-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathkeys.go
75 lines (61 loc) · 2.12 KB
/
keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package mobilecore
import (
"encoding/json"
"github.com/go-errors/errors"
hcertverifier "github.com/minvws/nl-covid19-coronacheck-hcert/verifier"
"github.com/privacybydesign/gabi"
"os"
)
type PublicKeysConfig struct {
DomesticPks DomesticPksLookup `json:"nl_keys"`
EuropeanPks hcertverifier.PksLookup `json:"eu_keys"`
// DEPRECATED: Remove this struct when the transition to nl_keys is complete
LegacyDomesticPks []*AnnotatedDomesticPk `json:"cl_keys"`
}
type DomesticPksLookup map[string]*AnnotatedDomesticPk
type AnnotatedDomesticPk struct {
PkXml []byte `json:"public_key"`
LoadedPk *gabi.PublicKey `json:"-"`
// DEPRECATED: Remove this field together with LegacyDomesticPks
KID string `json:"id"`
}
func NewPublicKeysConfig(pksPath string) (*PublicKeysConfig, error) {
pksJson, err := os.ReadFile(pksPath)
if err != nil {
return nil, errors.WrapPrefix(err, "Could not read public keys file", 0)
}
var publicKeysConfig *PublicKeysConfig
err = json.Unmarshal(pksJson, &publicKeysConfig)
if err != nil {
return nil, errors.WrapPrefix(err, "Could not JSON unmarshal public keys", 0)
}
publicKeysConfig.TransformLegacyDomesticPks()
return publicKeysConfig, nil
}
// DEPRECATED: Remove this legacy transformation together with LegacyDomesticPks
func (pkc *PublicKeysConfig) TransformLegacyDomesticPks() {
if pkc.DomesticPks == nil && pkc.LegacyDomesticPks != nil {
pkc.DomesticPks = DomesticPksLookup{}
for _, ldpk := range pkc.LegacyDomesticPks {
pkc.DomesticPks[ldpk.KID] = &AnnotatedDomesticPk{
PkXml: ldpk.PkXml,
}
}
}
}
func (pkc *PublicKeysConfig) FindAndCacheDomestic(kid string) (*gabi.PublicKey, error) {
// Check if key id is present
annotatedPk, ok := pkc.DomesticPks[kid]
if !ok {
return nil, errors.Errorf("Could not find domestic public key")
}
// Ensure the public key is cached
if annotatedPk.LoadedPk == nil {
var err error
annotatedPk.LoadedPk, err = gabi.NewPublicKeyFromBytes(annotatedPk.PkXml)
if err != nil {
return nil, errors.WrapPrefix(err, "Could not XML unmarshal and load domestic issuer public key", 0)
}
}
return annotatedPk.LoadedPk, nil
}