Add methods to convert attestation formats

2 years ago · 66407139e5
parent 0f651799d0
commit 66407139e5
3 changed files with 49 additions and 13 deletions
--- a/authority/provisioners.go
+++ b/authority/provisioners.go
@ -748,14 +748,15 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
 	case *linkedca.ProvisionerDetails_ACME:
 		cfg := d.ACME
 		return &provisioner.ACME{
-			ID:         p.Id,
-			Type:       p.Type.String(),
-			Name:       p.Name,
-			ForceCN:    cfg.ForceCn,
-			RequireEAB: cfg.RequireEab,
-			Challenges: challengesToCertificates(cfg.Challenges),
-			Claims:     claims,
-			Options:    options,
+			ID:                 p.Id,
+			Type:               p.Type.String(),
+			Name:               p.Name,
+			ForceCN:            cfg.ForceCn,
+			RequireEAB:         cfg.RequireEab,
+			Challenges:         challengesToCertificates(cfg.Challenges),
+			AttestationFormats: attestationFormatsToCertificates(cfg.AttestationFormats),
+			Claims:             claims,
+			Options:            options,
 		}, nil
 	case *linkedca.ProvisionerDetails_OIDC:
 		cfg := d.OIDC
@ -1002,8 +1003,9 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
 			Details: &linkedca.ProvisionerDetails{
 				Data: &linkedca.ProvisionerDetails_ACME{
 					ACME: &linkedca.ACMEProvisioner{
-						ForceCn:    p.ForceCN,
-						Challenges: challengesToLinkedca(p.Challenges),
+						ForceCn:            p.ForceCN,
+						Challenges:         challengesToLinkedca(p.Challenges),
+						AttestationFormats: attestationFormatsToLinkedca(p.AttestationFormats),
 					},
 				},
 			},
@ -1162,3 +1164,37 @@ func challengesToLinkedca(challenges []provisioner.ACMEChallenge) []linkedca.ACM
 	}
 	return ret
 }
+
+// attestationFormatsToCertificates converts linkedca attestation formats to
+// provisioner ones skipping the unknown ones.
+func attestationFormatsToCertificates(formats []linkedca.ACMEProvisioner_AttestationFormatType) []provisioner.ACMEAttestationFormat {
+	ret := make([]provisioner.ACMEAttestationFormat, 0, len(formats))
+	for _, f := range formats {
+		switch f {
+		case linkedca.ACMEProvisioner_APPLE:
+			ret = append(ret, provisioner.APPLE)
+		case linkedca.ACMEProvisioner_STEP:
+			ret = append(ret, provisioner.STEP)
+		case linkedca.ACMEProvisioner_TPM:
+			ret = append(ret, provisioner.TPM)
+		}
+	}
+	return ret
+}
+
+// attestationFormatsToLinkedca converts provisioner attestation formats to
+// linkedca ones skipping the unknown ones.
+func attestationFormatsToLinkedca(formats []provisioner.ACMEAttestationFormat) []linkedca.ACMEProvisioner_AttestationFormatType {
+	ret := make([]linkedca.ACMEProvisioner_AttestationFormatType, 0, len(formats))
+	for _, f := range formats {
+		switch provisioner.ACMEAttestationFormat(f.String()) {
+		case provisioner.APPLE:
+			ret = append(ret, linkedca.ACMEProvisioner_APPLE)
+		case provisioner.STEP:
+			ret = append(ret, linkedca.ACMEProvisioner_STEP)
+		case provisioner.TPM:
+			ret = append(ret, linkedca.ACMEProvisioner_TPM)
+		}
+	}
+	return ret
+}
--- a/go.mod
+++ b/go.mod
@ -40,7 +40,7 @@ require (
 	go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
 	go.step.sm/cli-utils v0.7.4
 	go.step.sm/crypto v0.19.0
-	go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300
+	go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb
 	golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
 	golang.org/x/net v0.0.0-20220607020251-c690dde0001d
 	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
--- a/go.sum
+++ b/go.sum
@ -641,8 +641,8 @@ go.step.sm/cli-utils v0.7.4/go.mod h1:taSsY8haLmXoXM3ZkywIyRmVij/4Aj0fQbNTlJvv71
 go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0=
 go.step.sm/crypto v0.19.0 h1:WxjUDeTDpuPZ1IR3v6c4jc6WdlQlS5IYYQBhfnG5uW0=
 go.step.sm/crypto v0.19.0/go.mod h1:qZ+pNU1nV+THwP7TPTNCRMRr9xrRURhETTAK7U5psfw=
-go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300 h1:kDqCHUh4jqqqf+m5IXjFjlwsTXuIXpf5ciGKigqJH14=
-go.step.sm/linkedca v0.18.1-0.20220824000236-47827c8eb300/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM=
+go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb h1:YxFSzM8+nWsiAbi9tOmXRcY1LJizDTKLDa+grJp6n+8=
+go.step.sm/linkedca v0.18.1-0.20220909002054-5b28651792cb/go.mod h1:qSuYlIIhvPmA2+DSSS03E2IXhbXWTLW61Xh9zDQJ3VM=
 go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=