本文整理匯總了Golang中github.com/hyperledger/fabric/core/crypto/primitives.NewHash函數的典型用法代碼示例。如果您正苦於以下問題:Golang NewHash函數的具體用法?Golang NewHash怎麽用?Golang NewHash使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了NewHash函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: CreateCertificate
// CreateCertificate requests the creation of a new enrollment certificate by the TLSCA.
//
func (tlscap *TLSCAP) CreateCertificate(ctx context.Context, in *pb.TLSCertCreateReq) (*pb.TLSCertCreateResp, error) {
Trace.Println("grpc TLSCAP:CreateCertificate")
id := in.Id.Id
sig := in.Sig
in.Sig = nil
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
raw := in.Pub.Key
if in.Pub.Type != pb.CryptoType_ECDSA {
return nil, errors.New("unsupported key type")
}
pub, err := x509.ParsePKIXPublicKey(in.Pub.Key)
if err != nil {
return nil, err
}
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(pub.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
return nil, errors.New("signature does not verify")
}
if raw, err = tlscap.tlsca.createCertificate(id, pub.(*ecdsa.PublicKey), x509.KeyUsageDigitalSignature, in.Ts.Seconds, nil); err != nil {
Error.Println(err)
return nil, err
}
return &pb.TLSCertCreateResp{Cert: &pb.Cert{Cert: raw}, RootCert: &pb.Cert{Cert: tlscap.tlsca.raw}}, nil
}示例2: TestReadUserSetNonAuditor
func TestReadUserSetNonAuditor(t *testing.T) {
ecaa := &ECAA{eca}
req := &pb.ReadUserSetReq{
Req: &pb.Identity{Id: testUser.enrollID},
Role: 1,
Sig: nil}
//sign the req
hash := primitives.NewHash()
raw, _ := proto.Marshal(req)
hash.Write(raw)
r, s, err := ecdsa.Sign(rand.Reader, testUser.enrollPrivKey, hash.Sum(nil))
if err != nil {
t.Fatalf("Failed (ECDSA) signing [%s]", err.Error())
}
R, _ := r.MarshalText()
S, _ := s.MarshalText()
req.Sig = &pb.Signature{Type: pb.CryptoType_ECDSA, R: R, S: S}
_, err = ecaa.ReadUserSet(context.Background(), req)
if err == nil {
t.Fatal("Only auditors should be able to call ReadUserSet")
}
}示例3: ReadCertificateSet
// ReadCertificateSet reads a transaction certificate set from the TCA. Not yet implemented.
func (tcap *TCAP) ReadCertificateSet(ctx context.Context, in *pb.TCertReadSetReq) (*pb.CertSet, error) {
Trace.Println("grpc TCAP:ReadCertificateSet")
req := in.Req.Id
id := in.Id.Id
if req != id && tcap.tca.eca.readRole(req)&int(pb.Role_AUDITOR) == 0 {
return nil, errors.New("access denied")
}
raw, err := tcap.tca.eca.readCertificate(req, x509.KeyUsageDigitalSignature)
if err != nil {
return nil, err
}
cert, err := x509.ParseCertificate(raw)
if err != nil {
return nil, err
}
sig := in.Sig
in.Sig = nil
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(cert.PublicKey.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
return nil, errors.New("signature does not verify")
}
rows, err := tcap.tca.readCertificates(id, in.Ts.Seconds)
if err != nil {
return nil, err
}
defer rows.Close()
var certs []*pb.TCert
var kdfKey []byte
for rows.Next() {
var raw []byte
if err = rows.Scan(&raw, &kdfKey); err != nil {
return nil, err
}
// TODO: TCert must include attribute keys, we need to save them in the db when generating the batch of TCerts
certs = append(certs, &pb.TCert{raw, make(map[string][]byte)})
}
if err = rows.Err(); err != nil {
return nil, err
}
return &pb.CertSet{in.Ts, in.Id, kdfKey, certs}, nil
}示例4: persistCertificate
func (ca *CA) persistCertificate(id string, timestamp int64, usage x509.KeyUsage, certRaw []byte, kdfKey []byte) error {
hash := primitives.NewHash()
hash.Write(certRaw)
var err error
if _, err = ca.db.Exec("INSERT INTO Certificates (id, timestamp, usage, cert, hash, kdfkey) VALUES (?, ?, ?, ?, ?, ?)", id, timestamp, usage, certRaw, hash.Sum(nil), kdfKey); err != nil {
Error.Println(err)
}
return err
}示例5: ReadUserSet
// ReadUserSet returns a list of users matching the parameters set in the read request.
