-
Notifications
You must be signed in to change notification settings - Fork 13
/
module.go
58 lines (45 loc) · 1.29 KB
/
module.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package keystore
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"github.com/rs/zerolog"
"go.uber.org/fx"
"github.com/dadrus/heimdall/internal/config"
"github.com/dadrus/heimdall/internal/heimdall"
"github.com/dadrus/heimdall/internal/x/errorchain"
)
var Module = fx.Options( //nolint:gochecknoglobals
fx.Provide(NewKeyStore),
)
func NewKeyStore(conf config.Configuration, logger zerolog.Logger) (KeyStore, error) {
var (
ks KeyStore
err error
)
if len(conf.Signer.KeyStore) == 0 {
logger.Warn().
Msg("Key store is not configured. NEVER DO IT IN PRODUCTION!!!! Generating an ECDSA P-384 key pair.")
var privateKey *ecdsa.PrivateKey
privateKey, err = ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
if err != nil {
return nil, errorchain.NewWithMessage(heimdall.ErrInternal,
"failed to generate ECDSA P-384 key pair").CausedBy(err)
}
ks, err = NewKeyStoreFromKey(privateKey)
} else {
ks, err = NewKeyStoreFromPEMFile(conf.Signer.KeyStore, conf.Signer.Password)
}
if err != nil {
return nil, err
}
logger.Info().Msg("Key store contains following entries")
for _, entry := range ks.Entries() {
logger.Info().
Str("_key_id", entry.KeyID).
Str("_algorithm", entry.Alg).
Int("_size", entry.KeySize).
Msg("Entry info")
}
return ks, nil
}