github.com/silveraid/fabric-ca@v1.1.0-preview.0.20180127000700-71974f53ab08/lib/signer.go

github.com/silveraid/fabric-ca@v1.1.0-preview.0.20180127000700-71974f53ab08/lib/signer.go (about)

     1  /*
     2  Copyright IBM Corp. 2016 All Rights Reserved.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8                   http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package lib
    18  
    19  import (
    20  	"crypto/x509"
    21  	"fmt"
    22  
    23  	"github.com/cloudflare/cfssl/log"
    24  	"github.com/hyperledger/fabric-ca/api"
    25  	"github.com/hyperledger/fabric-ca/util"
    26  	"github.com/hyperledger/fabric/bccsp"
    27  	"github.com/hyperledger/fabric/common/attrmgr"
    28  )
    29  
    30  func newSigner(key bccsp.Key, cert []byte, id *Identity) *Signer {
    31  	return &Signer{
    32  		key:    key,
    33  		cert:   cert,
    34  		id:     id,
    35  		client: id.client,
    36  	}
    37  }
    38  
    39  // Signer represents a signer
    40  // Each identity may have multiple signers, currently one ecert and multiple tcerts
    41  type Signer struct {
    42  	key    bccsp.Key
    43  	cert   []byte
    44  	id     *Identity
    45  	client *Client
    46  }
    47  
    48  // Key returns the key bytes of this signer
    49  func (s *Signer) Key() bccsp.Key {
    50  	return s.key
    51  }
    52  
    53  // Cert returns the cert bytes of this signer
    54  func (s *Signer) Cert() []byte {
    55  	return s.cert
    56  }
    57  
    58  // GetX509Cert returns the X509 certificate for this signer
    59  func (s *Signer) GetX509Cert() (*x509.Certificate, error) {
    60  	cert, err := util.GetX509CertificateFromPEM(s.cert)
    61  	if err != nil {
    62  		return nil, fmt.Errorf("Failed getting X509 certificate for '%s': %s", s.id.name, err)
    63  	}
    64  	return cert, nil
    65  }
    66  
    67  // RevokeSelf revokes only the certificate associated with this signer
    68  func (s *Signer) RevokeSelf() (*api.RevocationResponse, error) {
    69  	log.Debugf("RevokeSelf %s", s.id.name)
    70  	serial, aki, err := GetCertID(s.cert)
    71  	if err != nil {
    72  		return nil, err
    73  	}
    74  	req := &api.RevocationRequest{
    75  		Serial: serial,
    76  		AKI:    aki,
    77  	}
    78  	return s.id.Revoke(req)
    79  }
    80  
    81  // Attributes returns the attributes that are in the certificate
    82  func (s *Signer) Attributes() (*attrmgr.Attributes, error) {
    83  	cert, err := s.GetX509Cert()
    84  	if err != nil {
    85  		return nil, fmt.Errorf("Failed getting attributes for '%s': %s", s.id.name, err)
    86  	}
    87  	attrs, err := attrmgr.New().GetAttributesFromCert(cert)
    88  	if err != nil {
    89  		return nil, fmt.Errorf("Failed getting attributes for '%s': %s", s.id.name, err)
    90  	}
    91  	return attrs, nil
    92  }