Improve initialization of SCEP authority
parent
2d85d4c1c1
commit
491c2b8d93
@ -1,9 +1,36 @@
|
||||
package scep
|
||||
|
||||
import "crypto"
|
||||
import (
|
||||
"context"
|
||||
"crypto"
|
||||
"crypto/x509"
|
||||
"strings"
|
||||
|
||||
// Service is a (temporary?) wrapper for signer/decrypters
|
||||
"github.com/smallstep/certificates/cas/apiv1"
|
||||
)
|
||||
|
||||
// Service is a wrapper for crypto.Signer and crypto.Decrypter
|
||||
type Service struct {
|
||||
Signer crypto.Signer
|
||||
Decrypter crypto.Decrypter
|
||||
certificateChain []*x509.Certificate
|
||||
signer crypto.Signer
|
||||
decrypter crypto.Decrypter
|
||||
}
|
||||
|
||||
func NewService(ctx context.Context, opts apiv1.Options) (*Service, error) {
|
||||
|
||||
if err := opts.Validate(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
t := apiv1.Type(strings.ToLower(opts.Type))
|
||||
if t == apiv1.DefaultCAS {
|
||||
t = apiv1.SoftCAS
|
||||
}
|
||||
|
||||
// TODO: should this become similar to the New CertificateAuthorityService as in x509CAService?
|
||||
return &Service{
|
||||
chain: opts.CertificateChain,
|
||||
signer: opts.Signer,
|
||||
decrypter: opts.Decrypter,
|
||||
}, nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue