diff options
author | Rasmus Dahlberg <rasmus.dahlberg@kau.se> | 2020-12-01 20:42:21 +0100 |
---|---|---|
committer | Rasmus Dahlberg <rasmus.dahlberg@kau.se> | 2020-12-01 20:42:21 +0100 |
commit | b540f681b4cdf740f9b8d1e584fd2b107fc1b090 (patch) | |
tree | 26f2f9c3df8a563463c19621cb9f812978c90af3 /server | |
parent | 12af3f2e8fad65534b83260967ea7463df6ca652 (diff) |
started to clean-up instance
Things like opening files is better place in the server package. Any
code that is difficult to test should also not be in the STFE package.
Diffstat (limited to 'server')
-rw-r--r-- | server/main.go | 45 |
1 files changed, 41 insertions, 4 deletions
diff --git a/server/main.go b/server/main.go index d6a7aa5..c60f95d 100644 --- a/server/main.go +++ b/server/main.go @@ -3,14 +3,18 @@ package main import ( "flag" + "fmt" "time" + "crypto/x509" + "io/ioutil" "net/http" "github.com/golang/glog" "github.com/google/trillian" "github.com/prometheus/client_golang/prometheus/promhttp" "github.com/system-transparency/stfe" + "github.com/system-transparency/stfe/x509util" "google.golang.org/grpc" ) @@ -44,14 +48,31 @@ func main() { glog.Info("Adding prometheus handler on path: /metrics") http.Handle("/metrics", promhttp.Handler()) - lp, err := stfe.NewLogParameters(*trillianID, *prefix, *anchorPath, *keyPath, *maxRange, *maxChain) + glog.Infof("Loading trust anchors from file: %s", *anchorPath) + anchors, err := loadCertificates(*anchorPath) if err != nil { - glog.Fatalf("failed setting up log parameters: %v", err) + glog.Fatalf("no trust anchors: %v", err) + } + + glog.Infof("Loading Ed25519 signing key from file: %s", *keyPath) + pem, err := ioutil.ReadFile(*keyPath) + if err != nil { + glog.Fatalf("no signing key: %v", err) + } + signer, err := x509util.NewEd25519PrivateKey(pem) + if err != nil { + glog.Fatalf("no signing key: %v", err) } - i, err := stfe.NewInstance(lp, client, *rpcDeadline, mux) + lp, err := stfe.NewLogParameters(*trillianID, *prefix, anchors, signer, *maxRange, *maxChain) if err != nil { - glog.Fatalf("failed setting up log instance: %v", err) + glog.Fatalf("failed setting up log parameters: %v", err) + } + + i := stfe.NewInstance(lp, client, *rpcDeadline, mux) + for _, handler := range i.Handlers() { + glog.Infof("adding handler: %s", handler.Path()) + mux.Handle(handler.Path(), handler) } glog.Infof("Configured: %s", i) @@ -64,3 +85,19 @@ func main() { glog.Flush() } + +// loadCertificates loads a non-empty list of PEM-encoded certificates from file +func loadCertificates(path string) ([]*x509.Certificate, error) { + pem, err := ioutil.ReadFile(path) + if err != nil { + return nil, fmt.Errorf("failed reading %s: %v", path, err) + } + anchors, err := x509util.NewCertificateList(pem) + if err != nil { + return nil, fmt.Errorf("failed parsing: %v", err) + } + if len(anchors) == 0 { + return nil, fmt.Errorf("no trust anchors") + } + return anchors, nil +} |