server.go 2.58 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package server

import (
	"crypto/rsa"
	"crypto/x509"
	"dfss/auth"
	"dfss/dfsst/api"
	"dfss/mgdb"
	"dfss/net"
	"fmt"
	"io/ioutil"
	"os"
	"path/filepath"

	"golang.org/x/net/context"

	"google.golang.org/grpc"
)

const (
	// PkeyFileName is the private key file default name
	PkeyFileName = "dfsst_pkey.pem"
	// CertFileName is the certificate file default name
	CertFileName = "dfsst_cert.pem"
	// RootCAFileName is the root certificate file default name
	RootCAFileName = "dfsst_rootca.pem"
)

type ttpServer struct {
	PKey         *rsa.PrivateKey
	Cert         *x509.Certificate
	RootCA       *x509.Certificate
	DB           *mgdb.MongoManager
	CertDuration int
	Verbose      bool
}

// Alert route for the TTP
func (server *ttpServer) Alert(ctx context.Context, in *api.AlertRequest) (*api.TTPResponse, error) {
	return nil, nil
}

// Recover route for the TTP
func (server *ttpServer) Recover(ctx context.Context, in *api.RecoverRequest) (*api.TTPResponse, error) {
	return nil, nil
}

// GetServer returns the gRPC server
func GetServer(keyPath, db string, certValidity int, verbose bool) *grpc.Server {
	server, err := loadCredentials(keyPath)
	if err != nil {
		fmt.Fprintln(os.Stderr, "An error occured during the private key and certificates check:", err)
		os.Exit(1)
	}

	dbManager, err := mgdb.NewManager(db)
	if err != nil {
		fmt.Fprintln(os.Stderr, "An error occured during the connection to MongoDB:", err)
		os.Exit(1)
	}

	server.CertDuration = certValidity
	server.Verbose = verbose
	server.DB = dbManager

	netServer := net.NewServer(server.Cert, server.PKey, server.RootCA)
	api.RegisterTTPServer(netServer, server)
	return netServer

}

// Assert the private key and certificates are valid
func loadCredentials(path string) (*ttpServer, error) {
	keyPath := filepath.Join(path, PkeyFileName)
	certPath := filepath.Join(path, CertFileName)
	rootCAPath := filepath.Join(path, RootCAFileName)

	// Recovering the private rsa key from file.
	keyBytes, err := ioutil.ReadFile(keyPath)

	if err != nil {
		return nil, err
	}

	key, err := auth.PEMToPrivateKey(keyBytes)

	if err != nil {
		return nil, err
	}

	// Recovering the certificate from file.
	certBytes, err := ioutil.ReadFile(certPath)

	if err != nil {
		return nil, err
	}

	cert, err := auth.PEMToCertificate(certBytes)

	if err != nil {
		return nil, err
	}

	// Recovering the root certificate from file.
	caBytes, err := ioutil.ReadFile(rootCAPath)

	if err != nil {
		return nil, err
	}

	ca, err := auth.PEMToCertificate(caBytes)

	if err != nil {
		return nil, err
	}

	res := &ttpServer{
		PKey:   key,
		Cert:   cert,
		RootCA: ca,
	}

	return res, nil
}