Move internal code to internal packages
This commit is contained in:
parent
f0d456dd13
commit
faaadbe5aa
30 changed files with 50 additions and 51 deletions
|
|
@ -1,9 +1,9 @@
|
||||||
---
|
---
|
||||||
run:
|
run:
|
||||||
skip-files:
|
skip-files:
|
||||||
- pkg/config/amd64.go
|
- internal/config/amd64.go
|
||||||
- pkg/config/arm64.go
|
- internal/config/arm64.go
|
||||||
- pkg/config/armhf.go
|
- internal/config/armhf.go
|
||||||
- pkg/messages/resolver.msgpackgen.go
|
- pkg/messages/resolver.msgpackgen.go
|
||||||
|
|
||||||
output:
|
output:
|
||||||
|
|
|
||||||
|
|
@ -25,13 +25,12 @@ import (
|
||||||
|
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
|
"git.cacert.org/cacert-gosigner/internal/handler"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/health"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/health"
|
"git.cacert.org/cacert-gosigner/internal/hsm"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/hsm"
|
"git.cacert.org/cacert-gosigner/internal/serial"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/protocol"
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/seriallink"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
|
@ -93,16 +92,16 @@ func main() {
|
||||||
|
|
||||||
fetchCRLHandler := revoking.NewFetchCRLHandler(revokingRepositories)
|
fetchCRLHandler := revoking.NewFetchCRLHandler(revokingRepositories)
|
||||||
|
|
||||||
proto, err := protocol.New(
|
proto, err := handler.New(
|
||||||
logger,
|
logger,
|
||||||
protocol.RegisterHealthHandler(healthHandler),
|
handler.RegisterHealthHandler(healthHandler),
|
||||||
protocol.RegisterFetchCRLHandler(fetchCRLHandler),
|
handler.RegisterFetchCRLHandler(fetchCRLHandler),
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.WithError(err).Fatal("could not setup protocol handler")
|
logger.WithError(err).Fatal("could not setup protocol handler")
|
||||||
}
|
}
|
||||||
|
|
||||||
serialHandler, err := seriallink.New(caConfig.GetSerial(), logger, proto)
|
serialHandler, err := serial.New(caConfig.GetSerial(), logger, proto)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.WithError(err).Fatal("could not setup serial link handler")
|
logger.WithError(err).Fatal("could not setup serial link handler")
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -31,9 +31,9 @@ import (
|
||||||
|
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/openssl"
|
"git.cacert.org/cacert-gosigner/internal/x509/openssl"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/signing"
|
"git.cacert.org/cacert-gosigner/internal/x509/signing"
|
||||||
)
|
)
|
||||||
|
|
||||||
const minRSABits = 2048
|
const minRSABits = 2048
|
||||||
|
|
@ -30,7 +30,7 @@ import (
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
type TestCurve struct {
|
type TestCurve struct {
|
||||||
|
|
@ -15,7 +15,7 @@ See the License for the specific language governing permissions and
|
||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package protocol
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
|
|
@ -25,9 +25,11 @@ import (
|
||||||
"github.com/shamaton/msgpackgen/msgpack"
|
"github.com/shamaton/msgpackgen/msgpack"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/health"
|
"git.cacert.org/cacert-gosigner/pkg/protocol"
|
||||||
|
|
||||||
|
"git.cacert.org/cacert-gosigner/internal/health"
|
||||||
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/messages"
|
"git.cacert.org/cacert-gosigner/pkg/messages"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// MsgPackHandler is a Handler implementation for the msgpack serialization format.
|
// MsgPackHandler is a Handler implementation for the msgpack serialization format.
|
||||||
|
|
@ -35,8 +37,8 @@ type MsgPackHandler struct {
|
||||||
logger *logrus.Logger
|
logger *logrus.Logger
|
||||||
healthHandler *health.Handler
|
healthHandler *health.Handler
|
||||||
fetchCRLHandler *revoking.FetchCRLHandler
|
fetchCRLHandler *revoking.FetchCRLHandler
|
||||||
currentCommand *Command
|
currentCommand *protocol.Command
|
||||||
currentResponse *Response
|
currentResponse *protocol.Response
|
||||||
lock sync.Mutex
|
lock sync.Mutex
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -52,7 +54,7 @@ func (m *MsgPackHandler) HandleCommandAnnounce(frame []byte) error {
|
||||||
|
|
||||||
m.logger.WithField("announcement", &ann).Info("received command announcement")
|
m.logger.WithField("announcement", &ann).Info("received command announcement")
|
||||||
|
|
||||||
m.currentCommand = &Command{Announce: &ann}
|
m.currentCommand = &protocol.Command{Announce: &ann}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
@ -185,7 +187,7 @@ func (m *MsgPackHandler) handleCommand() error {
|
||||||
return fmt.Errorf("error from command handler: %w", err)
|
return fmt.Errorf("error from command handler: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
m.currentResponse = &Response{
|
m.currentResponse = &protocol.Response{
|
||||||
Announce: messages.BuildResponseAnnounce(responseCode, m.currentID()),
|
Announce: messages.BuildResponseAnnounce(responseCode, m.currentID()),
|
||||||
Response: responseData,
|
Response: responseData,
|
||||||
}
|
}
|
||||||
|
|
@ -193,8 +195,8 @@ func (m *MsgPackHandler) handleCommand() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *MsgPackHandler) buildErrorResponse(errMsg string) *Response {
|
func (m *MsgPackHandler) buildErrorResponse(errMsg string) *protocol.Response {
|
||||||
return &Response{
|
return &protocol.Response{
|
||||||
