// LoadIdentity loads the identity with the id specified
func (s *State) LoadIdentity(id string) (*security.Identity, error) {
var (
pemBytes []byte
err error
)
i := security.NewIdentity(id)
pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcKey))
if err != nil {
if err.Error()[0:3] != "100" {
return nil, err
}
// We don't require a key for an identity, so just continue on here
} else {
i.Key, err = security.KeyFromPEM(pemBytes)
if err != nil {
return nil, err
}
}
pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcCertificate))
if err != nil {
if err.Error()[0:3] != "100" {
return nil, err
}
} else {
i.Certificate, err = security.CertificateFromPEM(pemBytes)
if err != nil {
return nil, err
}
}
pemBytes, err = s.getBytes(etcPath(etcIdentitiesPrefix, id, etcRequest))
if err != nil {
if err.Error()[0:3] != "100" {
return nil, err
}
} else {
i.Request, err = security.RequestFromPEM(pemBytes)
if err != nil {
return nil, err
}
}
// Now check the validitiy of the identity
if !i.IsValid() {
return nil, nil
}
return i, nil
}
// HandleSigningRequest receives a pem encoded message and returns a Request object
// It assumes that the SigningRequest token has already been consumed and the next token is the
// CSR pem bytes
func (p *Protocol) HandleSigningRequest() (*security.Request, error) {
pemRequest, err := p.ReadString()
if err != nil {
return nil, err
}
request, err := security.RequestFromPEM([]byte(pemRequest))
if err != nil {
return nil, err
}
return request, nil
}
