivateKey != nil { + query.Query = append(query.Query, StringTuple{ + "includeHasPrivateKey", strconv.FormatBool(*gca.IncludeHasPrivateKey), + }) + } } var endpoint string diff --git a/v2/api/certificate_models.go b/v2/api/certificate_models.go index 4fcb028..495928b 100644 --- a/v2/api/certificate_models.go +++ b/v2/api/certificate_models.go @@ -53,12 +53,13 @@ type RevokeCertArgs struct { // GetCertificateContextArgs holds the function arguments used for calling the GetCertificateContext method. type GetCertificateContextArgs struct { - IncludeMetadata *bool // Query - IncludeLocations *bool // Query - CollectionId *int // Query - Thumbprint string // Query - CommonName string // Query - Id int // Query + IncludeMetadata *bool // Query + IncludeLocations *bool // Query + CollectionId *int // Query + Thumbprint string // Query + CommonName string // Query + Id int // Query + IncludeHasPrivateKey *bool } // DeployPFXArgs holds the function arguments used for calling the DeployPFXCertificate method.