Exemplo n.º 1
0
func (app *NodeApp) CreateNodeEntity(name string) {
	var err error
	logger.Info("Creating new node")
	app.entities.node, err = node.New(nil)
	checkAppFatal("Could not create node entity: %s:", err)
	app.entities.node.Data.Body.Name = name
	app.entities.node.Data.Body.Id = NewID()

	logger.Info("Generating node keys")
	err = app.entities.node.GenerateKeys()
	checkAppFatal("Could not generate node keys: %s", err)
}
Exemplo n.º 2
0
func (app *AdminApp) RegisterNextNode() {
	orgId := app.entities.org.Data.Body.Id

	regJson, err := app.fs.api.PopIncoming("registration")
	checkAppFatal("Can't pop registration: %s", err)

	container, err := document.NewContainer(regJson)
	if err != nil {
		app.fs.api.PushIncoming(orgId, "registration", regJson)
		checkAppFatal("Can't load registration: %s", err)
	}
	pairingId := container.Data.Options.SignatureInputs["key-id"]
	logger.Infof("Reading pairing key: %s", pairingId)
	pairingKey := app.index.org.Data.Body.PairingKeys[pairingId]

	logger.Info("Verifying and decrypting node registration")
	nodeJson, err := app.entities.org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
	if err != nil {
		app.fs.api.PushIncoming(orgId, "registration", regJson)
		checkAppFatal("Couldn't verify then decrypt registration: %s", err)
	}

	node, err := node.New(nodeJson)
	if err != nil {
		app.fs.api.PushIncoming(orgId, "registration", regJson)
		checkAppFatal("Couldn't create node from registration: %s", err)
	}

	logger.Info("Adding node to index")
	app.index.org.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
	app.index.org.AddNode(node.Data.Body.Name, node.Data.Body.Id)

	logger.Info("Encrypting and signing node for Org")
	nodeContainer, err := app.entities.org.EncryptThenSignString(node.Dump(), nil)
	if err != nil {
		app.fs.api.PushIncoming(orgId, "registration", regJson)
		checkAppFatal("Couldn't encrypt then sign node: %s", err)
	}

	if err := app.fs.api.SendPrivate(orgId, node.Data.Body.Id, nodeContainer.Dump()); err != nil {
		checkAppFatal("Could not save node: %s", err)
	}

	for _, tag := range pairingKey.Tags {
		logger.Infof("Looking for CAs for tag %s", tag)
		for _, caId := range app.index.org.Data.Body.Tags.CAForward[tag] {
			logger.Infof("Found CA %s", caId)
			app.SignCSRForNode(node, caId, tag)
		}
	}

}
Exemplo n.º 3
0
func (cont *NodeController) CreateNode(name string) (*node.Node, error) {
	node, err := node.New(nil)
	if err != nil {
		return nil, err
	}

	node.Data.Body.Name = name
	node.Data.Body.Id = x509.NewID()

	logger.Debug("Generating node keys")
	if err := node.GenerateKeys(); err != nil {
		return nil, err
	}

	return node, nil
}
Exemplo n.º 4
0
func (app *AdminApp) GetNode(name string) *node.Node {
	nodeId, err := app.index.org.GetNode(name)
	checkAppFatal("Couldn't get node config: %s", err)

	nodeContainerJson, err := app.fs.api.GetPrivate(app.entities.org.Data.Body.Id, nodeId)
	checkAppFatal("Couldn't get node container: %s", err)

	nodeContainer, err := document.NewContainer(nodeContainerJson)
	checkAppFatal("Could not load node container: %s", err)

	nodeJson, err := app.entities.org.VerifyThenDecrypt(nodeContainer)
	checkAppFatal("Couldn't get verify then decrypt node: %s", err)

	nde, err := node.New(nodeJson)
	checkAppFatal("Couldn't create node: %s", err)
	return nde
}
Exemplo n.º 5
0
func (cont *NodeController) GetNode(name string) (*node.Node, error) {
	logger.Debug("getting node")
	logger.Tracef("received name '%s'", name)

	org := cont.env.controllers.org.org

	index, err := cont.env.controllers.org.GetIndex()
	if err != nil {
		return nil, err
	}

	nodeId, err := index.GetNode(name)
	if err != nil {
		return nil, err
	}

	logger.Debugf("getting node '%s' from org", nodeId)
	nodeContainerJson, err := cont.env.api.GetPrivate(org.Id(), nodeId)
	if err != nil {
		return nil, err
	}

	logger.Debug("creating new node container")
	nodeContainer, err := document.NewContainer(nodeContainerJson)
	if err != nil {
		return nil, err
	}

	logger.Debug("verifying and decrypting node container")
	nodeJson, err := org.VerifyThenDecrypt(nodeContainer)
	if err != nil {
		return nil, err
	}

	logger.Debug("creating new node struct")
	n, err := node.New(nodeJson)
	if err != nil {
		return nil, err
	}

	logger.Trace("returning node")
	return n, nil
}
Exemplo n.º 6
0
func (cont *OrgController) RegisterNextNode() error {
	logger.Debug("registering next node")

	org := cont.env.controllers.org.org

	logger.Debug("popping next registration from org")
	regJson, err := cont.env.api.PopIncoming(org.Id(), "registration")
	if err != nil {
		return err
	}

	logger.Debug("creating new registration container")
	container, err := document.NewContainer(regJson)
	if err != nil {
		logger.Warn("unable to create container from registration json. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		return err
	}

	pairingId := container.Data.Options.SignatureInputs["key-id"]
	logger.Debugf("reading pairing key for '%s'", pairingId)

	index, err := cont.GetIndex()
	if err != nil {
		return err
	}

	pairingKey, ok := index.Data.Body.PairingKeys[pairingId]
	if !ok {
		logger.Warn("unable to find pairing key. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		logger.Trace("returning nil error")
		return nil
	}

	logger.Debug("verifying and decrypting node registration")
	nodeJson, err := org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
	if err != nil {
		logger.Warn("unable to decrypt node registration. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		return err
	}

	logger.Debug("creating new node from JSON")
	node, err := node.New(nodeJson)
	if err != nil {
		logger.Warn("unable to create node. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		return err
	}

	index.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
	index.AddNode(node.Data.Body.Name, node.Data.Body.Id)

	logger.Debug("encrypting and signing node for org")
	nodeContainer, err := org.EncryptThenSignString(node.Dump(), nil)
	if err != nil {
		logger.Warn("unable to encrypt node for org. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		return err
	}

	logger.Debug("sending node to org")
	if err := cont.env.api.SendPrivate(org.Id(), node.Data.Body.Id, nodeContainer.Dump()); err != nil {
		logger.Warn("Unable to send node to org. Pushing back to incoming registration queue")
		cont.env.api.PushIncoming(org.Id(), "registration", regJson)
		return err
	}

	for _, tag := range pairingKey.Tags {
		logger.Debugf("looking for CAs for tag '%s'", tag)
		for _, caId := range index.Data.Body.Tags.CAForward[tag] {
			logger.Debugf("found CA '%s'", caId)
			if err := cont.SignCSR(node, caId, tag); err != nil {
				return err
			}
		}
	}

	if err := cont.SaveIndex(index); err != nil {
		return err
	}

	logger.Trace("returning nil error")
	return nil
}