Skip to content
Snippets Groups Projects
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
akmsCkmsServer.go 1.78 KiB
package akmsCkmsServer

import (
	"encoding/json"
	"net/http"

	"code.fbi.h-da.de/danet/quant/ekms/internal/kms"
	"github.com/sirupsen/logrus"
)

type AKMSReceiverServer struct {
	ekms   *kms.EKMS
	server *http.Server
}

func NewAKMSReceiver(port string, ekms *kms.EKMS) *AKMSReceiverServer {
	router := http.NewServeMux()

	router.HandleFunc("/api/v1/keys/ksa_key_req", ksaReqHandler(ekms))

	server := &http.Server{
		Addr:    ":" + port,
		Handler: router,
	}

	AKMSReceiver := &AKMSReceiverServer{
		ekms:   ekms,
		server: server,
	}

	return AKMSReceiver
}

func (akmsReceiver *AKMSReceiverServer) Serve() {
	go akmsReceiver.server.ListenAndServe() //nolint:errcheck
}

type KeyProperties struct {
	Number    int `json:"number"`
	KeyLength int `json:"key_length"`
	Timeout   int `json:"timeout"`
	TTL       int `json:"TTL"`
}

type KMSKeyRequest struct {
	LocalCKMSID   string          `json:"local_CKMS_ID"`
	RequestID     string          `json:"request_ID"`
	KeyProperties []KeyProperties `json:"key_properties"`
}

func ksaReqHandler(ekms *kms.EKMS) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		var kmsKeyRequest KMSKeyRequest
		err := json.NewDecoder(r.Body).Decode(&kmsKeyRequest)
		if err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			logrus.Errorf("error decoding ksa key request: %s", err)
			return
		}

		logrus.Infof("received KSA key request for local CKMS %s, request ID %s, and key properties %v",
			kmsKeyRequest.LocalCKMSID, kmsKeyRequest.RequestID, kmsKeyRequest.KeyProperties)

		for _, keyProperties := range kmsKeyRequest.KeyProperties {
			go ekms.GenerateAndSendKSAKey(kmsKeyRequest.LocalCKMSID, kmsKeyRequest.RequestID, keyProperties.Number) //nolint:errcheck
		}

		logrus.Info("requested all keys")
		w.WriteHeader(http.StatusNoContent)
	}
}