Merge branch 'master' into lenfix
This commit is contained in:
commit
c0e51f5405
|
@ -6,6 +6,7 @@ messages is depleted.
|
|||
|
||||
Currently the following commands are implemented:
|
||||
|
||||
* DeviceInfo
|
||||
* Reset
|
||||
* GenerateAsymmetricKey
|
||||
* SignDataEddsa
|
||||
|
@ -28,7 +29,7 @@ Please submit a PR if you have implemented new commands or extended existing con
|
|||
|
||||
## Example of usage
|
||||
|
||||
```
|
||||
```go
|
||||
c := connector.NewHTTPConnector("localhost:1234")
|
||||
sm, err := yubihsm.NewSessionManager(c, 1, "password", 2)
|
||||
if err != nil {
|
||||
|
|
|
@ -9,6 +9,15 @@ import (
|
|||
"github.com/certusone/yubihsm-go/authkey"
|
||||
)
|
||||
|
||||
|
||||
func CreateDeviceInfoCommand() (*CommandMessage, error) {
|
||||
command := &CommandMessage{
|
||||
CommandType: CommandTypeDeviceInfo,
|
||||
}
|
||||
|
||||
return command, nil
|
||||
}
|
||||
|
||||
func CreateCreateSessionCommand(keySetID uint16, hostChallenge []byte) (*CommandMessage, error) {
|
||||
command := &CommandMessage{
|
||||
CommandType: CommandTypeCreateSession,
|
||||
|
|
|
@ -15,6 +15,16 @@ type (
|
|||
Code ErrorCode
|
||||
}
|
||||
|
||||
DeviceInfoResponse struct {
|
||||
MajorVersion uint8
|
||||
MinorVersion uint8
|
||||
BuildVersion uint8
|
||||
SerialNumber uint32
|
||||
LogTotal uint8
|
||||
LogUsed uint8
|
||||
SupportedAlgorithms []Algorithm
|
||||
}
|
||||
|
||||
CreateSessionResponse struct {
|
||||
SessionID uint8
|
||||
CardChallenge []byte
|
||||
|
@ -141,6 +151,8 @@ func ParseResponse(data []byte) (Response, error) {
|
|||
}
|
||||
|
||||
switch transactionType {
|
||||
case CommandTypeDeviceInfo:
|
||||
return parseDeviceInfoResponse(payload)
|
||||
case CommandTypeCreateSession:
|
||||
return parseCreateSessionResponse(payload)
|
||||
case CommandTypeAuthenticateSession:
|
||||
|
@ -214,6 +226,28 @@ func parseSessionMessage(payload []byte) (Response, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func parseDeviceInfoResponse(payload []byte) (Response, error) {
|
||||
var serialNumber uint32
|
||||
err := binary.Read(bytes.NewReader(payload[3:7]), binary.BigEndian, &serialNumber)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var supportedAlgorithms []Algorithm
|
||||
for _, alg := range payload[9:] {
|
||||
supportedAlgorithms = append(supportedAlgorithms, Algorithm(alg))
|
||||
}
|
||||
|
||||
return &DeviceInfoResponse{
|
||||
MajorVersion: payload[0],
|
||||
MinorVersion: payload[1],
|
||||
BuildVersion: payload[2],
|
||||
SerialNumber: serialNumber,
|
||||
LogTotal: payload[7],
|
||||
LogUsed: payload[8],
|
||||
SupportedAlgorithms: supportedAlgorithms,
|
||||
}, nil
|
||||
}
|
||||
func parseCreateSessionResponse(payload []byte) (Response, error) {
|
||||
if len(payload) != 17 {
|
||||
return nil, errors.New("invalid response payload length")
|
||||
|
|
|
@ -86,6 +86,8 @@ const (
|
|||
// Algorithms
|
||||
AlgorithmRSA2048 Algorithm = 9
|
||||
AlgorithmP256 Algorithm = 12
|
||||
AlgorithmP384 Algorithm = 13
|
||||
AlgorithmP521 Algorithm = 14
|
||||
AlgorithmSecp256k1 Algorithm = 15
|
||||
AlgorithmOpaqueData Algorithm = 30
|
||||
AlgorithmOpaqueX509Certificate Algorithm = 31
|
||||
|
|
|
@ -28,40 +28,50 @@ func NewHTTPConnector(url string) *HTTPConnector {
|
|||
}
|
||||
|
||||
// Request encodes and executes a command on the HSM and returns the binary response
|
||||
func (c *HTTPConnector) Request(command *commands.CommandMessage) ([]byte, error) {
|
||||
requestData, err := command.Serialize()
|
||||
func (c *HTTPConnector) Request(command *commands.CommandMessage) (data []byte, err error) {
|
||||
var requestData []byte
|
||||
requestData, err = command.Serialize()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return
|
||||
}
|
||||
|
||||
res, err := http.DefaultClient.Post("http://"+c.URL+"/connector/api", "application/octet-stream", bytes.NewReader(requestData))
|
||||
var res *http.Response
|
||||
res, err = http.DefaultClient.Post("http://"+c.URL+"/connector/api", "application/octet-stream", bytes.NewReader(requestData))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return
|
||||
}
|
||||
|
||||
defer func() {
|
||||
closeErr := res.Body.Close()
|
||||
if err == nil {
|
||||
err = closeErr
|
||||
}
|
||||
}()
|
||||
|
||||
if res.StatusCode != http.StatusOK {
|
||||
return nil, fmt.Errorf("server returned non OK status code %d", res.StatusCode)
|
||||
err = fmt.Errorf("server returned non OK status code %d", res.StatusCode)
|
||||
return
|
||||
}
|
||||
|
||||
data, err := ioutil.ReadAll(res.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
data, err = ioutil.ReadAll(res.Body)
|
||||
|
||||
return data, nil
|
||||
return
|
||||
}
|
||||
|
||||
// GetStatus requests the status of the HSM connector route /connector/status
|
||||
func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
||||
res, err := http.DefaultClient.Get("http://" + c.URL + "/connector/status")
|
||||
func (c *HTTPConnector) GetStatus() (status *StatusResponse, err error) {
|
||||
var res *http.Response
|
||||
res, err = http.DefaultClient.Get("http://" + c.URL + "/connector/status")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return
|
||||
}
|
||||
|
||||
data, err := ioutil.ReadAll(res.Body)
|
||||
var data []byte
|
||||
data, err = ioutil.ReadAll(res.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return
|
||||
}
|
||||
|
||||
bodyString := string(data)
|
||||
pairs := strings.Split(bodyString, "\n")
|
||||
|
||||
|
@ -69,12 +79,12 @@ func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
|||
for _, pair := range pairs {
|
||||
values = append(values, strings.Split(pair, "=")...)
|
||||
}
|
||||
status := &StatusResponse{}
|
||||
|
||||
if values == nil || len(values) < 12 {
|
||||
return nil, ErrInvalidResponseValueLength
|
||||
}
|
||||
|
||||
status = &StatusResponse{}
|
||||
status.Status = Status(values[1])
|
||||
status.Serial = values[3]
|
||||
status.Version = values[5]
|
||||
|
@ -82,5 +92,7 @@ func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
|||
status.Address = values[9]
|
||||
status.Port = values[11]
|
||||
|
||||
return status, nil
|
||||
err = res.Body.Close()
|
||||
|
||||
return
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue