Compare commits
4 Commits
e69056d810
...
dac1fd2bba
Author | SHA1 | Date |
---|---|---|
ezekielnewren | dac1fd2bba | |
kayos | c367cca749 | |
Hendrik Hofstadt | ce1163658f | |
kayos@tcp.direct | 7e8d2bcf3d |
|
@ -84,18 +84,53 @@ const (
|
||||||
ErrorCodeCommandUnexecuted ErrorCode = 0xff
|
ErrorCodeCommandUnexecuted ErrorCode = 0xff
|
||||||
|
|
||||||
// Algorithms
|
// Algorithms
|
||||||
|
AlgorithmRSAPKCS1SHA1 Algorithm = 1
|
||||||
|
AlgorithmRSAPKCS1SHA256 Algorithm = 2
|
||||||
|
AlgorithmRSAPKCS1SHA384 Algorithm = 3
|
||||||
|
AlgorithmRSAPKCS1SHA512 Algorithm = 4
|
||||||
|
AlgorithmRSAPSSSHA1 Algorithm = 5
|
||||||
|
AlgorithmRSAPSSSHA256 Algorithm = 6
|
||||||
|
AlgorithmRSAPSSSHA384 Algorithm = 7
|
||||||
|
AlgorithmRSAPSSSHA512 Algorithm = 8
|
||||||
AlgorithmRSA2048 Algorithm = 9
|
AlgorithmRSA2048 Algorithm = 9
|
||||||
|
AlgorithmRSA3072 Algorithm = 10
|
||||||
|
AlgorithmRSA4096 Algorithm = 11
|
||||||
AlgorithmP256 Algorithm = 12
|
AlgorithmP256 Algorithm = 12
|
||||||
AlgorithmP384 Algorithm = 13
|
AlgorithmP384 Algorithm = 13
|
||||||
AlgorithmP521 Algorithm = 14
|
AlgorithmP521 Algorithm = 14
|
||||||
AlgorithmSecp256k1 Algorithm = 15
|
AlgorithmSecp256k1 Algorithm = 15
|
||||||
|
AlgorithmECBP256 Algorithm = 16
|
||||||
|
AlgorithmECBP384 Algorithm = 17
|
||||||
|
AlgorithmECBP512 Algorithm = 18
|
||||||
|
AlgorithmHMACSHA1 Algorithm = 19
|
||||||
|
AlgorithmHMACSHA256 Algorithm = 20
|
||||||
|
AlgorithmHMACSHA384 Algorithm = 21
|
||||||
|
AlgorithmHMACSHA512 Algorithm = 22
|
||||||
|
AlgorithmECECDSASHA1 Algorithm = 23
|
||||||
|
AlgorithmECECDH Algorithm = 24
|
||||||
|
AlgorithmRSAOAEPSHA1 Algorithm = 25
|
||||||
|
AlgorithmRSAOAEPSHA256 Algorithm = 26
|
||||||
|
AlgorithmRSAOAEPSHA384 Algorithm = 27
|
||||||
|
AlgorithmRSAOAEPSHA512 Algorithm = 28
|
||||||
|
AlgorithmAES128CCMWrap Algorithm = 29
|
||||||
AlgorithmOpaqueData Algorithm = 30
|
AlgorithmOpaqueData Algorithm = 30
|
||||||
AlgorithmOpaqueX509Certificate Algorithm = 31
|
AlgorithmOpaqueX509Certificate Algorithm = 31
|
||||||
|
AlgorithmRSAMGF1SHA1 Algorithm = 32
|
||||||
|
AlgorithmRSAMGF1SHA256 Algorithm = 33
|
||||||
|
AlgorithmRSAMGF1SHA384 Algorithm = 34
|
||||||
|
AlgorithmRSAMGF1SHA512 Algorithm = 35
|
||||||
|
AlgorithmTEMPLATESSH Algorithm = 36
|
||||||
|
AlgorithmAES128YUBICOOTP Algorithm = 37
|
||||||
AlgorithmYubicoAESAuthentication Algorithm = 38
|
AlgorithmYubicoAESAuthentication Algorithm = 38
|
||||||
AlgorithmAES128CCMWrap Algorithm = 29
|
AlgorithmAES192YUBICOOTP Algorithm = 39
|
||||||
|
AlgorithmAES256YUBICOOTP Algorithm = 40
|
||||||
AlgorithmAES192CCMWrap Algorithm = 41
|
AlgorithmAES192CCMWrap Algorithm = 41
|
||||||
AlgorithmAES256CCMWrap Algorithm = 42
|
AlgorithmAES256CCMWrap Algorithm = 42
|
||||||
|
AlgorithmECECDSASHA256 Algorithm = 43
|
||||||
|
AlgorithmECECDSASHA384 Algorithm = 44
|
||||||
|
AlgorithmECECDSASHA512 Algorithm = 45
|
||||||
AlgorithmED25519 Algorithm = 46
|
AlgorithmED25519 Algorithm = 46
|
||||||
|
AlgorithmECP224 Algorithm = 47
|
||||||
|
|
||||||
// Capabilities
|
// Capabilities
|
||||||
CapabilityNone uint64 = 0x0000000000000000
|
CapabilityNone uint64 = 0x0000000000000000
|
||||||
|
|
|
@ -2,6 +2,7 @@ package connector
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -10,6 +11,8 @@ import (
|
||||||
"github.com/certusone/yubihsm-go/commands"
|
"github.com/certusone/yubihsm-go/commands"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var ErrInvalidResponseValueLength = errors.New("invalid response value length")
|
||||||
|
|
||||||
type (
|
type (
|
||||||
// HTTPConnector implements the HTTP based connection with the YubiHSM2 connector