//
func (ecaa *ECAA) ReadUserSet(ctx context.Context, in *pb.ReadUserSetReq) (*pb.UserSet, error) {
Trace.Println("gRPC ECAA:ReadUserSet")
req := in.Req.Id
if ecaa.eca.readRole(req)&int(pb.Role_AUDITOR) == 0 {
return nil, errors.New("Access denied.")
}
raw, err := ecaa.eca.readCertificate(req, x509.KeyUsageDigitalSignature)
if err != nil {
return nil, err
}
cert, err := x509.ParseCertificate(raw)
if err != nil {
return nil, err
}
sig := in.Sig
in.Sig = nil
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(cert.PublicKey.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
return nil, errors.New("Signature verification failed.")
}
rows, err := ecaa.eca.readUsers(int(in.Role))
if err != nil {
return nil, err
}
defer rows.Close()
var users []*pb.User
if err == nil {
for rows.Next() {
var id string
var role int
err = rows.Scan(&id, &role)
users = append(users, &pb.User{&pb.Identity{Id: id}, pb.Role(role)})
}
err = rows.Err()
}
return &pb.UserSet{users}, err
}示例6: checkRegistrarSignature
func (ecaa *ECAA) checkRegistrarSignature(in *pb.RegisterUserReq) error {
Trace.Println("ECAA.checkRegistrarSignature")
// If no registrar was specified
if in.Registrar == nil || in.Registrar.Id == nil || in.Registrar.Id.Id == "" {
Trace.Println("gRPC ECAA:checkRegistrarSignature: no registrar was specified")
return errors.New("no registrar was specified")
}
// Get the raw cert for the registrar
registrar := in.Registrar.Id.Id
raw, err := ecaa.eca.readCertificateByKeyUsage(registrar, x509.KeyUsageDigitalSignature)
if err != nil {
return err
}
// Parse the cert
cert, err := x509.ParseCertificate(raw)
if err != nil {
return err
}
// Remove the signature
sig := in.Sig
in.Sig = nil
// Marshall the raw bytes
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
// Check the signature
if ecdsa.Verify(cert.PublicKey.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
// Signature verification failure
Trace.Printf("ECAA.checkRegistrarSignature: failure for %s\n", registrar)
return errors.New("Signature verification failed.")
}
// Signature verification was successful
Trace.Printf("ECAA.checkRegistrarSignature: success for %s\n", registrar)
return nil
}示例7: createCertificateFromSpec
func (ca *CA) createCertificateFromSpec(spec *CertificateSpec, timestamp int64, kdfKey []byte) ([]byte, error) {
Trace.Println("Creating certificate for " + spec.GetId() + ".")
raw, err := ca.newCertificateFromSpec(spec)
if err != nil {
Error.Println(err)
return nil, err
}
hash := primitives.NewHash()
hash.Write(raw)
if _, err = ca.db.Exec("INSERT INTO Certificates (id, timestamp, usage, cert, hash, kdfkey) VALUES (?, ?, ?, ?, ?, ?)", spec.GetId(), timestamp, spec.GetUsage(), raw, hash.Sum(nil), kdfKey); err != nil {
Error.Println(err)
}
return raw, err
}示例8: FetchAttributes
// FetchAttributes fetchs the attributes from the outside world and populate them into the database.
func (acap *ACAP) FetchAttributes(ctx context.Context, in *pb.ACAFetchAttrReq) (*pb.ACAFetchAttrResp, error) {
Trace.Println("grpc ACAP:FetchAttributes")
if in.Ts == nil || in.ECert == nil || in.Signature == nil {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE, Msg: "Bad request"}, nil
}
cert, err := acap.aca.getECACertificate()
if err != nil {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE}, errors.New("Error getting ECA certificate.")
}
ecaPub := cert.PublicKey.(*ecdsa.PublicKey)
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(in.Signature.R)
s.UnmarshalText(in.Signature.S)
in.Signature = nil
hash := primitives.NewHash()
raw, _ := proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(ecaPub, hash.Sum(nil), r, s) == false {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE, Msg: "Signature does not verify"}, nil
}
cert, err = x509.ParseCertificate(in.ECert.Cert)
if err != nil {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE}, err
}
var id, affiliation string
id, _, affiliation, err = acap.aca.parseEnrollID(cert.Subject.CommonName)
if err != nil {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE}, err
}
err = acap.aca.fetchAndPopulateAttributes(id, affiliation)
if err != nil {
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_FAILURE}, err
}
return &pb.ACAFetchAttrResp{Status: pb.ACAFetchAttrResp_SUCCESS}, nil
}示例9: registerUser
func registerUser(registrar User, user *User) error {
ecaa := &ECAA{eca}
//create req
req := &pb.RegisterUserReq{
Id: &pb.Identity{Id: user.enrollID},
Role: pb.Role(user.role),
Account: user.affiliation,
Affiliation: user.affiliationRole,
Registrar: &pb.Registrar{
Id: &pb.Identity{Id: registrar.enrollID},
Roles: user.registrarRoles,
DelegateRoles: user.registrarDelegateRoles,
},
Sig: nil}
//sign the req
hash := primitives.NewHash()
raw, _ := proto.Marshal(req)
hash.Write(raw)
r, s, err := ecdsa.Sign(rand.Reader, registrar.enrollPrivKey, hash.Sum(nil))
if err != nil {
msg := "Failed to register user. Error (ECDSA) signing request: " + err.Error()
return errors.New(msg)
}
R, _ := r.MarshalText()
S, _ := s.MarshalText()
req.Sig = &pb.Signature{Type: pb.CryptoType_ECDSA, R: R, S: S}
token, err := ecaa.RegisterUser(context.Background(), req)
if err != nil {
return err
}
if token == nil {
return errors.New("Failed to obtain token")
}
//need the token for later tests
user.enrollPwd = token.Tok
return nil
}示例10: ReadCertificate
// ReadCertificate reads a transaction certificate from the TCA.
