diff --git a/.golangci.yml b/.golangci.yml index 31c9fee..0d80f87 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,9 +1,9 @@ --- run: skip-files: - - pkg/config/amd64.go - - pkg/config/arm64.go - - pkg/config/armhf.go + - internal/config/amd64.go + - internal/config/arm64.go + - internal/config/armhf.go - pkg/messages/resolver.msgpackgen.go output: diff --git a/cmd/signer/main.go b/cmd/signer/main.go index c5c7436..2f3e239 100644 --- a/cmd/signer/main.go +++ b/cmd/signer/main.go @@ -25,13 +25,12 @@ import ( "github.com/sirupsen/logrus" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" - - "git.cacert.org/cacert-gosigner/pkg/config" - "git.cacert.org/cacert-gosigner/pkg/health" - "git.cacert.org/cacert-gosigner/pkg/hsm" - "git.cacert.org/cacert-gosigner/pkg/protocol" - "git.cacert.org/cacert-gosigner/pkg/seriallink" + "git.cacert.org/cacert-gosigner/internal/config" + "git.cacert.org/cacert-gosigner/internal/handler" + "git.cacert.org/cacert-gosigner/internal/health" + "git.cacert.org/cacert-gosigner/internal/hsm" + "git.cacert.org/cacert-gosigner/internal/serial" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" ) var ( @@ -93,16 +92,16 @@ func main() { fetchCRLHandler := revoking.NewFetchCRLHandler(revokingRepositories) - proto, err := protocol.New( + proto, err := handler.New( logger, - protocol.RegisterHealthHandler(healthHandler), - protocol.RegisterFetchCRLHandler(fetchCRLHandler), + handler.RegisterHealthHandler(healthHandler), + handler.RegisterFetchCRLHandler(fetchCRLHandler), ) if err != nil { logger.WithError(err).Fatal("could not setup protocol handler") } - serialHandler, err := seriallink.New(caConfig.GetSerial(), logger, proto) + serialHandler, err := serial.New(caConfig.GetSerial(), logger, proto) if err != nil { logger.WithError(err).Fatal("could not setup serial link handler") } diff --git a/pkg/config/amd64.go b/internal/config/amd64.go similarity index 100% rename from pkg/config/amd64.go rename to internal/config/amd64.go diff --git a/pkg/config/arm64.go b/internal/config/arm64.go similarity index 100% rename from pkg/config/arm64.go rename to internal/config/arm64.go diff --git a/pkg/config/armhf.go b/internal/config/armhf.go similarity index 100% rename from pkg/config/armhf.go rename to internal/config/armhf.go diff --git a/pkg/config/config.go b/internal/config/config.go similarity index 98% rename from pkg/config/config.go rename to internal/config/config.go index d82f9bb..d620d0e 100644 --- a/pkg/config/config.go +++ b/internal/config/config.go @@ -31,9 +31,9 @@ import ( "gopkg.in/yaml.v3" - "git.cacert.org/cacert-gosigner/pkg/x509/openssl" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" - "git.cacert.org/cacert-gosigner/pkg/x509/signing" + "git.cacert.org/cacert-gosigner/internal/x509/openssl" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" + "git.cacert.org/cacert-gosigner/internal/x509/signing" ) const minRSABits = 2048 diff --git a/pkg/config/config_test.go b/internal/config/config_test.go similarity index 99% rename from pkg/config/config_test.go rename to internal/config/config_test.go index cacd2c4..6548b3c 100644 --- a/pkg/config/config_test.go +++ b/internal/config/config_test.go @@ -30,7 +30,7 @@ import ( "github.com/stretchr/testify/require" "gopkg.in/yaml.v3" - "git.cacert.org/cacert-gosigner/pkg/config" + "git.cacert.org/cacert-gosigner/internal/config" ) type TestCurve struct { diff --git a/pkg/protocol/msgpack.go b/internal/handler/msgpack.go similarity index 92% rename from pkg/protocol/msgpack.go rename to internal/handler/msgpack.go index dc5102b..80d4a8a 100644 --- a/pkg/protocol/msgpack.go +++ b/internal/handler/msgpack.go @@ -15,7 +15,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package protocol +package handler import ( "errors" @@ -25,9 +25,11 @@ import ( "github.com/shamaton/msgpackgen/msgpack" "github.com/sirupsen/logrus" - "git.cacert.org/cacert-gosigner/pkg/health" + "git.cacert.org/cacert-gosigner/pkg/protocol" + + "git.cacert.org/cacert-gosigner/internal/health" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" "git.cacert.org/cacert-gosigner/pkg/messages" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" ) // MsgPackHandler is a Handler implementation for the msgpack serialization format. @@ -35,8 +37,8 @@ type MsgPackHandler struct { logger *logrus.Logger healthHandler *health.Handler fetchCRLHandler *revoking.FetchCRLHandler - currentCommand *Command - currentResponse *Response + currentCommand *protocol.Command + currentResponse *protocol.Response lock sync.Mutex } @@ -52,7 +54,7 @@ func (m *MsgPackHandler) HandleCommandAnnounce(frame []byte) error { m.logger.WithField("announcement", &ann).Info("received command announcement") - m.currentCommand = &Command{Announce: &ann} + m.currentCommand = &protocol.Command{Announce: &ann} return nil } @@ -185,7 +187,7 @@ func (m *MsgPackHandler) handleCommand() error { return fmt.Errorf("error from command handler: %w", err) } - m.currentResponse = &Response{ + m.currentResponse = &protocol.Response{ Announce: messages.BuildResponseAnnounce(responseCode, m.currentID()), Response: responseData, } @@ -193,8 +195,8 @@ func (m *MsgPackHandler) handleCommand() error { return nil } -func (m *MsgPackHandler) buildErrorResponse(errMsg string) *Response { - return &Response{ +func (m *MsgPackHandler) buildErrorResponse(errMsg string) *protocol.Response { + return &protocol.Response{ Announce: messages.BuildResponseAnnounce(messages.RespError, m.currentID()), Response: &messages.ErrorResponse{Message: errMsg}, } @@ -253,7 +255,7 @@ func (m *MsgPackHandler) handleFetchCRLCommand() (*messages.FetchCRLResponse, er return response, nil } -func New(logger *logrus.Logger, handlers ...RegisterHandler) (Handler, error) { +func New(logger *logrus.Logger, handlers ...RegisterHandler) (protocol.Handler, error) { messages.RegisterGeneratedResolver() h := &MsgPackHandler{ diff --git a/pkg/health/health.go b/internal/health/health.go similarity index 100% rename from pkg/health/health.go rename to internal/health/health.go diff --git a/pkg/hsm/context.go b/internal/hsm/context.go similarity index 97% rename from pkg/hsm/context.go rename to internal/hsm/context.go index c4f0a38..10308fc 100644 --- a/pkg/hsm/context.go +++ b/internal/hsm/context.go @@ -22,7 +22,7 @@ import ( "github.com/ThalesIgnite/crypto11" - "git.cacert.org/cacert-gosigner/pkg/config" + "git.cacert.org/cacert-gosigner/internal/config" ) type ConfigOption func(a *Access) diff --git a/pkg/hsm/context_test.go b/internal/hsm/context_test.go similarity index 98% rename from pkg/hsm/context_test.go rename to internal/hsm/context_test.go index 9fd43b0..d5583b9 100644 --- a/pkg/hsm/context_test.go +++ b/internal/hsm/context_test.go @@ -29,8 +29,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.cacert.org/cacert-gosigner/pkg/config" - "git.cacert.org/cacert-gosigner/pkg/hsm" + "git.cacert.org/cacert-gosigner/internal/config" + "git.cacert.org/cacert-gosigner/internal/hsm" ) func TestCaConfigOption(t *testing.T) { diff --git a/pkg/hsm/hsm.go b/internal/hsm/hsm.go similarity index 99% rename from pkg/hsm/hsm.go rename to internal/hsm/hsm.go index 76359ee..315fcc3 100644 --- a/pkg/hsm/hsm.go +++ b/internal/hsm/hsm.go @@ -37,9 +37,8 @@ import ( "github.com/ThalesIgnite/crypto11" "github.com/sirupsen/logrus" - "git.cacert.org/cacert-gosigner/pkg/health" - - "git.cacert.org/cacert-gosigner/pkg/config" + "git.cacert.org/cacert-gosigner/internal/config" + "git.cacert.org/cacert-gosigner/internal/health" ) var ( diff --git a/pkg/hsm/hsm_test.go b/internal/hsm/hsm_test.go similarity index 97% rename from pkg/hsm/hsm_test.go rename to internal/hsm/hsm_test.go index c2173f1..d936d67 100644 --- a/pkg/hsm/hsm_test.go +++ b/internal/hsm/hsm_test.go @@ -26,8 +26,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.cacert.org/cacert-gosigner/pkg/config" - "git.cacert.org/cacert-gosigner/pkg/hsm" + "git.cacert.org/cacert-gosigner/internal/config" + "git.cacert.org/cacert-gosigner/internal/hsm" ) func TestEnsureCAKeysAndCertificates_not_in_setup_mode(t *testing.T) { diff --git a/pkg/hsm/setup.go b/internal/hsm/setup.go similarity index 100% rename from pkg/hsm/setup.go rename to internal/hsm/setup.go diff --git a/pkg/hsm/setup_test.go b/internal/hsm/setup_test.go similarity index 97% rename from pkg/hsm/setup_test.go rename to internal/hsm/setup_test.go index 2db8eb8..75a4086 100644 --- a/pkg/hsm/setup_test.go +++ b/internal/hsm/setup_test.go @@ -24,7 +24,7 @@ import ( "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" - "git.cacert.org/cacert-gosigner/pkg/hsm" + "git.cacert.org/cacert-gosigner/internal/hsm" ) func TestEnsureCAKeysAndCertificates(t *testing.T) { diff --git a/pkg/hsm/storage.go b/internal/hsm/storage.go similarity index 100% rename from pkg/hsm/storage.go rename to internal/hsm/storage.go diff --git a/pkg/openpgp/signing/repository.go b/internal/openpgp/signing/repository.go similarity index 100% rename from pkg/openpgp/signing/repository.go rename to internal/openpgp/signing/repository.go diff --git a/pkg/openpgp/signing/signing.go b/internal/openpgp/signing/signing.go similarity index 100% rename from pkg/openpgp/signing/signing.go rename to internal/openpgp/signing/signing.go diff --git a/pkg/seriallink/seriallink.go b/internal/serial/seriallink.go similarity index 99% rename from pkg/seriallink/seriallink.go rename to internal/serial/seriallink.go index 49bf3ed..1320424 100644 --- a/pkg/seriallink/seriallink.go +++ b/internal/serial/seriallink.go @@ -16,7 +16,7 @@ limitations under the License. */ // Package seriallink provides a handler for the serial connection of the signer machine. -package seriallink +package serial import ( "bytes" @@ -30,7 +30,7 @@ import ( "github.com/sirupsen/logrus" "github.com/tarm/serial" - "git.cacert.org/cacert-gosigner/pkg/config" + "git.cacert.org/cacert-gosigner/internal/config" "git.cacert.org/cacert-gosigner/pkg/protocol" ) diff --git a/pkg/x509/helper/helper.go b/internal/x509/helper/helper.go similarity index 100% rename from pkg/x509/helper/helper.go rename to internal/x509/helper/helper.go diff --git a/pkg/x509/helper/helper_test.go b/internal/x509/helper/helper_test.go similarity index 94% rename from pkg/x509/helper/helper_test.go rename to internal/x509/helper/helper_test.go index 2d5bcd0..a8582e7 100644 --- a/pkg/x509/helper/helper_test.go +++ b/internal/x509/helper/helper_test.go @@ -22,7 +22,7 @@ import ( "github.com/stretchr/testify/assert" - "git.cacert.org/cacert-gosigner/pkg/x509/helper" + "git.cacert.org/cacert-gosigner/internal/x509/helper" ) func TestGenerateRandomSerial(t *testing.T) { diff --git a/pkg/x509/openssl/repository.go b/internal/x509/openssl/repository.go similarity index 99% rename from pkg/x509/openssl/repository.go rename to internal/x509/openssl/repository.go index 077ff05..8010f5e 100644 --- a/pkg/x509/openssl/repository.go +++ b/internal/x509/openssl/repository.go @@ -31,7 +31,7 @@ import ( "sync" "time" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" ) const TimeSpec = "060102030405Z" diff --git a/pkg/x509/openssl/repository_test.go b/internal/x509/openssl/repository_test.go similarity index 96% rename from pkg/x509/openssl/repository_test.go rename to internal/x509/openssl/repository_test.go index 4378385..68656e9 100644 --- a/pkg/x509/openssl/repository_test.go +++ b/internal/x509/openssl/repository_test.go @@ -31,8 +31,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.cacert.org/cacert-gosigner/pkg/x509/openssl" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" + "git.cacert.org/cacert-gosigner/internal/x509/openssl" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" ) func TestStoreRevocation(t *testing.T) { diff --git a/pkg/x509/revoking/repository.go b/internal/x509/revoking/repository.go similarity index 100% rename from pkg/x509/revoking/repository.go rename to internal/x509/revoking/repository.go diff --git a/pkg/x509/revoking/revoking.go b/internal/x509/revoking/revoking.go similarity index 100% rename from pkg/x509/revoking/revoking.go rename to internal/x509/revoking/revoking.go diff --git a/pkg/x509/revoking/revoking_test.go b/internal/x509/revoking/revoking_test.go similarity index 97% rename from pkg/x509/revoking/revoking_test.go rename to internal/x509/revoking/revoking_test.go index 8c05213..9a0d1af 100644 --- a/pkg/x509/revoking/revoking_test.go +++ b/internal/x509/revoking/revoking_test.go @@ -31,9 +31,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.cacert.org/cacert-gosigner/pkg/x509/helper" + "git.cacert.org/cacert-gosigner/internal/x509/helper" - "git.cacert.org/cacert-gosigner/pkg/x509/revoking" + "git.cacert.org/cacert-gosigner/internal/x509/revoking" ) func randomSerial(t *testing.T) *big.Int { @@ -181,15 +181,15 @@ func TestX509Revoking_CreateCRL(t *testing.T) { assert.NotNil(t, crl) assert.NotEmpty(t, crl.CRL) - parsedCRL, err := x509.ParseCRL(crl.CRL) + parsedCRL, err := x509.ParseRevocationList(crl.CRL) assert.NoError(t, err) - assert.ElementsMatch(t, certificate.Subject.ToRDNSequence(), parsedCRL.TBSCertList.Issuer) + assert.ElementsMatch(t, certificate.Subject.ToRDNSequence(), parsedCRL.Issuer.ToRDNSequence()) var found bool - for _, item := range parsedCRL.TBSCertList.RevokedCertificates { + for _, item := range parsedCRL.RevokedCertificates { if item.SerialNumber.Cmp(serial) == 0 { found = true diff --git a/pkg/x509/signing/repository.go b/internal/x509/signing/repository.go similarity index 100% rename from pkg/x509/signing/repository.go rename to internal/x509/signing/repository.go diff --git a/pkg/x509/signing/signer.go b/internal/x509/signing/signer.go similarity index 100% rename from pkg/x509/signing/signer.go rename to internal/x509/signing/signer.go diff --git a/pkg/x509/signing/signing.go b/internal/x509/signing/signing.go similarity index 100% rename from pkg/x509/signing/signing.go rename to internal/x509/signing/signing.go diff --git a/pkg/x509/signing/signing_test.go b/internal/x509/signing/signing_test.go similarity index 97% rename from pkg/x509/signing/signing_test.go rename to internal/x509/signing/signing_test.go index 6435afb..868490c 100644 --- a/pkg/x509/signing/signing_test.go +++ b/internal/x509/signing/signing_test.go @@ -30,9 +30,8 @@ import ( "github.com/stretchr/testify/assert" - "git.cacert.org/cacert-gosigner/pkg/x509/helper" - - "git.cacert.org/cacert-gosigner/pkg/x509/signing" + "git.cacert.org/cacert-gosigner/internal/x509/helper" + "git.cacert.org/cacert-gosigner/internal/x509/signing" ) func randomSerial(t *testing.T) *big.Int {