func (app *NodeApp) CreateNodeEntity(name string) {
var err error
logger.Info("Creating new node")
app.entities.node, err = node.New(nil)
checkAppFatal("Could not create node entity: %s:", err)
app.entities.node.Data.Body.Name = name
app.entities.node.Data.Body.Id = NewID()
logger.Info("Generating node keys")
err = app.entities.node.GenerateKeys()
checkAppFatal("Could not generate node keys: %s", err)
}
func (app *AdminApp) RegisterNextNode() {
orgId := app.entities.org.Data.Body.Id
regJson, err := app.fs.api.PopIncoming("registration")
checkAppFatal("Can't pop registration: %s", err)
container, err := document.NewContainer(regJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Can't load registration: %s", err)
}
pairingId := container.Data.Options.SignatureInputs["key-id"]
logger.Infof("Reading pairing key: %s", pairingId)
pairingKey := app.index.org.Data.Body.PairingKeys[pairingId]
logger.Info("Verifying and decrypting node registration")
nodeJson, err := app.entities.org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't verify then decrypt registration: %s", err)
}
node, err := node.New(nodeJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't create node from registration: %s", err)
}
logger.Info("Adding node to index")
app.index.org.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
app.index.org.AddNode(node.Data.Body.Name, node.Data.Body.Id)
logger.Info("Encrypting and signing node for Org")
nodeContainer, err := app.entities.org.EncryptThenSignString(node.Dump(), nil)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't encrypt then sign node: %s", err)
}
if err := app.fs.api.SendPrivate(orgId, node.Data.Body.Id, nodeContainer.Dump()); err != nil {
checkAppFatal("Could not save node: %s", err)
}
for _, tag := range pairingKey.Tags {
logger.Infof("Looking for CAs for tag %s", tag)
for _, caId := range app.index.org.Data.Body.Tags.CAForward[tag] {
logger.Infof("Found CA %s", caId)
app.SignCSRForNode(node, caId, tag)
}
}
}
func (cont *NodeController) CreateNode(name string) (*node.Node, error) {
node, err := node.New(nil)
if err != nil {
return nil, err
}
node.Data.Body.Name = name
node.Data.Body.Id = x509.NewID()
logger.Debug("Generating node keys")
if err := node.GenerateKeys(); err != nil {
return nil, err
}
return node, nil
}
func (app *AdminApp) GetNode(name string) *node.Node {
nodeId, err := app.index.org.GetNode(name)
checkAppFatal("Couldn't get node config: %s", err)
nodeContainerJson, err := app.fs.api.GetPrivate(app.entities.org.Data.Body.Id, nodeId)
checkAppFatal("Couldn't get node container: %s", err)
nodeContainer, err := document.NewContainer(nodeContainerJson)
checkAppFatal("Could not load node container: %s", err)
nodeJson, err := app.entities.org.VerifyThenDecrypt(nodeContainer)
checkAppFatal("Couldn't get verify then decrypt node: %s", err)
nde, err := node.New(nodeJson)
checkAppFatal("Couldn't create node: %s", err)
return nde
}
func (cont *NodeController) GetNode(name string) (*node.Node, error) {
logger.Debug("getting node")
logger.Tracef("received name '%s'", name)
org := cont.env.controllers.org.org
index, err := cont.env.controllers.org.GetIndex()
if err != nil {
return nil, err
}
nodeId, err := index.GetNode(name)
if err != nil {
return nil, err
}
logger.Debugf("getting node '%s' from org", nodeId)
nodeContainerJson, err := cont.env.api.GetPrivate(org.Id(), nodeId)
if err != nil {
return nil, err
}
logger.Debug("creating new node container")
nodeContainer, err := document.NewContainer(nodeContainerJson)
if err != nil {
return nil, err
}
logger.Debug("verifying and decrypting node container")
nodeJson, err := org.VerifyThenDecrypt(nodeContainer)
if err != nil {
return nil, err
}
logger.Debug("creating new node struct")
n, err := node.New(nodeJson)
if err != nil {
return nil, err
}
logger.Trace("returning node")
return n, nil
}
func (cont *OrgController) RegisterNextNode() error {
logger.Debug("registering next node")
org := cont.env.controllers.org.org
logger.Debug("popping next registration from org")
regJson, err := cont.env.api.PopIncoming(org.Id(), "registration")
if err != nil {
return err
}
logger.Debug("creating new registration container")
container, err := document.NewContainer(regJson)
if err != nil {
logger.Warn("unable to create container from registration json. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
pairingId := container.Data.Options.SignatureInputs["key-id"]
logger.Debugf("reading pairing key for '%s'", pairingId)
index, err := cont.GetIndex()
if err != nil {
return err
}
pairingKey, ok := index.Data.Body.PairingKeys[pairingId]
if !ok {
logger.Warn("unable to find pairing key. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
logger.Trace("returning nil error")
return nil
}
logger.Debug("verifying and decrypting node registration")
nodeJson, err := org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
if err != nil {
logger.Warn("unable to decrypt node registration. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
logger.Debug("creating new node from JSON")
node, err := node.New(nodeJson)
if err != nil {
logger.Warn("unable to create node. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
index.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
index.AddNode(node.Data.Body.Name, node.Data.Body.Id)
logger.Debug("encrypting and signing node for org")
nodeContainer, err := org.EncryptThenSignString(node.Dump(), nil)
if err != nil {
logger.Warn("unable to encrypt node for org. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
logger.Debug("sending node to org")
if err := cont.env.api.SendPrivate(org.Id(), node.Data.Body.Id, nodeContainer.Dump()); err != nil {
logger.Warn("Unable to send node to org. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
for _, tag := range pairingKey.Tags {
logger.Debugf("looking for CAs for tag '%s'", tag)
for _, caId := range index.Data.Body.Tags.CAForward[tag] {
logger.Debugf("found CA '%s'", caId)
if err := cont.SignCSR(node, caId, tag); err != nil {
return err
}
}
}
if err := cont.SaveIndex(index); err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}