func (tcap *TCAP) ReadCertificate(ctx context.Context, in *pb.TCertReadReq) (*pb.Cert, error) {
Trace.Println("grpc TCAP:ReadCertificate")
req := in.Req.Id
id := in.Id.Id
if req != id && tcap.tca.eca.readRole(req)&(int(pb.Role_VALIDATOR)|int(pb.Role_AUDITOR)) == 0 {
return nil, errors.New("access denied")
}
raw, err := tcap.tca.eca.readCertificate(req, x509.KeyUsageDigitalSignature)
if err != nil {
return nil, err
}
cert, err := x509.ParseCertificate(raw)
if err != nil {
return nil, err
}
sig := in.Sig
in.Sig = nil
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(cert.PublicKey.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
return nil, errors.New("signature does not verify")
}
if in.Ts.Seconds != 0 {
raw, err = tcap.tca.readCertificate1(id, in.Ts.Seconds)
} else {
raw, err = tcap.tca.readCertificateByHash(in.Hash.Hash)
}
if err != nil {
return nil, err
}
return &pb.Cert{raw}, nil
}示例11: TestReadUserSet
func TestReadUserSet(t *testing.T) {
//enroll Auditor
err := enrollUser(&testAuditor)
if err != nil {
t.Errorf("Failed to read user set: [%s]", err.Error())
}
ecaa := &ECAA{eca}
req := &pb.ReadUserSetReq{
Req: &pb.Identity{Id: testAuditor.enrollID},
Role: 1,
Sig: nil}
//sign the req
hash := primitives.NewHash()
raw, _ := proto.Marshal(req)
hash.Write(raw)
r, s, err := ecdsa.Sign(rand.Reader, testAuditor.enrollPrivKey, hash.Sum(nil))
if err != nil {
t.Errorf("Failed signing [%s].", err.Error())
}
R, _ := r.MarshalText()
S, _ := s.MarshalText()
req.Sig = &pb.Signature{Type: pb.CryptoType_ECDSA, R: R, S: S}
resp, err := ecaa.ReadUserSet(context.Background(), req)
if err != nil {
t.Errorf("Failed to read user set: [%s]", err.Error())
}
t.Logf("number of users: [%d]", len(resp.Users))
}示例12: TestReadCertificateByHash
func TestReadCertificateByHash(t *testing.T) {
ecap := &ECAP{eca}
req := &pb.ECertReadReq{Id: &pb.Identity{Id: testUser.enrollID}}
cert, err := ecap.ReadCertificatePair(context.Background(), req)
if err != nil {
t.Fatalf("Failed to read certificate pair: [%s]", err.Error())
}
hash := primitives.NewHash()
raw, _ := proto.Marshal(cert)
hash.Write(raw)
hashReq := &pb.Hash{Hash: hash.Sum(nil)}
certByHash, _ := ecap.ReadCertificateByHash(context.Background(), hashReq)
if certByHash == nil {
t.Error("A. ")
}
}示例13: getEnrollmentCertificateFromECA
func (node *nodeImpl) getEnrollmentCertificateFromECA(id, pw string) (interface{}, []byte, []byte, error) {
// Get a new ECA Client
sock, ecaP, err := node.getECAClient()
defer sock.Close()
// Run the protocol
signPriv, err := primitives.NewECDSAKey()
if err != nil {
node.Errorf("Failed generating ECDSA key [%s].", err.Error())
return nil, nil, nil, err
}
signPub, err := x509.MarshalPKIXPublicKey(&signPriv.PublicKey)
if err != nil {
node.Errorf("Failed mashalling ECDSA key [%s].", err.Error())
return nil, nil, nil, err
}
encPriv, err := primitives.NewECDSAKey()
if err != nil {
node.Errorf("Failed generating Encryption key [%s].", err.Error())
return nil, nil, nil, err
}
encPub, err := x509.MarshalPKIXPublicKey(&encPriv.PublicKey)
if err != nil {
node.Errorf("Failed marshalling Encryption key [%s].", err.Error())
return nil, nil, nil, err
}
req := &membersrvc.ECertCreateReq{
Ts: ×tamp.Timestamp{Seconds: time.Now().Unix(), Nanos: 0},
Id: &membersrvc.Identity{Id: id},
Tok: &membersrvc.Token{Tok: []byte(pw)},
Sign: &membersrvc.PublicKey{Type: membersrvc.CryptoType_ECDSA, Key: signPub},
Enc: &membersrvc.PublicKey{Type: membersrvc.CryptoType_ECDSA, Key: encPub},
Sig: nil}
resp, err := ecaP.CreateCertificatePair(context.Background(), req)
if err != nil {
node.Errorf("Failed invoking CreateCertficatePair [%s].", err.Error())
return nil, nil, nil, err
}
