From 31c2122d6b14ff0de534dbba2579df9b07d225ac Mon Sep 17 00:00:00 2001 From: Roland Groen Date: Mon, 14 Oct 2024 15:09:51 +0200 Subject: [PATCH] Remove unused interfaces and simplify parser usage Eliminated UraIssuer and ChainParser interfaces and related mocks. Refactored code to call parsing functions directly, reducing complexity and improving readability. --- main.go | 7 +------ uzi_vc_issuer/ura_issuer.go | 29 ++++++----------------------- uzi_vc_issuer/ura_issuer_test.go | 7 +------ x509_cert/x509_cert.go | 21 ++------------------- x509_cert/x509_cert_test.go | 7 ++----- 5 files changed, 12 insertions(+), 59 deletions(-) diff --git a/main.go b/main.go index 6aa8e0a..691afdf 100644 --- a/main.go +++ b/main.go @@ -3,9 +3,7 @@ package main import ( "fmt" "github.com/alecthomas/kong" - "headease-nuts-pki-overheid-issuer/did_x509" "headease-nuts-pki-overheid-issuer/uzi_vc_issuer" - "headease-nuts-pki-overheid-issuer/x509_cert" "os" ) @@ -41,8 +39,5 @@ func main() { } func issueVc(vc VC) (string, error) { - didCreator := did_x509.NewDidCreator() - chainParser := x509_cert.NewDefaultChainParser() - issuer := uzi_vc_issuer.NewUraVcBuilder(didCreator, chainParser) - return issuer.Issue(vc.CertificateFile, vc.SigningKey, vc.SubjectDID, vc.Test) + return uzi_vc_issuer.Issue(vc.CertificateFile, vc.SigningKey, vc.SubjectDID, vc.Test) } diff --git a/uzi_vc_issuer/ura_issuer.go b/uzi_vc_issuer/ura_issuer.go index c3d32bf..a3219ef 100644 --- a/uzi_vc_issuer/ura_issuer.go +++ b/uzi_vc_issuer/ura_issuer.go @@ -26,32 +26,15 @@ import ( ) import "github.com/nuts-foundation/go-did/vc" -type UraIssuer interface { - - // Issue generates a digital certificate from the given certificate file and signing key file for the subject. - Issue(certificateFile string, signingKeyFile string, subjectDID string, subjectName string) (string, error) -} - var RegexOtherNameValue = regexp.MustCompile(`2\.16\.528\.1\.1007.\d+\.\d+-\d+-\d+-S-(\d+)-00\.000-\d+`) -// DefaultUraIssuer is responsible for building URA (UZI-register abonneenummer) Verifiable Credentials. -// It utilizes a DidCreator to generate Decentralized Identifiers (DIDs) given a chain of x509 certificates. -type DefaultUraIssuer struct { - chainParser x509_cert.ChainParser -} - -// NewUraVcBuilder initializes and returns a new instance of DefaultUraIssuer with the provided DidCreator. -func NewUraVcBuilder(chainParser x509_cert.ChainParser) *DefaultUraIssuer { - return &DefaultUraIssuer{chainParser} -} - // Issue generates a URA Verifiable Credential using provided certificate, signing key, subject DID, and subject name. -func (u DefaultUraIssuer) Issue(certificateFile string, signingKeyFile string, subjectDID string, test bool) (string, error) { +func Issue(certificateFile string, signingKeyFile string, subjectDID string, test bool) (string, error) { certificate, err := pem2.ParseFileOrPath(certificateFile, "CERTIFICATE") if err != nil { return "", err } - _certificates, err := u.chainParser.ParseCertificates(certificate) + _certificates, err := x509_cert.ParseCertificates(certificate) if err != nil { return "", err } @@ -83,17 +66,17 @@ func (u DefaultUraIssuer) Issue(certificateFile string, signingKeyFile string, s err := fmt.Errorf("no signing keys found") return "", err } - privateKey, err := u.chainParser.ParsePrivateKey(signingKey) + privateKey, err := x509_cert.ParsePrivateKey(signingKey) if err != nil { return "", err } - certChain, err := u.chainParser.ParseCertificates(chain) + certChain, err := x509_cert.ParseCertificates(chain) if err != nil { return "", err } - credential, err := u.BuildUraVerifiableCredential(certChain, privateKey, subjectDID) + credential, err := BuildUraVerifiableCredential(certChain, privateKey, subjectDID) if err != nil { return "", err } @@ -113,7 +96,7 @@ func (u DefaultUraIssuer) Issue(certificateFile string, signingKeyFile string, s } // BuildUraVerifiableCredential constructs a verifiable credential with specified certificates, signing key, subject DID. -func (v DefaultUraIssuer) BuildUraVerifiableCredential(certificates *[]x509.Certificate, signingKey *rsa.PrivateKey, subjectDID string) (*vc.VerifiableCredential, error) { +func BuildUraVerifiableCredential(certificates *[]x509.Certificate, signingKey *rsa.PrivateKey, subjectDID string) (*vc.VerifiableCredential, error) { signingCert, otherNameValue, err := x509_cert.FindSigningCertificate(certificates) if err != nil { return nil, err diff --git a/uzi_vc_issuer/ura_issuer_test.go b/uzi_vc_issuer/ura_issuer_test.go index cdc6986..b213054 100644 --- a/uzi_vc_issuer/ura_issuer_test.go +++ b/uzi_vc_issuer/ura_issuer_test.go @@ -4,15 +4,12 @@ import ( "crypto/rand" "crypto/rsa" "crypto/x509" - "go.uber.org/mock/gomock" - "headease-nuts-pki-overheid-issuer/x509_cert" "math/big" "testing" "time" ) func TestBuildUraVerifiableCredential(t *testing.T) { - ctrl := gomock.NewController(t) privKey, _ := rsa.GenerateKey(rand.Reader, 2048) template := x509.Certificate{ @@ -39,13 +36,11 @@ func TestBuildUraVerifiableCredential(t *testing.T) { }, }, } - parser := x509_cert.NewMockChainParser(ctrl) - builder := NewUraVcBuilder(parser) for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { certificates, signingKey, subjectDID := tt.in() - _, err := builder.BuildUraVerifiableCredential(certificates, signingKey, subjectDID) + _, err := BuildUraVerifiableCredential(certificates, signingKey, subjectDID) if got := tt.want(err); !got { t.Errorf("BuildUraVerifiableCredential() error = %v", err) } diff --git a/x509_cert/x509_cert.go b/x509_cert/x509_cert.go index 8721604..7b61ba4 100644 --- a/x509_cert/x509_cert.go +++ b/x509_cert/x509_cert.go @@ -42,26 +42,9 @@ func Hash(data []byte, alg string) ([]byte, error) { return nil, fmt.Errorf("unsupported hash algorithm: %s", alg) } -type ChainParser interface { - - // ParseCertificates parses a chain of DER-encoded certificates into an array of x509.Certificate objects. - ParseCertificates(derChain *[][]byte) (*[]x509.Certificate, error) - - // ParsePrivateKey parses a DER-encoded byte slice into an rsa.PrivateKey object, returning an error if parsing fails. - ParsePrivateKey(der *[]byte) (*rsa.PrivateKey, error) -} - -// DefaultChainParser handles the parsing of certificate chains and private keys. -type DefaultChainParser struct{} - -// NewDefaultChainParser creates a new instance of DefaultChainParser. -func NewDefaultChainParser() *DefaultChainParser { - return &DefaultChainParser{} -} - // ParseCertificates parses a slice of DER-encoded byte arrays into a slice of x509.Certificate. // It returns an error if any of the certificates cannot be parsed. -func (c DefaultChainParser) ParseCertificates(derChain *[][]byte) (*[]x509.Certificate, error) { +func ParseCertificates(derChain *[][]byte) (*[]x509.Certificate, error) { if derChain == nil { return nil, fmt.Errorf("derChain is nil") } @@ -80,7 +63,7 @@ func (c DefaultChainParser) ParseCertificates(derChain *[][]byte) (*[]x509.Certi // ParsePrivateKey parses a DER-encoded private key into an *rsa.PrivateKey. // It returns an error if the key is not in PKCS8 format or not an RSA key. -func (c DefaultChainParser) ParsePrivateKey(der *[]byte) (*rsa.PrivateKey, error) { +func ParsePrivateKey(der *[]byte) (*rsa.PrivateKey, error) { if der == nil { return nil, fmt.Errorf("der is nil") } diff --git a/x509_cert/x509_cert_test.go b/x509_cert/x509_cert_test.go index 5e94e90..9686127 100644 --- a/x509_cert/x509_cert_test.go +++ b/x509_cert/x509_cert_test.go @@ -74,8 +74,6 @@ func TestHash(t *testing.T) { } } func TestParseChain(t *testing.T) { - parser := NewDefaultChainParser() - _, chainPem, _, _, _, err := BuildCertChain("9907878") assert.NoError(t, err) derChains := make([][]byte, chainPem.Len()) @@ -109,7 +107,7 @@ func TestParseChain(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - _, err := parser.ParseCertificates(tc.derChain) + _, err := ParseCertificates(tc.derChain) if err != nil { if err.Error() != tc.errMsg { t.Errorf("got error %v, want %v", err, tc.errMsg) @@ -120,7 +118,6 @@ func TestParseChain(t *testing.T) { } func TestParsePrivateKey(t *testing.T) { - parser := NewDefaultChainParser() _, _, _, privateKey, _, err := BuildCertChain("9907878") assert.NoError(t, err) privateKeyBytes, err := x509.MarshalPKCS8PrivateKey(privateKey) @@ -150,7 +147,7 @@ func TestParsePrivateKey(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - _, err := parser.ParsePrivateKey(tc.der) + _, err := ParsePrivateKey(tc.der) if err != nil { if err.Error() != tc.errMsg { t.Errorf("got error %v, want %v", err, tc.errMsg)