38 lines
1 KiB
Go
38 lines
1 KiB
Go
package scep
|
|
|
|
import (
|
|
"context"
|
|
"crypto"
|
|
"crypto/x509"
|
|
)
|
|
|
|
// Service is a wrapper for a crypto.Decrypter and crypto.Signer for
|
|
// decrypting SCEP requests and signing certificates in response to
|
|
// SCEP certificate requests.
|
|
type Service struct {
|
|
roots []*x509.Certificate
|
|
intermediates []*x509.Certificate
|
|
signerCertificate *x509.Certificate
|
|
signer crypto.Signer
|
|
defaultDecrypter crypto.Decrypter
|
|
scepProvisionerNames []string
|
|
}
|
|
|
|
// NewService returns a new Service type.
|
|
func NewService(_ context.Context, opts Options) (*Service, error) {
|
|
if err := opts.Validate(); err != nil {
|
|
return nil, err
|
|
}
|
|
return &Service{
|
|
roots: opts.Roots,
|
|
intermediates: opts.Intermediates,
|
|
signerCertificate: opts.SignerCert,
|
|
signer: opts.Signer,
|
|
defaultDecrypter: opts.Decrypter,
|
|
scepProvisionerNames: opts.SCEPProvisionerNames,
|
|
}, nil
|
|
}
|
|
|
|
func (s *Service) UpdateProvisioners(scepProvisionerNames []string) {
|
|
s.scepProvisionerNames = scepProvisionerNames
|
|
}
|