github.com/silveraid/fabric-ca@v1.1.0-preview.0.20180127000700-71974f53ab08/lib/signer.go (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package lib 18 19 import ( 20 "crypto/x509" 21 "fmt" 22 23 "github.com/cloudflare/cfssl/log" 24 "github.com/hyperledger/fabric-ca/api" 25 "github.com/hyperledger/fabric-ca/util" 26 "github.com/hyperledger/fabric/bccsp" 27 "github.com/hyperledger/fabric/common/attrmgr" 28 ) 29 30 func newSigner(key bccsp.Key, cert []byte, id *Identity) *Signer { 31 return &Signer{ 32 key: key, 33 cert: cert, 34 id: id, 35 client: id.client, 36 } 37 } 38 39 // Signer represents a signer 40 // Each identity may have multiple signers, currently one ecert and multiple tcerts 41 type Signer struct { 42 key bccsp.Key 43 cert []byte 44 id *Identity 45 client *Client 46 } 47 48 // Key returns the key bytes of this signer 49 func (s *Signer) Key() bccsp.Key { 50 return s.key 51 } 52 53 // Cert returns the cert bytes of this signer 54 func (s *Signer) Cert() []byte { 55 return s.cert 56 } 57 58 // GetX509Cert returns the X509 certificate for this signer 59 func (s *Signer) GetX509Cert() (*x509.Certificate, error) { 60 cert, err := util.GetX509CertificateFromPEM(s.cert) 61 if err != nil { 62 return nil, fmt.Errorf("Failed getting X509 certificate for '%s': %s", s.id.name, err) 63 } 64 return cert, nil 65 } 66 67 // RevokeSelf revokes only the certificate associated with this signer 68 func (s *Signer) RevokeSelf() (*api.RevocationResponse, error) { 69 log.Debugf("RevokeSelf %s", s.id.name) 70 serial, aki, err := GetCertID(s.cert) 71 if err != nil { 72 return nil, err 73 } 74 req := &api.RevocationRequest{ 75 Serial: serial, 76 AKI: aki, 77 } 78 return s.id.Revoke(req) 79 } 80 81 // Attributes returns the attributes that are in the certificate 82 func (s *Signer) Attributes() (*attrmgr.Attributes, error) { 83 cert, err := s.GetX509Cert() 84 if err != nil { 85 return nil, fmt.Errorf("Failed getting attributes for '%s': %s", s.id.name, err) 86 } 87 attrs, err := attrmgr.New().GetAttributesFromCert(cert) 88 if err != nil { 89 return nil, fmt.Errorf("Failed getting attributes for '%s': %s", s.id.name, err) 90 } 91 return attrs, nil 92 }