if resp.FetchResult != nil && resp.FetchResult.Status != membersrvc.FetchAttrsResult_SUCCESS {
node.Warning(resp.FetchResult.Msg)
}
//out, err := rsa.DecryptPKCS1v15(rand.Reader, encPriv, resp.Tok.Tok)
spi := ecies.NewSPI()
eciesKey, err := spi.NewPrivateKey(nil, encPriv)
if err != nil {
node.Errorf("Failed parsing decrypting key [%s].", err.Error())
return nil, nil, nil, err
}
ecies, err := spi.NewAsymmetricCipherFromPublicKey(eciesKey)
if err != nil {
node.Errorf("Failed creating asymmetrinc cipher [%s].", err.Error())
return nil, nil, nil, err
}
out, err := ecies.Process(resp.Tok.Tok)
if err != nil {
node.Errorf("Failed decrypting toke [%s].", err.Error())
return nil, nil, nil, err
}
req.Tok.Tok = out
req.Sig = nil
hash := primitives.NewHash()
raw, _ := proto.Marshal(req)
hash.Write(raw)
r, s, err := ecdsa.Sign(rand.Reader, signPriv, hash.Sum(nil))
if err != nil {
node.Errorf("Failed signing [%s].", err.Error())
return nil, nil, nil, err
}
R, _ := r.MarshalText()
S, _ := s.MarshalText()
req.Sig = &membersrvc.Signature{Type: membersrvc.CryptoType_ECDSA, R: R, S: S}
resp, err = ecaP.CreateCertificatePair(context.Background(), req)
if err != nil {
node.Errorf("Failed invoking CreateCertificatePair [%s].", err.Error())
return nil, nil, nil, err
}
// Verify response
//.........這裏部分代碼省略.........
示例14: ReadCertificateSets
// ReadCertificateSets returns all certificates matching the filter criteria of the request.
func (tcaa *TCAA) ReadCertificateSets(ctx context.Context, in *pb.TCertReadSetsReq) (*pb.CertSets, error) {
Trace.Println("grpc TCAA:ReadCertificateSets")
req := in.Req.Id
if tcaa.tca.eca.readRole(req)&int(pb.Role_AUDITOR) == 0 {
return nil, errors.New("access denied")
}
raw, err := tcaa.tca.eca.readCertificate(req, x509.KeyUsageDigitalSignature)
if err != nil {
return nil, err
}
cert, err := x509.ParseCertificate(raw)
if err != nil {
return nil, err
}
sig := in.Sig
in.Sig = nil
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(sig.R)
s.UnmarshalText(sig.S)
hash := primitives.NewHash()
raw, _ = proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(cert.PublicKey.(*ecdsa.PublicKey), hash.Sum(nil), r, s) == false {
return nil, errors.New("signature does not verify")
}
users, err := tcaa.tca.eca.readUsers(int(in.Role))
if err != nil {
return nil, err
}
defer users.Close()
begin := int64(0)
end := int64(math.MaxInt64)
if in.Begin != nil {
begin = in.Begin.Seconds
}
if in.End != nil {
end = in.End.Seconds
}
var sets []*pb.CertSet
for users.Next() {
var id string
var role int
if err = users.Scan(&id, &role); err != nil {
return nil, err
}
rows, err := tcaa.tca.eca.readCertificateSets(id, begin, end)
if err != nil {
return nil, err
}
defer rows.Close()
var certs []*pb.TCert
var kdfKey []byte
var timestamp int64
timestamp = 0
for rows.Next() {
var cert []byte
var ts int64
if err = rows.Scan(&cert, &kdfKey, &ts); err != nil {
return nil, err
}
if ts != timestamp {
sets = append(sets, &pb.CertSet{&protobuf.Timestamp{Seconds: timestamp, Nanos: 0}, &pb.Identity{id}, kdfKey, certs})
timestamp = ts
certs = nil
}
// TODO: TCert must include attribute keys, we need to save them in the db when generating the batch of TCerts
certs = append(certs, &pb.TCert{cert, make(map[string][]byte)})
}
if err = rows.Err(); err != nil {
return nil, err
}
sets = append(sets, &pb.CertSet{&protobuf.Timestamp{Seconds: timestamp, Nanos: 0}, &pb.Identity{id}, kdfKey, certs})
}
if err = users.Err(); err != nil {
return nil, err
}
return &pb.CertSets{sets}, nil
}示例15: RequestAttributes
// RequestAttributes lookups the atributes in the database and return a certificate with attributes included in the request and found in the database.
