// ProvisionSecret builds an authenticated request to the Arx server,
// requesting it to provision a secret and return the provisioned
// secret to the user.
func (cfg *ClientConfig) ProvisionSecret(ident string, length int) ([]byte, error) {
msg, err := messages.ProvisionRequest(ident, length)
if err != nil {
return nil, err
}
signedRequest, err := crypto.SignRequest(msg, cfg.Private, cfg.KeySignature)
if err != nil {
return nil, err
}
out, err := json.Marshal(signedRequest)
if err != nil {
return nil, err
}
buf := bytes.NewBuffer(out)
resp, err := cfg.client.Post(cfg.requestURL, "application/json", buf)
if err != nil {
return nil, err
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return nil, err
}
var response messages.Response
err = json.Unmarshal(body, &response)
if err != nil {
return nil, err
}
if !response.Success {
return nil, arxError(response.Message)
}
var secret getResponse
err = json.Unmarshal(response.Data, &secret)
if err != nil {
return nil, err
}
return secret.Secret, nil
}
// RevokeKey builds an authenticated administrative request to the Arx
// server to revoke the specified key.
func (adm *AdminConfig) RevokeKey(pub []byte) error {
var admRequest = messages.AdminRequest{
Public: pub,
}
data, err := json.Marshal(admRequest)
if err != nil {
return err
}
request, err := crypto.SignRequest(data, adm.Private, adm.KeySignature)
if err != nil {
return err
}
data, err = json.Marshal(request)
if err != nil {
return err
}
buf := bytes.NewBuffer(data)
resp, err := adm.client.Post(adm.requestURL+"revoke", "application/json", buf)
if err != nil {
return err
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
var response messages.Response
err = json.Unmarshal(body, &response)
if err != nil {
return err
}
if !response.Success {
return arxError(response.Message)
}
return nil
}
// StoreSecret builds an authenticated request to the Arx server,
// requesting it to store the secret.
func (cfg *ClientConfig) StoreSecret(ident string, secret []byte) error {
msg, err := messages.StoreSecretRequest(ident, secret)
if err != nil {
return err
}
signedRequest, err := crypto.SignRequest(msg, cfg.Private, cfg.KeySignature)
if err != nil {
return err
}
out, err := json.Marshal(signedRequest)
if err != nil {
return err
}
buf := bytes.NewBuffer(out)
resp, err := cfg.client.Post(cfg.requestURL, "application/json", buf)
if err != nil {
return err
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
var response messages.Response
err = json.Unmarshal(body, &response)
if err != nil {
return err
}
if !response.Success {
return arxError(response.Message)
}
return nil
}