69 lines
1.2 KiB
Go
69 lines
1.2 KiB
Go
package storage
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"errors"
|
|
"io/ioutil"
|
|
"os"
|
|
)
|
|
|
|
var (
|
|
ErrInvalidCert = errors.New("Invalid certificate")
|
|
ErrCouldNotSaveCert = errors.New("Could not save certificate")
|
|
)
|
|
|
|
func (u *User) GetCertificate() *tls.Certificate {
|
|
u.lock.Lock()
|
|
cert := u.certificate
|
|
u.lock.Unlock()
|
|
|
|
return cert
|
|
}
|
|
|
|
func (u *User) SetCertificate(certPEM, keyPEM []byte) error {
|
|
cert, err := tls.X509KeyPair(certPEM, keyPEM)
|
|
if err != nil {
|
|
return ErrInvalidCert
|
|
}
|
|
u.lock.Lock()
|
|
u.certificate = &cert
|
|
u.lock.Unlock()
|
|
|
|
err = os.MkdirAll(Path.User(u.UUID), 0700)
|
|
if err != nil {
|
|
return ErrCouldNotSaveCert
|
|
}
|
|
|
|
err = ioutil.WriteFile(Path.Certificate(u.UUID), certPEM, 0600)
|
|
if err != nil {
|
|
return ErrCouldNotSaveCert
|
|
}
|
|
|
|
err = ioutil.WriteFile(Path.Key(u.UUID), keyPEM, 0600)
|
|
if err != nil {
|
|
return ErrCouldNotSaveCert
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (u *User) loadCertificate() error {
|
|
certPEM, err := ioutil.ReadFile(Path.Certificate(u.UUID))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
keyPEM, err := ioutil.ReadFile(Path.Key(u.UUID))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
cert, err := tls.X509KeyPair(certPEM, keyPEM)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
u.certificate = &cert
|
|
return nil
|
|
}
|