From 70ee62fcb790da7bfb01667f7c315723ed12609e Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Fri, 27 Nov 2020 17:45:30 +0100 Subject: cleaned-up x509util --- instance.go | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'instance.go') diff --git a/instance.go b/instance.go index 7a353fe..6732698 100644 --- a/instance.go +++ b/instance.go @@ -8,6 +8,7 @@ import ( "crypto/sha256" "crypto/x509" "encoding/base64" + "io/ioutil" "net/http" "github.com/golang/glog" @@ -61,12 +62,16 @@ func NewInstance(lp *LogParameters, client trillian.TrillianLogClient, deadline // NewLogParameters initializes log parameters, assuming ed25519 signatures. func NewLogParameters(treeId int64, prefix string, anchorPath, keyPath string, maxRange, maxChain int64) (*LogParameters, error) { - anchorList, anchorPool, err := x509util.LoadTrustAnchors(anchorPath) + anchorList, anchorPool, err := loadTrustAnchors(anchorPath) if err != nil { return nil, err } - key, err := x509util.LoadEd25519SigningKey(keyPath) + pem, err := ioutil.ReadFile(keyPath) + if err != nil { + return nil, fmt.Errorf("failed reading %s: %v", keyPath, err) + } + key, err := x509util.NewEd25519PrivateKey(pem) if err != nil { return nil, err } @@ -109,3 +114,16 @@ func (i *Instance) registerHandlers(mux *http.ServeMux) { mux.Handle(endpoint.path, endpoint.handler) } } + +// loadTrustAnchors loads a list of PEM-encoded certificates from file +func loadTrustAnchors(path string) ([]*x509.Certificate, *x509.CertPool, error) { + pem, err := ioutil.ReadFile(path) + if err != nil { + return nil, nil, fmt.Errorf("failed reading trust anchors: %v", err) + } + anchorList, err := x509util.NewCertificateList(pem) + if err != nil || len(anchorList) == 0 { + return nil, nil, fmt.Errorf("failed parsing trust anchors: %v", err) + } + return anchorList, x509util.NewCertPool(anchorList), nil +} -- cgit v1.2.3