Beispiel #1
0
// LoadIdentity loads the identity with the id specified
func (s *State) LoadIdentity(id string) (*security.Identity, error) {
	var (
		pemBytes []byte
		err      error
	)

	i := security.NewIdentity(id)

	pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcKey))
	if err != nil {
		if err.Error()[0:3] != "100" {
			return nil, err
		}

		// We don't require a key for an identity, so just continue on here
	} else {
		i.Key, err = security.KeyFromPEM(pemBytes)
		if err != nil {
			return nil, err
		}
	}

	pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcCertificate))
	if err != nil {
		if err.Error()[0:3] != "100" {
			return nil, err
		}
	} else {
		i.Certificate, err = security.CertificateFromPEM(pemBytes)
		if err != nil {
			return nil, err
		}
	}

	pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcRequest))
	if err != nil {
		if err.Error()[0:3] != "100" {
			return nil, err
		}
	} else {
		i.Request, err = security.RequestFromPEM(pemBytes)
		if err != nil {
			return nil, err
		}
	}

	// Now check the validitiy of the identity
	if !i.IsValid() {
		return nil, nil
	}

	return i, nil
}
Beispiel #2
0
// LoadAuthority fetches the authority information
func (s *State) LoadAuthority() (*security.Authority, error) {
	var (
		pemBytes []byte
		err      error
		key      *security.Key
		cert     *security.Certificate
	)

	pemBytes, err = s.getBytes(etcPath(etcAuthorityPrefix, etcKey))
	if err != nil {
		if err.Error()[0:3] != "100" {
			return nil, err
		} else {
			return nil, nil
		}
	} else {
		key, err = security.KeyFromPEM(pemBytes)
		if err != nil {
			return nil, err
		}
	}

	pemBytes, err = s.getBytes(etcPath(etcAuthorityPrefix, etcCertificate))
	if err != nil {
		if err.Error()[0:3] != "100" {
			return nil, err
		} else {
			return nil, nil
		}
	} else {
		cert, err = security.CertificateFromPEM(pemBytes)
		if err != nil {
			return nil, err
		}
	}

	// Load the serial number
	resp, err := s.etc.Get(etcPath(etcAuthorityPrefix, etcSerial), false, false)
	if err != nil {
		return nil, err
	}
	serial, err := strconv.ParseInt(resp.Node.Value, 10, 64)
	if err != nil {
		return nil, err
	}

	return &security.Authority{
		Key:         key,
		Certificate: cert,
		Serial:      big.NewInt(serial),
	}, nil
}