webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tka,types/key: implement NLPrivate glue for tailnet key authority keys

Browse Source 
Signed-off-by: Tom DNetto <tom@tailscale.com>
This commit is contained in:
Tom DNetto
2022-07-29 11:03:23 -07:00
committed by Tom
parent 7a74466998
commit 023d4e2216
11 changed files with 188 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tka/builder.go
+8 -3
View File
@@ -8,6 +8,11 @@ import (
"fmt"
)
// Types implementing Signer can sign update messages.
type Signer interface {
SignAUM(*AUM) error
}
// UpdateBuilder implements a builder for changes to the tailnet
// key authority.
//
@@ -15,7 +20,7 @@ import (
// must then be applied to all Authority objects using Inform().
type UpdateBuilder struct {
a *Authority
signer func(*AUM) error
signer Signer
state State
parent AUMHash
@@ -29,7 +34,7 @@ func (b *UpdateBuilder) mkUpdate(update AUM) error {
update.PrevAUMHash = prevHash
if b.signer != nil {
if err := b.signer(&update); err != nil {
if err := b.signer.SignAUM(&update); err != nil {
return fmt.Errorf("signing failed: %v", err)
}
}
@@ -101,7 +106,7 @@ func (b *UpdateBuilder) Finalize() ([]AUM, error) {
// Updates are specified by calling methods on the returned UpdatedBuilder.
// Call Finalize() when you are done to obtain the specific update messages
// which actuate the changes.
func (a *Authority) NewUpdater(signer func(*AUM) error) *UpdateBuilder {
func (a *Authority) NewUpdater(signer Signer) *UpdateBuilder {
return &UpdateBuilder{
a: a,
signer: signer,