github.com/turingchain2020/turingchain@v1.1.21/executor/authority/core/configbuilder.go

github.com/turingchain2020/turingchain@v1.1.21/executor/authority/core/configbuilder.go (about)

     1  // Copyright Turing Corp. 2018 All Rights Reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package core
     6  
     7  import (
     8  	"fmt"
     9  	"io/ioutil"
    10  	"path/filepath"
    11  
    12  	"github.com/turingchain2020/turingchain/executor/authority/utils"
    13  
    14  	"os"
    15  )
    16  
    17  func getPemMaterialFromDir(dir string) ([][]byte, error) {
    18  	authLogger.Debug(fmt.Sprintf("Reading directory %s", dir))
    19  
    20  	_, err := os.Stat(dir)
    21  	if os.IsNotExist(err) {
    22  		return nil, err
    23  	}
    24  
    25  	content := make([][]byte, 0)
    26  	files, err := ioutil.ReadDir(dir)
    27  	if err != nil {
    28  		return nil, fmt.Errorf("Could not read directory %s, err %s", err, dir)
    29  	}
    30  
    31  	for _, f := range files {
    32  		if f.IsDir() {
    33  			continue
    34  		}
    35  
    36  		fullName := filepath.Join(dir, string(filepath.Separator), f.Name())
    37  		authLogger.Debug(fmt.Sprintf("Inspecting file %s", fullName))
    38  
    39  		item, err := utils.ReadPemFile(fullName)
    40  		if err != nil {
    41  			authLogger.Warn(fmt.Sprintf("Failed readgin file %s: %s", fullName, err))
    42  			continue
    43  		}
    44  
    45  		content = append(content, item)
    46  	}
    47  
    48  	return content, nil
    49  }
    50  
    51  const (
    52  	cacerts           = "cacerts"
    53  	intermediatecerts = "intermediatecerts"
    54  	crlsfolder        = "crls"
    55  )
    56  
    57  // GetAuthConfig 获取证书文件配置
    58  func GetAuthConfig(dir string) (*AuthConfig, error) {
    59  	cacertDir := filepath.Join(dir, cacerts)
    60  	intermediatecertsDir := filepath.Join(dir, intermediatecerts)
    61  	crlsDir := filepath.Join(dir, crlsfolder)
    62  
    63  	cacerts, err := getPemMaterialFromDir(cacertDir)
    64  	if err != nil || len(cacerts) == 0 {
    65  		return nil, fmt.Errorf("Could not load a valid ca certificate from directory %s, err %s", cacertDir, err)
    66  	}
    67  
    68  	intermediatecerts, err := getPemMaterialFromDir(intermediatecertsDir)
    69  	if os.IsNotExist(err) {
    70  		authLogger.Debug(fmt.Sprintf("Intermediate certs folder not found at [%s]. Skipping. [%s]", intermediatecertsDir, err))
    71  	} else if err != nil {
    72  		return nil, fmt.Errorf("Failed loading intermediate ca certs at [%s]: [%s]", intermediatecertsDir, err)
    73  	}
    74  
    75  	crls, err := getPemMaterialFromDir(crlsDir)
    76  	if os.IsNotExist(err) {
    77  		authLogger.Debug(fmt.Sprintf("crls folder not found at [%s]. Skipping. [%s]", crlsDir, err))
    78  	} else if err != nil {
    79  		return nil, fmt.Errorf("Failed loading crls at [%s]: [%s]", crlsDir, err)
    80  	}
    81  
    82  	authconf := &AuthConfig{
    83  		RootCerts:         cacerts,
    84  		IntermediateCerts: intermediatecerts,
    85  		RevocationList:    crls,
    86  	}
    87  
    88  	return authconf, nil
    89  }