From 2da6bfab9efcdf5e8e6b517e6bd2e03ce8d4a280 Mon Sep 17 00:00:00 2001
From: Malte Bauch <malte.bauch@h-da.de>
Date: Thu, 12 Sep 2024 13:43:26 +0200
Subject: [PATCH] small fixes for tls

---
 akms-simulator/akms-simulator.go                   |  6 +++++-
 goKMS/kms/akmsInterface/server/server.go           | 14 +++++++++++---
 .../config/kms/tlsConfigs/kms1ReqConfig.txt        |  3 +++
 .../config/kms/tlsConfigs/kms2ReqConfig.txt        |  3 +++
 4 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/akms-simulator/akms-simulator.go b/akms-simulator/akms-simulator.go
index b310a6b0..b9568a67 100644
--- a/akms-simulator/akms-simulator.go
+++ b/akms-simulator/akms-simulator.go
@@ -70,9 +70,13 @@ func main() {
 		}
 
 		server.TLSConfig = tlsConfig
+
+		logrus.Fatal(server.ListenAndServeTLS("", ""))
+	} else {
+
+		logrus.Fatal(server.ListenAndServe())
 	}
 
-	logrus.Fatal(server.ListenAndServe())
 }
 
 func getLogFile(w http.ResponseWriter, r *http.Request) {
diff --git a/goKMS/kms/akmsInterface/server/server.go b/goKMS/kms/akmsInterface/server/server.go
index 04698dab..26f85352 100644
--- a/goKMS/kms/akmsInterface/server/server.go
+++ b/goKMS/kms/akmsInterface/server/server.go
@@ -15,7 +15,8 @@ import (
 )
 
 type AKMSReceiverServer struct {
-	server *http.Server
+	server    *http.Server
+	tlsConfig config.TLSConfig
 }
 
 func NewAKMSReceiver(port string, eventBus *event.EventBus, receiver *receiver.Receiver, generateAndSend func(string, uuid.UUID, string, int) error, tlsConfig config.TLSConfig) (*AKMSReceiverServer, error) {
@@ -37,14 +38,21 @@ func NewAKMSReceiver(port string, eventBus *event.EventBus, receiver *receiver.R
 	}
 
 	AKMSReceiver := &AKMSReceiverServer{
-		server: server,
+		server:    server,
+		tlsConfig: tlsConfig,
 	}
 
 	return AKMSReceiver, nil
 }
 
 func (akmsReceiver *AKMSReceiverServer) Serve() {
-	go akmsReceiver.server.ListenAndServe() //nolint:errcheck
+
+	if akmsReceiver.tlsConfig.Active {
+
+		go akmsReceiver.server.ListenAndServeTLS("", "") //nolint:errcheck
+	} else {
+		go akmsReceiver.server.ListenAndServe() //nolint:errcheck
+	}
 }
 
 type KeyProperties struct {
diff --git a/integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt b/integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt
index 7171d575..4d46bd8d 100644
--- a/integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt
+++ b/integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt
@@ -13,4 +13,7 @@ keyUsage = keyEncipherment, dataEncipherment
 extendedKeyUsage = serverAuth, clientAuth
 subjectAltName = @alt_names
 [alt_names]
+IP.1 = 127.0.0.1
 DNS.1 = kms01
+DNS.2 = akms-simulator_1
+DNS.3 = akms-simulator_2
diff --git a/integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt b/integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt
index c990896c..8701d1e0 100644
--- a/integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt
+++ b/integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt
@@ -13,4 +13,7 @@ keyUsage = keyEncipherment, dataEncipherment
 extendedKeyUsage = serverAuth, clientAuth
 subjectAltName = @alt_names
 [alt_names]
+IP.1 = 127.0.0.1
 DNS.1 = kms02
+DNS.2 = akms-simulator_1
+DNS.3 = akms-simulator_2
-- 
GitLab