func newJSONSignFromConfig(ld blobserver.Loader, conf jsonconfig.Obj) (http.Handler, error) { pubKeyDestPrefix := conf.OptionalString("publicKeyDest", "") // either a short form ("26F5ABDA") or one the longer forms. keyId := conf.RequiredString("keyId") h := &Handler{ secretRing: conf.OptionalString("secretRing", ""), } var err error if err = conf.Validate(); err != nil { return nil, err } h.entity, err = jsonsign.EntityFromSecring(keyId, h.secretRingPath()) if err != nil { return nil, err } armoredPublicKey, err := jsonsign.ArmoredPublicKey(h.entity) ms := new(blobref.MemoryStore) h.pubKeyBlobRef, err = ms.AddBlob(crypto.SHA1, armoredPublicKey) if err != nil { return nil, err } h.pubKeyFetcher = ms if pubKeyDestPrefix != "" { sto, err := ld.GetStorage(pubKeyDestPrefix) if err != nil { return nil, err } h.pubKeyDest = sto if sto != nil { if ctxReq, ok := ld.GetRequestContext(); ok { if w, ok := sto.(blobserver.ContextWrapper); ok { sto = w.WrapContext(ctxReq) } } err := h.uploadPublicKey(sto, armoredPublicKey) if err != nil { return nil, fmt.Errorf("Error seeding self public key in storage: %v", err) } } } h.pubKeyBlobRefServeSuffix = "camli/" + h.pubKeyBlobRef.String() h.pubKeyHandler = &gethandler.Handler{ Fetcher: ms, AllowGlobalAccess: true, // just public keys } return h, nil }