package server import ( "crypto/rsa" "crypto/x509" "dfss/auth" "dfss/dfsst/api" "dfss/mgdb" "dfss/net" "fmt" "io/ioutil" "os" "path/filepath" "golang.org/x/net/context" "google.golang.org/grpc" ) const ( // PkeyFileName is the private key file default name PkeyFileName = "dfsst_pkey.pem" // CertFileName is the certificate file default name CertFileName = "dfsst_cert.pem" // RootCAFileName is the root certificate file default name RootCAFileName = "dfsst_rootca.pem" ) type ttpServer struct { PKey *rsa.PrivateKey Cert *x509.Certificate RootCA *x509.Certificate DB *mgdb.MongoManager CertDuration int Verbose bool } // Alert route for the TTP func (server *ttpServer) Alert(ctx context.Context, in *api.AlertRequest) (*api.TTPResponse, error) { return nil, nil } // Recover route for the TTP func (server *ttpServer) Recover(ctx context.Context, in *api.RecoverRequest) (*api.TTPResponse, error) { return nil, nil } // GetServer returns the gRPC server func GetServer(keyPath, db string, certValidity int, verbose bool) *grpc.Server { server, err := loadCredentials(keyPath) if err != nil { fmt.Fprintln(os.Stderr, "An error occured during the private key and certificates check:", err) os.Exit(1) } dbManager, err := mgdb.NewManager(db) if err != nil { fmt.Fprintln(os.Stderr, "An error occured during the connection to MongoDB:", err) os.Exit(1) } server.CertDuration = certValidity server.Verbose = verbose server.DB = dbManager netServer := net.NewServer(server.Cert, server.PKey, server.RootCA) api.RegisterTTPServer(netServer, server) return netServer } // Assert the private key and certificates are valid func loadCredentials(path string) (*ttpServer, error) { keyPath := filepath.Join(path, PkeyFileName) certPath := filepath.Join(path, CertFileName) rootCAPath := filepath.Join(path, RootCAFileName) // Recovering the private rsa key from file. keyBytes, err := ioutil.ReadFile(keyPath) if err != nil { return nil, err } key, err := auth.PEMToPrivateKey(keyBytes) if err != nil { return nil, err } // Recovering the certificate from file. certBytes, err := ioutil.ReadFile(certPath) if err != nil { return nil, err } cert, err := auth.PEMToCertificate(certBytes) if err != nil { return nil, err } // Recovering the root certificate from file. caBytes, err := ioutil.ReadFile(rootCAPath) if err != nil { return nil, err } ca, err := auth.PEMToCertificate(caBytes) if err != nil { return nil, err } res := &ttpServer{ PKey: key, Cert: cert, RootCA: ca, } return res, nil }