// LoadIdentity loads the identity with the id specified func (s *State) LoadIdentity(id string) (*security.Identity, error) { var ( pemBytes []byte err error ) i := security.NewIdentity(id) pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcKey)) if err != nil { if err.Error()[0:3] != "100" { return nil, err } // We don't require a key for an identity, so just continue on here } else { i.Key, err = security.KeyFromPEM(pemBytes) if err != nil { return nil, err } } pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcCertificate)) if err != nil { if err.Error()[0:3] != "100" { return nil, err } } else { i.Certificate, err = security.CertificateFromPEM(pemBytes) if err != nil { return nil, err } } pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcRequest)) if err != nil { if err.Error()[0:3] != "100" { return nil, err } } else { i.Request, err = security.RequestFromPEM(pemBytes) if err != nil { return nil, err } } // Now check the validitiy of the identity if !i.IsValid() { return nil, nil } return i, nil }
// HandleSigningRequest receives a pem encoded message and returns a Request object // It assumes that the SigningRequest token has already been consumed and the next token is the // CSR pem bytes func (p *Protocol) HandleSigningRequest() (*security.Request, error) { pemRequest, err := p.ReadString() if err != nil { return nil, err } request, err := security.RequestFromPEM([]byte(pemRequest)) if err != nil { return nil, err } return request, nil }