mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-05 14:37:45 +00:00
174 lines
5.2 KiB
Go
174 lines
5.2 KiB
Go
|
package webkey
|
||
|
|
||
|
import (
|
||
|
resource_object "github.com/zitadel/zitadel/internal/api/grpc/resources/object/v3alpha"
|
||
|
"github.com/zitadel/zitadel/internal/crypto"
|
||
|
"github.com/zitadel/zitadel/internal/domain"
|
||
|
"github.com/zitadel/zitadel/internal/query"
|
||
|
object "github.com/zitadel/zitadel/pkg/grpc/object/v3alpha"
|
||
|
webkey "github.com/zitadel/zitadel/pkg/grpc/resources/webkey/v3alpha"
|
||
|
)
|
||
|
|
||
|
func createWebKeyRequestToConfig(req *webkey.CreateWebKeyRequest) crypto.WebKeyConfig {
|
||
|
switch config := req.GetKey().GetConfig().(type) {
|
||
|
case *webkey.WebKey_Rsa:
|
||
|
return webKeyRSAConfigToCrypto(config.Rsa)
|
||
|
case *webkey.WebKey_Ecdsa:
|
||
|
return webKeyECDSAConfigToCrypto(config.Ecdsa)
|
||
|
case *webkey.WebKey_Ed25519:
|
||
|
return new(crypto.WebKeyED25519Config)
|
||
|
default:
|
||
|
return webKeyRSAConfigToCrypto(nil)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func webKeyRSAConfigToCrypto(config *webkey.WebKeyRSAConfig) *crypto.WebKeyRSAConfig {
|
||
|
out := new(crypto.WebKeyRSAConfig)
|
||
|
|
||
|
switch config.GetBits() {
|
||
|
case webkey.WebKeyRSAConfig_RSA_BITS_UNSPECIFIED:
|
||
|
out.Bits = crypto.RSABits2048
|
||
|
case webkey.WebKeyRSAConfig_RSA_BITS_2048:
|
||
|
out.Bits = crypto.RSABits2048
|
||
|
case webkey.WebKeyRSAConfig_RSA_BITS_3072:
|
||
|
out.Bits = crypto.RSABits3072
|
||
|
case webkey.WebKeyRSAConfig_RSA_BITS_4096:
|
||
|
out.Bits = crypto.RSABits4096
|
||
|
default:
|
||
|
out.Bits = crypto.RSABits2048
|
||
|
}
|
||
|
|
||
|
switch config.GetHasher() {
|
||
|
case webkey.WebKeyRSAConfig_RSA_HASHER_UNSPECIFIED:
|
||
|
out.Hasher = crypto.RSAHasherSHA256
|
||
|
case webkey.WebKeyRSAConfig_RSA_HASHER_SHA256:
|
||
|
out.Hasher = crypto.RSAHasherSHA256
|
||
|
case webkey.WebKeyRSAConfig_RSA_HASHER_SHA384:
|
||
|
out.Hasher = crypto.RSAHasherSHA384
|
||
|
case webkey.WebKeyRSAConfig_RSA_HASHER_SHA512:
|
||
|
out.Hasher = crypto.RSAHasherSHA512
|
||
|
default:
|
||
|
out.Hasher = crypto.RSAHasherSHA256
|
||
|
}
|
||
|
|
||
|
return out
|
||
|
}
|
||
|
|
||
|
func webKeyECDSAConfigToCrypto(config *webkey.WebKeyECDSAConfig) *crypto.WebKeyECDSAConfig {
|
||
|
out := new(crypto.WebKeyECDSAConfig)
|
||
|
|
||
|
switch config.GetCurve() {
|
||
|
case webkey.WebKeyECDSAConfig_ECDSA_CURVE_UNSPECIFIED:
|
||
|
out.Curve = crypto.EllipticCurveP256
|
||
|
case webkey.WebKeyECDSAConfig_ECDSA_CURVE_P256:
|
||
|
out.Curve = crypto.EllipticCurveP256
|
||
|
case webkey.WebKeyECDSAConfig_ECDSA_CURVE_P384:
|
||
|
out.Curve = crypto.EllipticCurveP384
|
||
|
case webkey.WebKeyECDSAConfig_ECDSA_CURVE_P512:
|
||
|
out.Curve = crypto.EllipticCurveP512
|
||
|
default:
|
||
|
out.Curve = crypto.EllipticCurveP256
|
||
|
}
|
||
|
|
||
|
return out
|
||
|
}
|
||
|
|
||
|
func webKeyDetailsListToPb(list []query.WebKeyDetails, instanceID string) []*webkey.GetWebKey {
|
||
|
out := make([]*webkey.GetWebKey, len(list))
|
||
|
for i := range list {
|
||
|
out[i] = webKeyDetailsToPb(&list[i], instanceID)
|
||
|
}
|
||
|
return out
|
||
|
}
|
||
|
|
||
|
func webKeyDetailsToPb(details *query.WebKeyDetails, instanceID string) *webkey.GetWebKey {