Announce: messages.BuildResponseAnnounce(messages.RespError, m.currentID()),
|
Announce: messages.BuildResponseAnnounce(messages.RespError, m.currentID()),
|
||||||
Response: &messages.ErrorResponse{Message: errMsg},
|
Response: &messages.ErrorResponse{Message: errMsg},
|
||||||
}
|
}
|
||||||
|
|
@ -253,7 +255,7 @@ func (m *MsgPackHandler) handleFetchCRLCommand() (*messages.FetchCRLResponse, er
|
||||||
return response, nil
|
return response, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func New(logger *logrus.Logger, handlers ...RegisterHandler) (Handler, error) {
|
func New(logger *logrus.Logger, handlers ...RegisterHandler) (protocol.Handler, error) {
|
||||||
messages.RegisterGeneratedResolver()
|
messages.RegisterGeneratedResolver()
|
||||||
|
|
||||||
h := &MsgPackHandler{
|
h := &MsgPackHandler{
|
||||||
|
|
@ -22,7 +22,7 @@ import (
|
||||||
|
|
||||||
"github.com/ThalesIgnite/crypto11"
|
"github.com/ThalesIgnite/crypto11"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
type ConfigOption func(a *Access)
|
type ConfigOption func(a *Access)
|
||||||
|
|
@ -29,8 +29,8 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/hsm"
|
"git.cacert.org/cacert-gosigner/internal/hsm"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestCaConfigOption(t *testing.T) {
|
func TestCaConfigOption(t *testing.T) {
|
||||||
|
|
@ -37,9 +37,8 @@ import (
|
||||||
"github.com/ThalesIgnite/crypto11"
|
"github.com/ThalesIgnite/crypto11"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/health"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
|
"git.cacert.org/cacert-gosigner/internal/health"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
|
@ -26,8 +26,8 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/hsm"
|
"git.cacert.org/cacert-gosigner/internal/hsm"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestEnsureCAKeysAndCertificates_not_in_setup_mode(t *testing.T) {
|
func TestEnsureCAKeysAndCertificates_not_in_setup_mode(t *testing.T) {
|
||||||
|
|
@ -24,7 +24,7 @@ import (
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/hsm"
|
"git.cacert.org/cacert-gosigner/internal/hsm"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestEnsureCAKeysAndCertificates(t *testing.T) {
|
func TestEnsureCAKeysAndCertificates(t *testing.T) {
|
||||||
|
|
@ -16,7 +16,7 @@ limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// Package seriallink provides a handler for the serial connection of the signer machine.
|
// Package seriallink provides a handler for the serial connection of the signer machine.
|
||||||
package seriallink
|
package serial
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
|
@ -30,7 +30,7 @@ import (
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/tarm/serial"
|
"github.com/tarm/serial"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/config"
|
"git.cacert.org/cacert-gosigner/internal/config"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/protocol"
|
"git.cacert.org/cacert-gosigner/pkg/protocol"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -22,7 +22,7 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/helper"
|
"git.cacert.org/cacert-gosigner/internal/x509/helper"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestGenerateRandomSerial(t *testing.T) {
|
func TestGenerateRandomSerial(t *testing.T) {
|
||||||
|
|
@ -31,7 +31,7 @@ import (
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
)
|
)
|
||||||
|
|
||||||
const TimeSpec = "060102030405Z"
|
const TimeSpec = "060102030405Z"
|
||||||
|
|
@ -31,8 +31,8 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/openssl"
|
"git.cacert.org/cacert-gosigner/internal/x509/openssl"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestStoreRevocation(t *testing.T) {
|
func TestStoreRevocation(t *testing.T) {
|
||||||
|
|
@ -31,9 +31,9 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/helper"
|
"git.cacert.org/cacert-gosigner/internal/x509/helper"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/revoking"
|
"git.cacert.org/cacert-gosigner/internal/x509/revoking"
|
||||||
)
|
)
|
||||||
|
|
||||||
func randomSerial(t *testing.T) *big.Int {
|
func randomSerial(t *testing.T) *big.Int {
|
||||||
|
|
@ -181,15 +181,15 @@ func TestX509Revoking_CreateCRL(t *testing.T) {
|
||||||
assert.NotNil(t, crl)
|
assert.NotNil(t, crl)
|
||||||
assert.NotEmpty(t, crl.CRL)
|
assert.NotEmpty(t, crl.CRL)
|
||||||
|
|
||||||
parsedCRL, err := x509.ParseCRL(crl.CRL)
|
parsedCRL, err := x509.ParseRevocationList(crl.CRL)
|
||||||
|
|
||||||
assert.NoError(t, err)
|
assert.NoError(t, err)
|
||||||
|
|
||||||
assert.ElementsMatch(t, certificate.Subject.ToRDNSequence(), parsedCRL.TBSCertList.Issuer)
|
assert.ElementsMatch(t, certificate.Subject.ToRDNSequence(), parsedCRL.Issuer.ToRDNSequence())
|
||||||
|
|
||||||
var found bool
|
var found bool
|
||||||
|
|
||||||
for _, item := range parsedCRL.TBSCertList.RevokedCertificates {
|
for _, item := range parsedCRL.RevokedCertificates {
|
||||||
if item.SerialNumber.Cmp(serial) == 0 {
|
if item.SerialNumber.Cmp(serial) == 0 {
|
||||||
found = true
|
found = true
|
||||||
|
|
||||||
|
|
@ -30,9 +30,8 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/helper"
|
"git.cacert.org/cacert-gosigner/internal/x509/helper"
|
||||||
|
"git.cacert.org/cacert-gosigner/internal/x509/signing"
|
||||||
"git.cacert.org/cacert-gosigner/pkg/x509/signing"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func randomSerial(t *testing.T) *big.Int {
|
func randomSerial(t *testing.T) *big.Int {
|
||||||
Loading…
Reference in a new issue