forked from TrueCloudLab/certificates
Add methods to convert attestation formats
This commit is contained in:
parent
0f651799d0
commit
66407139e5
3 changed files with 49 additions and 13 deletions
|
@ -748,14 +748,15 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
|
||||||
case *linkedca.ProvisionerDetails_ACME:
|
case *linkedca.ProvisionerDetails_ACME:
|
||||||
cfg := d.ACME
|
cfg := d.ACME
|
||||||
return &provisioner.ACME{
|
return &provisioner.ACME{
|
||||||
ID: p.Id,
|
ID: p.Id,
|
||||||
Type: p.Type.String(),
|
Type: p.Type.String(),
|
||||||
Name: p.Name,
|
Name: p.Name,
|
||||||
ForceCN: cfg.ForceCn,
|
ForceCN: cfg.ForceCn,
|
||||||
RequireEAB: cfg.RequireEab,
|
RequireEAB: cfg.RequireEab,
|
||||||
Challenges: challengesToCertificates(cfg.Challenges),
|
Challenges: challengesToCertificates(cfg.Challenges),
|
||||||
Claims: claims,
|
AttestationFormats: attestationFormatsToCertificates(cfg.AttestationFormats),
|
||||||
Options: options,
|
Claims: claims,
|
||||||
|
Options: options,
|
||||||
}, nil
|
}, nil
|
||||||
case *linkedca.ProvisionerDetails_OIDC:
|
case *linkedca.ProvisionerDetails_OIDC:
|
||||||
cfg := d.OIDC
|
cfg := d.OIDC
|
||||||
|
@ -1002,8 +1003,9 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
|
||||||
Details: &linkedca.ProvisionerDetails{
|
Details: &linkedca.ProvisionerDetails{
|
||||||
Data: &linkedca.ProvisionerDetails_ACME{
|
Data: &linkedca.ProvisionerDetails_ACME{
|
||||||
ACME: &linkedca.ACMEProvisioner{
|
ACME: &linkedca.ACMEProvisioner{
|
||||||
ForceCn: p.ForceCN,
|
ForceCn: p.ForceCN,
|
||||||
Challenges: challengesToLinkedca(p.Challenges),
|
Challenges: challengesToLinkedca(p.Challenges),
|
||||||
|
AttestationFormats: attestationFormatsToLinkedca(p.AttestationFormats),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -1162,3 +1164,37 @@ func challengesToLinkedca(challenges []provisioner.ACMEChallenge) []linkedca.ACM
|
||||||
}
|
}
|
||||||
return ret
|
return ret
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// attestationFormatsToCertificates converts linkedca attestation formats to
|
||||||
|
// provisioner ones skipping the unknown ones.
|
||||||
|
func attestationFormatsToCertificates(formats []linkedca.ACMEProvisioner_AttestationFormatType) []provisioner.ACMEAttestationFormat {
|
||||||
|
ret := make([]provisioner.ACMEAttestationFormat, 0, len(formats))
|
||||||
|
for _, f := range formats {
|
||||||
|
switch f {
|
||||||
|
case linkedca.ACMEProvisioner_APPLE:
|
||||||
|
ret = append(ret, provisioner.APPLE)
|
||||||
|
case linkedca.ACMEProvisioner_STEP:
|
||||||
|
ret = append(ret, provisioner.STEP)
|
||||||
|
case linkedca.ACMEProvisioner_TPM:
|
||||||
|
ret = append(ret, provisioner.TPM)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ret
|
||||||
|
}
|
||||||
|
|
||||||
|
// attestationFormatsToLinkedca converts provisioner attestation formats to
|
||||||
|
// linkedca ones skipping the unknown ones.
|
||||||
|
func attestationFormatsToLinkedca(formats []provisioner.ACMEAttestationFormat) []linkedca.ACMEProvisioner_AttestationFormatType {
|
||||||
|
ret := make([]linkedca.ACMEProvisioner_AttestationFormatType, 0, len(formats))
|
||||||
|
for _, f := range formats {
|
||||||
|
switch provisioner.ACMEAttestationFormat(f.String()) {
|
||||||
|
case provisioner.APPLE:
|
||||||
|
ret = append(ret, linkedca.ACMEProvisioner_APPLE)
|
||||||
|
case provisioner.STEP:
|
||||||
|
ret = append(ret, linkedca.ACMEProvisioner_STEP)
|
||||||
|
case provisioner.TPM:
|
||||||
|
ret = append(ret, linkedca.ACMEProvisioner_TPM)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ret
|
||||||
|
}
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -40,7 +40,7 @@ require (
|
||||||
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
|
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
|
||||||
go.step.sm/cli-utils v0.7.4
|
go.step.sm/cli-utils v0.7.4
|
||||||
go.step.sm/crypto v0.19.0
|
go.step.sm/crypto v0.19.0
|
||||||
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300
|
go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb
|
||||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
|
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
|
||||||
golang.org/x/net v0.0.0-20220607020251-c690dde0001d
|
golang.org/x/net v0.0.0-20220607020251-c690dde0001d
|
||||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
|
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -641,8 +641,8 @@ go.step.sm/cli-utils v0.7.4/go.mod h1:taSsY8haLmXoXM3ZkywIyRmVij/4Aj0fQbNTlJvv71
|
||||||
go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0=
|
go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0=
|
||||||
go.step.sm/crypto v0.19.0 h1:WxjUDeTDpuPZ1IR3v6c4jc6WdlQlS5IYYQBhfnG5uW0=
|
go.step.sm/crypto v0.19.0 h1:WxjUDeTDpuPZ1IR3v6c4jc6WdlQlS5IYYQBhfnG5uW0=
|
||||||
go.step.sm/crypto v0.19.0/go.mod h1:qZ+pNU1nV+THwP7TPTNCRMRr9xrRURhETTAK7U5psfw=
|
go.step.sm/crypto v0.19.0/go.mod h1:qZ+pNU1nV+THwP7TPTNCRMRr9xrRURhETTAK7U5psfw=
|
||||||
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300 h1:kDqCHUh4jqqqf+m5IXjFjlwsTXuIXpf5ciGKigqJH14=
|
go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb h1:YxFSzM8+nWsiAbi9tOmXRcY1LJizDTKLDa+grJp6n+8=
|
||||||
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM=
|
go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM=
|
||||||
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
||||||
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
||||||
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
|
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
|
||||||
|
|
Loading…
Reference in a new issue