func (acap *ACAP) RequestAttributes(ctx context.Context, in *pb.ACAAttrReq) (*pb.ACAAttrResp, error) {
Trace.Println("grpc ACAP:RequestAttributes")
fail := pb.ACAAttrResp_FULL_SUCCESSFUL // else explicit which-param-failed error
if nil == in.Ts {
fail = pb.ACAAttrResp_FAIL_NIL_TS
} else if nil == in.Id {
fail = pb.ACAAttrResp_FAIL_NIL_ID
} else if nil == in.ECert {
fail = pb.ACAAttrResp_FAIL_NIL_ECERT
} else if nil == in.Signature {
fail = pb.ACAAttrResp_FAIL_NIL_SIGNATURE
}
if pb.ACAAttrResp_FULL_SUCCESSFUL != fail {
return acap.createRequestAttributeResponse(fail, nil), nil
}
if in.Attributes == nil {
in.Attributes = []*pb.TCertAttribute{}
}
attrs := make(map[string]bool)
for _, attrPair := range in.Attributes {
if attrs[attrPair.AttributeName] {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_BAD_REQUEST, nil), nil
}
attrs[attrPair.AttributeName] = true
}
cert, err := acap.aca.getTCACertificate()
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), errors.New("Error getting TCA certificate.")
}
tcaPub := cert.PublicKey.(*ecdsa.PublicKey)
r, s := big.NewInt(0), big.NewInt(0)
r.UnmarshalText(in.Signature.R)
s.UnmarshalText(in.Signature.S)
in.Signature = nil
hash := primitives.NewHash()
raw, _ := proto.Marshal(in)
hash.Write(raw)
if ecdsa.Verify(tcaPub, hash.Sum(nil), r, s) == false {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), errors.New("Signature does not verify")
}
cert, err = x509.ParseCertificate(in.ECert.Cert)
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), err
}
var id, affiliation string
id, _, affiliation, err = acap.aca.parseEnrollID(cert.Subject.CommonName)
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), err
}
//Before continue with the request we perform a refresh of the attributes.
err = acap.aca.fetchAndPopulateAttributes(id, affiliation)
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), err
}
var verifyCounter int
var attributes = make([]AttributePair, 0)
owner := &AttributeOwner{id, affiliation}
for _, attrPair := range in.Attributes {
verifiedPair, _ := acap.aca.findAttribute(owner, attrPair.AttributeName)
if verifiedPair != nil {
verifyCounter++
attributes = append(attributes, *verifiedPair)
}
}
var extensions = make([]pkix.Extension, 0)
extensions, err = acap.addAttributesToExtensions(&attributes, extensions)
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), err
}
spec := NewDefaultCertificateSpec(id, cert.PublicKey, cert.KeyUsage, extensions...)
raw, err = acap.aca.newCertificateFromSpec(spec)
if err != nil {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FAILURE, nil), err
}
if verifyCounter == 0 {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_NO_ATTRIBUTES_FOUND, &pb.Cert{Cert: raw}), nil
}
count := len(in.Attributes)
if count == verifyCounter {
return acap.createRequestAttributeResponse(pb.ACAAttrResp_FULL_SUCCESSFUL, &pb.Cert{Cert: raw}), nil
}
return acap.createRequestAttributeResponse(pb.ACAAttrResp_PARTIAL_SUCCESSFUL, &pb.Cert{Cert: raw}), nil
}