Add methods to convert attestation formats

This commit is contained in:
Mariano Cano 2022-09-08 17:49:24 -07:00
parent 0f651799d0
commit 66407139e5
3 changed files with 49 additions and 13 deletions

View file

@ -748,14 +748,15 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
case *linkedca.ProvisionerDetails_ACME: case *linkedca.ProvisionerDetails_ACME:
cfg := d.ACME cfg := d.ACME
return &provisioner.ACME{ return &provisioner.ACME{
ID: p.Id, ID: p.Id,
Type: p.Type.String(), Type: p.Type.String(),
Name: p.Name, Name: p.Name,
ForceCN: cfg.ForceCn, ForceCN: cfg.ForceCn,
RequireEAB: cfg.RequireEab, RequireEAB: cfg.RequireEab,
Challenges: challengesToCertificates(cfg.Challenges), Challenges: challengesToCertificates(cfg.Challenges),
Claims: claims, AttestationFormats: attestationFormatsToCertificates(cfg.AttestationFormats),
Options: options, Claims: claims,
Options: options,
}, nil }, nil
case *linkedca.ProvisionerDetails_OIDC: case *linkedca.ProvisionerDetails_OIDC:
cfg := d.OIDC cfg := d.OIDC
@ -1002,8 +1003,9 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
Details: &linkedca.ProvisionerDetails{ Details: &linkedca.ProvisionerDetails{
Data: &linkedca.ProvisionerDetails_ACME{ Data: &linkedca.ProvisionerDetails_ACME{
ACME: &linkedca.ACMEProvisioner{ ACME: &linkedca.ACMEProvisioner{
ForceCn: p.ForceCN, ForceCn: p.ForceCN,
Challenges: challengesToLinkedca(p.Challenges), Challenges: challengesToLinkedca(p.Challenges),
AttestationFormats: attestationFormatsToLinkedca(p.AttestationFormats),
}, },
}, },
}, },
@ -1162,3 +1164,37 @@ func challengesToLinkedca(challenges []provisioner.ACMEChallenge) []linkedca.ACM
} }
return ret return ret
} }
// attestationFormatsToCertificates converts linkedca attestation formats to
// provisioner ones skipping the unknown ones.
func attestationFormatsToCertificates(formats []linkedca.ACMEProvisioner_AttestationFormatType) []provisioner.ACMEAttestationFormat {
ret := make([]provisioner.ACMEAttestationFormat, 0, len(formats))
for _, f := range formats {
switch f {
case linkedca.ACMEProvisioner_APPLE:
ret = append(ret, provisioner.APPLE)
case linkedca.ACMEProvisioner_STEP:
ret = append(ret, provisioner.STEP)
case linkedca.ACMEProvisioner_TPM:
ret = append(ret, provisioner.TPM)
}
}
return ret
}
// attestationFormatsToLinkedca converts provisioner attestation formats to
// linkedca ones skipping the unknown ones.
func attestationFormatsToLinkedca(formats []provisioner.ACMEAttestationFormat) []linkedca.ACMEProvisioner_AttestationFormatType {
ret := make([]linkedca.ACMEProvisioner_AttestationFormatType, 0, len(formats))
for _, f := range formats {
switch provisioner.ACMEAttestationFormat(f.String()) {
case provisioner.APPLE:
ret = append(ret, linkedca.ACMEProvisioner_APPLE)
case provisioner.STEP:
ret = append(ret, linkedca.ACMEProvisioner_STEP)
case provisioner.TPM:
ret = append(ret, linkedca.ACMEProvisioner_TPM)
}
}
return ret
}

2
go.mod
View file

@ -40,7 +40,7 @@ require (
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
go.step.sm/cli-utils v0.7.4 go.step.sm/cli-utils v0.7.4
go.step.sm/crypto v0.19.0 go.step.sm/crypto v0.19.0
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300 go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
golang.org/x/net v0.0.0-20220607020251-c690dde0001d golang.org/x/net v0.0.0-20220607020251-c690dde0001d
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect

4
go.sum
View file

@ -641,8 +641,8 @@ go.step.sm/cli-utils v0.7.4/go.mod h1:taSsY8haLmXoXM3ZkywIyRmVij/4Aj0fQbNTlJvv71
go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0= go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0=
go.step.sm/crypto v0.19.0 h1:WxjUDeTDpuPZ1IR3v6c4jc6WdlQlS5IYYQBhfnG5uW0= go.step.sm/crypto v0.19.0 h1:WxjUDeTDpuPZ1IR3v6c4jc6WdlQlS5IYYQBhfnG5uW0=
go.step.sm/crypto v0.19.0/go.mod h1:qZ+pNU1nV+THwP7TPTNCRMRr9xrRURhETTAK7U5psfw= go.step.sm/crypto v0.19.0/go.mod h1:qZ+pNU1nV+THwP7TPTNCRMRr9xrRURhETTAK7U5psfw=
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300 h1:kDqCHUh4jqqqf+m5IXjFjlwsTXuIXpf5ciGKigqJH14= go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb h1:YxFSzM8+nWsiAbi9tOmXRcY1LJizDTKLDa+grJp6n+8=
go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM= go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM=
go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=