cacert-gosigner/pkg/hsm/context.go

package hsm

import (
	"context"

	"github.com/ThalesIgnite/crypto11"

	"git.cacert.org/cacert-gosigner/pkg/config"
)

type ctxKey int

const (
	ctxP11Contexts ctxKey = iota
	ctxSetupMode
	ctxSignerConfig
)

// SetupContext sets global context for HSM operations.
func SetupContext(
	signerConfig *config.SignerConfig,
	setupMode bool,
) context.Context {
	ctx := context.Background()

	ctx = context.WithValue(ctx, ctxP11Contexts, make(map[string]*crypto11.Context))
	ctx = context.WithValue(ctx, ctxSignerConfig, signerConfig)
	ctx = context.WithValue(ctx, ctxSetupMode, setupMode)

	return ctx
}

func GetSignerConfig(ctx context.Context) *config.SignerConfig {
	return ctx.Value(ctxSignerConfig).(*config.SignerConfig)
}

func IsSetupMode(ctx context.Context) bool {
	return ctx.Value(ctxSetupMode).(bool)
}

func GetP11Context(ctx context.Context, entry *config.CaCertificateEntry) (*crypto11.Context, error) {
	contexts := ctx.Value(ctxP11Contexts).(map[string]*crypto11.Context)

	if p11Context, ok := contexts[entry.Storage]; ok {
		return p11Context, nil
	}

	p11Context, err := prepareCrypto11Context(ctx, entry.Storage)
	if err != nil {
		return nil, err
	}

	contexts[entry.Storage] = p11Context

	return p11Context, nil
}
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`package hsm`

			`import (`
			`"context"`

			`"github.com/ThalesIgnite/crypto11"`

			`"git.cacert.org/cacert-gosigner/pkg/config"`
			`)`

			`type ctxKey int`

			`const (`
			`ctxP11Contexts ctxKey = iota`
			`ctxSetupMode`
			`ctxSignerConfig`
			`)`

			`// SetupContext sets global context for HSM operations.`
			`func SetupContext(`
			`signerConfig *config.SignerConfig,`
			`setupMode bool,`
			`) context.Context {`
			`ctx := context.Background()`

			`ctx = context.WithValue(ctx, ctxP11Contexts, make(map[string]*crypto11.Context))`
			`ctx = context.WithValue(ctx, ctxSignerConfig, signerConfig)`
			`ctx = context.WithValue(ctx, ctxSetupMode, setupMode)`

			`return ctx`
			`}`

			`func GetSignerConfig(ctx context.Context) *config.SignerConfig {`
			`return ctx.Value(ctxSignerConfig).(*config.SignerConfig)`
			`}`

			`func IsSetupMode(ctx context.Context) bool {`
			`return ctx.Value(ctxSetupMode).(bool)`
			`}`

			`func GetP11Context(ctx context.Context, entry config.CaCertificateEntry) (crypto11.Context, error) {`
			`contexts := ctx.Value(ctxP11Contexts).(map[string]*crypto11.Context)`

			`if p11Context, ok := contexts[entry.Storage]; ok {`
			`return p11Context, nil`
			`}`

			`p11Context, err := prepareCrypto11Context(ctx, entry.Storage)`
			`if err != nil {`
			`return nil, err`
			`}`

			`contexts[entry.Storage] = p11Context`

			`return p11Context, nil`
			`}`