add cert test, change receiver to pointer

Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>

cmd/provision/main.go

@@ -112,6 +112,7 @@ func main() {
 		TLSVerification:   cfg.Server.TLS,
 	}
 	SDK := mfSDK.NewSDK(SDKCfg)
+	SDK.LoadCertificates(SDKCfg)
 
 	svc := provision.New(cfg, SDK, logger)
 	svc = api.NewLoggingMiddleware(svc, logger)

pkg/sdk/go/README.md

@@ -58,25 +58,25 @@ func (sdk *MfxSDK) DeleteThing(id, token string) error
 func (sdk *MfxSDK) DisconnectThing(thingID, chanID, token string) error
     DisconnectThing - connect thing to a channel
 
-func (sdk mfSDK) SendMessage(chanID, msg, token string) error
+func (sdk *mfSDK) SendMessage(chanID, msg, token string) error
     SendMessage - send message on Mainflux channel
 
-func (sdk mfSDK) SetContentType(ct ContentType) error
+func (sdk *mfSDK) SetContentType(ct ContentType) error
     SetContentType - set message content type. Available options are SenML
     JSON, custom JSON and custom binary (octet-stream).
 
-func (sdk mfSDK) Thing(id, token string) (Thing, error)
+func (sdk *mfSDK) Thing(id, token string) (Thing, error)
     Thing - gets thing by ID
 
-func (sdk mfSDK) Things(token string) ([]Thing, error)
+func (sdk *mfSDK) Things(token string) ([]Thing, error)
     Things - gets all things
 
-func (sdk mfSDK) UpdateChannel(channel Channel, token string) error
+func (sdk *mfSDK) UpdateChannel(channel Channel, token string) error
     UpdateChannel - update a channel
 
-func (sdk mfSDK) UpdateThing(thing Thing, token string) error
+func (sdk *mfSDK) UpdateThing(thing Thing, token string) error
     UpdateThing - updates thing by ID
 
