2020-09-09 02:26:32 +00:00
|
|
|
package cas
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/smallstep/certificates/cas/apiv1"
|
2020-10-23 22:04:09 +00:00
|
|
|
"github.com/smallstep/certificates/cas/softcas"
|
2020-09-09 02:26:32 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// CertificateAuthorityService is the interface implemented by all the CAS.
|
|
|
|
type CertificateAuthorityService = apiv1.CertificateAuthorityService
|
|
|
|
|
2020-10-23 22:04:09 +00:00
|
|
|
// CertificateAuthorityCreator is the interface implemented by all CAS that can create a new authority.
|
|
|
|
type CertificateAuthorityCreator = apiv1.CertificateAuthorityCreator
|
|
|
|
|
|
|
|
// New creates a new CertificateAuthorityService using the given options.
|
2020-09-09 02:26:32 +00:00
|
|
|
func New(ctx context.Context, opts apiv1.Options) (CertificateAuthorityService, error) {
|
|
|
|
if err := opts.Validate(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
t := apiv1.Type(strings.ToLower(opts.Type))
|
|
|
|
if t == apiv1.DefaultCAS {
|
|
|
|
t = apiv1.SoftCAS
|
|
|
|
}
|
|
|
|
|
|
|
|
fn, ok := apiv1.LoadCertificateAuthorityServiceNewFunc(t)
|
|
|
|
if !ok {
|
2020-10-23 22:04:09 +00:00
|
|
|
return nil, errors.Errorf("unsupported cas type '%s'", t)
|
2020-09-09 02:26:32 +00:00
|
|
|
}
|
|
|
|
return fn(ctx, opts)
|
|
|
|
}
|
2020-10-23 22:04:09 +00:00
|
|
|
|
|
|
|
// NewCreator creates a new CertificateAuthorityCreator using the given options.
|
|
|
|
func NewCreator(ctx context.Context, opts apiv1.Options) (CertificateAuthorityCreator, error) {
|
|
|
|
t := apiv1.Type(strings.ToLower(opts.Type))
|
|
|
|
if t == apiv1.DefaultCAS {
|
|
|
|
t = apiv1.SoftCAS
|
|
|
|
}
|
|
|
|
if t == apiv1.SoftCAS {
|
|
|
|
return &softcas.SoftCAS{
|
|
|
|
KeyManager: opts.KeyManager,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
svc, err := New(ctx, opts)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
creator, ok := svc.(CertificateAuthorityCreator)
|
|
|
|
if !ok {
|
|
|
|
|
|
|
|
return nil, errors.Errorf("cas type '%s' does not implements CertificateAuthorityCreator", t)
|
|
|
|
}
|
|
|
|
|
|
|
|
return creator, nil
|
|
|
|
}
|