|
||
|
out := &webkey.GetWebKey{
|
||
|
Details: resource_object.DomainToDetailsPb(&domain.ObjectDetails{
|
||
|
ID: details.KeyID,
|
||
|
CreationDate: details.CreationDate,
|
||
|
EventDate: details.ChangeDate,
|
||
|
}, object.OwnerType_OWNER_TYPE_INSTANCE, instanceID),
|
||
|
State: webKeyStateToPb(details.State),
|
||
|
Config: &webkey.WebKey{},
|
||
|
}
|
||
|
|
||
|
switch config := details.Config.(type) {
|
||
|
case *crypto.WebKeyRSAConfig:
|
||
|
out.Config.Config = &webkey.WebKey_Rsa{
|
||
|
Rsa: webKeyRSAConfigToPb(config),
|
||
|
}
|
||
|
case *crypto.WebKeyECDSAConfig:
|
||
|
out.Config.Config = &webkey.WebKey_Ecdsa{
|
||
|
Ecdsa: webKeyECDSAConfigToPb(config),
|
||
|
}
|
||
|
case *crypto.WebKeyED25519Config:
|
||
|
out.Config.Config = &webkey.WebKey_Ed25519{
|
||
|
Ed25519: new(webkey.WebKeyED25519Config),
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return out
|
||
|
}
|
||
|
|
||
|
func webKeyStateToPb(state domain.WebKeyState) webkey.WebKeyState {
|
||
|
switch state {
|
||
|
case domain.WebKeyStateUnspecified:
|
||
|
return webkey.WebKeyState_STATE_UNSPECIFIED
|
||
|
case domain.WebKeyStateInitial:
|
||
|
return webkey.WebKeyState_STATE_INITIAL
|
||
|
case domain.WebKeyStateActive:
|
||
|
return webkey.WebKeyState_STATE_ACTIVE
|
||
|
case domain.WebKeyStateInactive:
|
||
|
return webkey.WebKeyState_STATE_INACTIVE
|
||
|
case domain.WebKeyStateRemoved:
|
||
|
return webkey.WebKeyState_STATE_REMOVED
|
||
|
default:
|
||
|
return webkey.WebKeyState_STATE_UNSPECIFIED
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func webKeyRSAConfigToPb(config *crypto.WebKeyRSAConfig) *webkey.WebKeyRSAConfig {
|
||
|
out := new(webkey.WebKeyRSAConfig)
|
||
|
|
||
|
switch config.Bits {
|
||
|
case crypto.RSABitsUnspecified:
|
||
|
out.Bits = webkey.WebKeyRSAConfig_RSA_BITS_UNSPECIFIED
|
||
|
case crypto.RSABits2048:
|
||
|
out.Bits = webkey.WebKeyRSAConfig_RSA_BITS_2048
|
||
|
case crypto.RSABits3072:
|
||
|
out.Bits = webkey.WebKeyRSAConfig_RSA_BITS_3072
|
||
|
case crypto.RSABits4096:
|
||
|
out.Bits = webkey.WebKeyRSAConfig_RSA_BITS_4096
|
||
|
}
|
||
|
|
||
|
switch config.Hasher {
|
||
|
case crypto.RSAHasherUnspecified:
|
||
|
out.Hasher = webkey.WebKeyRSAConfig_RSA_HASHER_UNSPECIFIED
|
||
|
case crypto.RSAHasherSHA256:
|
||
|
out.Hasher = webkey.WebKeyRSAConfig_RSA_HASHER_SHA256
|
||
|
case crypto.RSAHasherSHA384:
|
||
|
out.Hasher = webkey.WebKeyRSAConfig_RSA_HASHER_SHA384
|
||
|
case crypto.RSAHasherSHA512:
|
||
|
out.Hasher = webkey.WebKeyRSAConfig_RSA_HASHER_SHA512
|
||
|
}
|
||
|
|
||
|
return out
|
||
|
}
|
||
|
|
||
|
func webKeyECDSAConfigToPb(config *crypto.WebKeyECDSAConfig) *webkey.WebKeyECDSAConfig {
|
||
|
out := new(webkey.WebKeyECDSAConfig)
|
||
|
|
||
|
switch config.Curve {
|
||
|
case crypto.EllipticCurveUnspecified:
|
||
|
out.Curve = webkey.WebKeyECDSAConfig_ECDSA_CURVE_UNSPECIFIED
|
||
|
case crypto.EllipticCurveP256:
|
||
|
out.Curve = webkey.WebKeyECDSAConfig_ECDSA_CURVE_P256
|
||
|
case crypto.EllipticCurveP384:
|
||
|
out.Curve = webkey.WebKeyECDSAConfig_ECDSA_CURVE_P384
|
||
|
case crypto.EllipticCurveP512:
|
||
|
out.Curve = webkey.WebKeyECDSAConfig_ECDSA_CURVE_P512
|
||
|
}
|
||
|
|
||
|
return out
|
||
|
}
|