func getKeyHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { role, gun, keyAlgorithm, store, crypto, err := setupKeyHandler(ctx, w, r, vars, http.MethodGet) if err != nil { return err } var key data.PublicKey logger := ctxu.GetLoggerWithField(ctx, gun, "gun") switch role { case data.CanonicalTimestampRole: key, err = timestamp.GetOrCreateTimestampKey(gun, store, crypto, keyAlgorithm) case data.CanonicalSnapshotRole: key, err = snapshot.GetOrCreateSnapshotKey(gun, store, crypto, keyAlgorithm) default: logger.Infof("400 GET %s key: %v", role, err) return errors.ErrInvalidRole.WithDetail(role) } if err != nil { logger.Errorf("500 GET %s key: %v", role, err) return errors.ErrUnknown.WithDetail(err) } out, err := json.Marshal(key) if err != nil { logger.Errorf("500 GET %s key", role) return errors.ErrUnknown.WithDetail(err) } logger.Debugf("200 GET %s key", role) w.Write(out) return nil }
// GetTimestampKeyHandler returns a timestamp public key, creating a new key-pair // it if it doesn't yet exist func GetTimestampKeyHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) error { s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { logrus.Debugf("[Notary Server] 500 GET storage not configured") return errors.ErrNoStorage.WithDetail(nil) } c := ctx.Value("cryptoService") crypto, ok := c.(signed.CryptoService) if !ok { logrus.Debugf("[Notary Server] 500 GET crypto service not configured") return errors.ErrNoCryptoService.WithDetail(nil) } vars := mux.Vars(r) gun := vars["imageName"] key, err := timestamp.GetOrCreateTimestampKey(gun, store, crypto, data.ECDSAKey) if err != nil { logrus.Debugf("[Notary Server] 500 GET timestamp key for %s: %v", gun, err) return errors.ErrUnknown.WithDetail(err) } out, err := json.Marshal(key) if err != nil { logrus.Debugf("[Notary Server] 500 GET timestamp key: %s", gun) return errors.ErrUnknown.WithDetail(err) } logrus.Debugf("[Notary Server] 200 GET timestamp key: %s", gun) w.Write(out) return nil }
func getKeyHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { gun, ok := vars["imageName"] if !ok || gun == "" { return errors.ErrUnknown.WithDetail("no gun") } role, ok := vars["tufRole"] if !ok || role == "" { return errors.ErrUnknown.WithDetail("no role") } logger := ctxu.GetLoggerWithField(ctx, gun, "gun") s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok || store == nil { logger.Error("500 GET storage not configured") return errors.ErrNoStorage.WithDetail(nil) } c := ctx.Value("cryptoService") crypto, ok := c.(signed.CryptoService) if !ok || crypto == nil { logger.Error("500 GET crypto service not configured") return errors.ErrNoCryptoService.WithDetail(nil) } algo := ctx.Value("keyAlgorithm") keyAlgo, ok := algo.(string) if !ok || keyAlgo == "" { logger.Error("500 GET key algorithm not configured") return errors.ErrNoKeyAlgorithm.WithDetail(nil) } keyAlgorithm := keyAlgo var ( key data.PublicKey err error ) switch role { case data.CanonicalTimestampRole: key, err = timestamp.GetOrCreateTimestampKey(gun, store, crypto, keyAlgorithm) case data.CanonicalSnapshotRole: key, err = snapshot.GetOrCreateSnapshotKey(gun, store, crypto, keyAlgorithm) default: logger.Errorf("400 GET %s key: %v", role, err) return errors.ErrInvalidRole.WithDetail(role) } if err != nil { logger.Errorf("500 GET %s key: %v", role, err) return errors.ErrUnknown.WithDetail(err) } out, err := json.Marshal(key) if err != nil { logger.Errorf("500 GET %s key", role) return errors.ErrUnknown.WithDetail(err) } logger.Debugf("200 GET %s key", role) w.Write(out) return nil }
// GetTimestampKeyHandler returns a timestamp public key, creating a new key-pair // it if it doesn't yet exist func GetTimestampKeyHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("Version store not configured"), } } c := ctx.Value("cryptoService") crypto, ok := c.(signed.CryptoService) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("CryptoService not configured"), } } vars := mux.Vars(r) gun := vars["imageName"] key, err := timestamp.GetOrCreateTimestampKey(gun, store, crypto, data.ED25519Key) if err != nil { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: err, } } out, err := json.Marshal(key) if err != nil { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("Error serializing key."), } } w.Write(out) return nil }
// GetTimestampKeyHandler returns a timestamp public key, creating a new key-pair // it if it doesn't yet exist func GetTimestampKeyHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) error { vars := mux.Vars(r) gun := vars["imageName"] logger := ctxu.GetLoggerWithField(ctx, gun, "gun") s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { logger.Error("500 GET storage not configured") return errors.ErrNoStorage.WithDetail(nil) } c := ctx.Value("cryptoService") crypto, ok := c.(signed.CryptoService) if !ok { logger.Error("500 GET crypto service not configured") return errors.ErrNoCryptoService.WithDetail(nil) } algo := ctx.Value("keyAlgorithm") keyAlgo, ok := algo.(string) if !ok { logger.Error("500 GET key algorithm not configured") return errors.ErrNoKeyAlgorithm.WithDetail(nil) } keyAlgorithm := keyAlgo key, err := timestamp.GetOrCreateTimestampKey(gun, store, crypto, keyAlgorithm) if err != nil { logger.Errorf("500 GET timestamp key: %v", err) return errors.ErrUnknown.WithDetail(err) } out, err := json.Marshal(key) if err != nil { logger.Error("500 GET timestamp key") return errors.ErrUnknown.WithDetail(err) } logger.Debug("200 GET timestamp key") w.Write(out) return nil }