|
// HTTPConnector implements the HTTP based connection with the YubiHSM2 connector
|
||||||
HTTPConnector struct {
|
HTTPConnector struct {
|
||||||
|
@ -25,40 +28,50 @@ func NewHTTPConnector(url string) *HTTPConnector {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Request encodes and executes a command on the HSM and returns the binary response
|
// Request encodes and executes a command on the HSM and returns the binary response
|
||||||
func (c *HTTPConnector) Request(command *commands.CommandMessage) ([]byte, error) {
|
func (c *HTTPConnector) Request(command *commands.CommandMessage) (data []byte, err error) {
|
||||||
requestData, err := command.Serialize()
|
var requestData []byte
|
||||||
|
requestData, err = command.Serialize()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
res, err := http.DefaultClient.Post("http://"+c.URL+"/connector/api", "application/octet-stream", bytes.NewReader(requestData))
|
var res *http.Response
|
||||||
|
res, err = http.DefaultClient.Post("http://"+c.URL+"/connector/api", "application/octet-stream", bytes.NewReader(requestData))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
defer func() {
|
||||||
|
closeErr := res.Body.Close()
|
||||||
|
if err == nil {
|
||||||
|
err = closeErr
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
if res.StatusCode != http.StatusOK {
|
if res.StatusCode != http.StatusOK {
|
||||||
return nil, fmt.Errorf("server returned non OK status code %d", res.StatusCode)
|
err = fmt.Errorf("server returned non OK status code %d", res.StatusCode)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data, err := ioutil.ReadAll(res.Body)
|
data, err = ioutil.ReadAll(res.Body)
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return data, nil
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetStatus requests the status of the HSM connector route /connector/status
|
// GetStatus requests the status of the HSM connector route /connector/status
|
||||||
func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
func (c *HTTPConnector) GetStatus() (status *StatusResponse, err error) {
|
||||||
res, err := http.DefaultClient.Get("http://" + c.URL + "/connector/status")
|
var res *http.Response
|
||||||
|
res, err = http.DefaultClient.Get("http://" + c.URL + "/connector/status")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
data, err := ioutil.ReadAll(res.Body)
|
var data []byte
|
||||||
|
data, err = ioutil.ReadAll(res.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
bodyString := string(data)
|
bodyString := string(data)
|
||||||
pairs := strings.Split(bodyString, "\n")
|
pairs := strings.Split(bodyString, "\n")
|
||||||
|
|
||||||
|
@ -67,7 +80,11 @@ func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
||||||
values = append(values, strings.Split(pair, "=")...)
|
values = append(values, strings.Split(pair, "=")...)
|
||||||
}
|
}
|
||||||
|
|
||||||
status := &StatusResponse{}
|
if values == nil || len(values) < 12 {
|
||||||
|
return nil, ErrInvalidResponseValueLength
|
||||||
|
}
|
||||||
|
|
||||||
|
status = &StatusResponse{}
|
||||||
status.Status = Status(values[1])
|
status.Status = Status(values[1])
|
||||||
status.Serial = values[3]
|
status.Serial = values[3]
|
||||||
status.Version = values[5]
|
status.Version = values[5]
|
||||||
|
@ -75,5 +92,7 @@ func (c *HTTPConnector) GetStatus() (*StatusResponse, error) {
|
||||||
status.Address = values[9]
|
status.Address = values[9]
|
||||||
status.Port = values[11]
|
status.Port = values[11]
|
||||||
|
|
||||||
return status, nil
|
err = res.Body.Close()
|
||||||
|
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue