Skip to content
Snippets Groups Projects
Normal view Permalink
revoke.go 2.35 KiB
Newer Older
  • Learn to ignore specific revisions
    • Viktor Popov's avatar
    Added encryption for generated key pair and certificate, made generated...
    Viktor Popov committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 
    /*
Copyright (c) 2018 Vereign AG [https://www.vereign.com]

This is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/

package handler

import (
	"code.vereign.com/code/viam-apis/data-storage-agent/client"
	"code.vereign.com/code/viam-apis/key-storage-agent/api"
	"code.vereign.com/code/viam-apis/utils"
	"code.vereign.com/code/viam-apis/versions"
	"golang.org/x/net/context"
)

func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest) (*api.RevokeResponse, error) {
	auth := s.CreateAuthentication(ctx)

	client := &client.DataStorageClientImpl{}
    Olgun Cengiz's avatar
    viam-apis & config changes  
    Olgun Cengiz committed
    32 
    	client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
    Viktor Popov's avatar
    Added encryption for generated key pair and certificate, made generated...
    Viktor Popov committed
    33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 
    	defer client.CloseClient()

	revokeResponse := &api.RevokeResponse{}

	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_PRIVATE)
	if revokeResponse.StatusList != nil {
		return revokeResponse, nil
	}

	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_PUBLIC)
	if revokeResponse.StatusList != nil {
		return revokeResponse, nil
	}

	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_CERTIFICATE)
	if revokeResponse.StatusList != nil {
		return revokeResponse, nil
	}

	revokeResponse.StatusList = utils.AddStatus(revokeResponse.StatusList, "200", api.StatusType_INFO, "Keys revoked")
	return revokeResponse, nil
}

func revokeKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) []*api.Status {
    Viktor Popov's avatar
    Removed AES and nonce parameters from operations, fixed generate certificate...  
    Viktor Popov committed
    58 59 
    	key, statusList := getKey(client, uuid, keyType)
	if statusList != nil {
    Viktor Popov's avatar
    Added encryption for generated key pair and certificate, made generated...
    Viktor Popov committed
    60 61 62 63 64 65 66 67 68 69 70 71 72 
    		return statusList
	}

	key.Revoked = true

	_, errors, err := client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(keyType), key, versions.EntitiesManagementAgentApiVersion)
	statusList = handlePutDataErrors(statusList, errors, err)
	if statusList != nil && len(statusList) > 0 {
		return statusList
	}

	return nil
}