/
casigner.go
48 lines (41 loc) · 1.12 KB
/
casigner.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package services
import (
"context"
"crypto"
"crypto/x509"
"io"
"github.com/lamassuiot/lamassuiot/v2/pkg/models"
"github.com/sirupsen/logrus"
)
type caSignerImpl struct {
sdk CAService
ca *models.CACertificate
}
func NewCASigner(ca *models.CACertificate, caSDK CAService) crypto.Signer {
return &caSignerImpl{
sdk: caSDK,
ca: ca,
}
}
func (s *caSignerImpl) Public() crypto.PublicKey {
return s.ca.Certificate.Certificate.PublicKey
}
func (s *caSignerImpl) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) {
signAlg := "RSASSA_PKCS1_V1_5_SHA_256"
caKeyAlg := s.ca.Certificate.Certificate.PublicKeyAlgorithm
if opts.HashFunc().Size()*8 == 256 {
if caKeyAlg == x509.ECDSA {
signAlg = "ECDSA_SHA_256"
} else if caKeyAlg == x509.RSA {
signAlg = "RSASSA_PKCS1_V1_5_SHA_256"
}
} else {
logrus.Warnf("using default %s sing alg for client. '%s' no match", signAlg, caKeyAlg)
}
return s.sdk.SignatureSign(context.Background(), SignatureSignInput{
CAID: s.ca.ID,
Message: digest,
MessageType: models.Hashed,
SigningAlgorithm: signAlg,
})
}