-func (sdk mfSDK) Version() (string, error)
+func (sdk *mfSDK) Version() (string, error)
     Version - server health check
 ```

pkg/sdk/go/bootstrap.go

@@ -39,7 +39,7 @@ type BootstrapConfig struct {
 	State       int       `json:"state,omitempty"`
 }
 
-func (sdk mfSDK) AddBootstrap(token string, cfg BootstrapConfig) (string, error) {
+func (sdk *mfSDK) AddBootstrap(token string, cfg BootstrapConfig) (string, error) {
 	data, err := json.Marshal(cfg)
 	if err != nil {
 		return "", err
@@ -66,7 +66,7 @@ func (sdk mfSDK) AddBootstrap(token string, cfg BootstrapConfig) (string, error)
 	return id, nil
 }
 
-func (sdk mfSDK) Whitelist(token string, cfg BootstrapConfig) error {
+func (sdk *mfSDK) Whitelist(token string, cfg BootstrapConfig) error {
 	data, err := json.Marshal(BootstrapConfig{State: cfg.State})
 	if err != nil {
 		return errors.Wrap(ErrFailedWhitelist, err)
@@ -97,7 +97,7 @@ func (sdk mfSDK) Whitelist(token string, cfg BootstrapConfig) error {
 	return nil
 }
 
-func (sdk mfSDK) ViewBootstrap(token, id string) (BootstrapConfig, error) {
+func (sdk *mfSDK) ViewBootstrap(token, id string) (BootstrapConfig, error) {
 	endpoint := fmt.Sprintf("%s/%s", configsEndpoint, id)
 	url := createURL(sdk.bootstrapURL, sdk.bootstrapPrefix, endpoint)
 
@@ -129,7 +129,7 @@ func (sdk mfSDK) ViewBootstrap(token, id string) (BootstrapConfig, error) {
 	return bc, nil
 }
 
-func (sdk mfSDK) UpdateBootstrap(token string, cfg BootstrapConfig) error {
+func (sdk *mfSDK) UpdateBootstrap(token string, cfg BootstrapConfig) error {
 	data, err := json.Marshal(cfg)
 	if err != nil {
 		return err
@@ -155,7 +155,7 @@ func (sdk mfSDK) UpdateBootstrap(token string, cfg BootstrapConfig) error {
 	return nil
 }
 
-func (sdk mfSDK) RemoveBootstrap(token, id string) error {
+func (sdk *mfSDK) RemoveBootstrap(token, id string) error {
 	endpoint := fmt.Sprintf("%s/%s", configsEndpoint, id)
 	url := createURL(sdk.bootstrapURL, sdk.bootstrapPrefix, endpoint)
 
@@ -176,7 +176,7 @@ func (sdk mfSDK) RemoveBootstrap(token, id string) error {
 	return nil
 }
 
-func (sdk mfSDK) Bootstrap(externalKey, externalID string) (BootstrapConfig, error) {
+func (sdk *mfSDK) Bootstrap(externalKey, externalID string) (BootstrapConfig, error) {
 	endpoint := fmt.Sprintf("%s/%s", bootstrapEndpoint, externalID)
 	url := createURL(sdk.bootstrapURL, sdk.bootstrapPrefix, endpoint)
 

pkg/sdk/go/certs.go

@@ -20,17 +20,19 @@ import (
 )
 
 var (
-	ErrCertsCreation = errors.New("failed to create certificate")
-
-	errFailedCertCreation     = errors.New("failed creating certificate")
-	errFailedDateSetting      = errors.New("failed setting date")
-	errFailedPemDataWrite     = errors.New("failed writing pem data")
-	errFailedPemKeyWrite      = errors.New("failed writing pem key data")
-	errFailedSerialGeneration = errors.New("failed generating certificates serial")
-	errFailedCertLoading      = errors.New("failed to load certificate")
-	errFailedCertDecode       = errors.New("failed to decode certificate")
-	errMissingCACertificate   = errors.New("missing CA")
-	errRsaBitsValueWrong      = errors.New("value for RSA bits must be > 0")
+	ErrCertsCreation     = errors.New("failed to create certificate")
+	ErrRsaBitsValueWrong = errors.New("value for RSA bits must be > 0")
+
+	errFailedCertCreation        = errors.New("failed creating certificate")
+	errFailedDateSetting         = errors.New("failed setting date")
+	errFailedPemDataWrite        = errors.New("failed writing pem data")
+	errFailedPemKeyWrite         = errors.New("failed writing pem key data")
+	errFailedSerialGeneration    = errors.New("failed generating certificates serial")
+	errFailedCertLoading         = errors.New("failed to load certificate")
+	errFailedCertDecode          = errors.New("failed to decode certificate")
+	errMissingCACertificate      = errors.New("missing CA")
+	errPrivateKeyEmpty           = errors.New("private key empty")
+	errPrivateKeyUnsupportedType = errors.New("private key unsupported type")
 )
 
 // Cert represents certs data.
@@ -40,7 +42,7 @@ type Cert struct {
 	ClientCert string `json:"client_cert,omitempty"`
 }
 
-func (sdk mfSDK) Cert(thingID, daysValid string, rsaBits int, token string) (Cert, error) {
+func (sdk *mfSDK) Cert(thingID, daysValid string, rsaBits int, token string) (Cert, error) {
 	var c Cert
 
 	// Check access rights
@@ -57,6 +59,7 @@ func (sdk mfSDK) Cert(thingID, daysValid string, rsaBits int, token string) (Cer
 		return Cert{}, err
 	}
 
+	// If certsURL == "" we don't use 3rd party PKI service.
 	if sdk.certsURL == "" {
 		c.ClientCert, c.ClientKey, err = sdk.certs(th.Key, daysValid, rsaBits)
 		if err != nil {
@@ -75,7 +78,6 @@ func (sdk mfSDK) Cert(thingID, daysValid string, rsaBits int, token string) (Cer
 	}
 	body, err := ioutil.ReadAll(res.Body)
 	if err != nil {
-		println(err.Error())
 		return Cert{}, err
 	}
 	if err := json.Unmarshal(body, &c); err != nil {
@@ -84,12 +86,12 @@ func (sdk mfSDK) Cert(thingID, daysValid string, rsaBits int, token string) (Cer
 	return c, nil
 }
 
-func (sdk mfSDK) certs(thingKey, daysValid string, rsaBits int) (string, string, error) {
+func (sdk *mfSDK) certs(thingKey, daysValid string, rsaBits int) (string, string, error) {
 	if sdk.certsCA == nil {
 		return "", "", errors.Wrap(errFailedCertCreation, errMissingCACertificate)
 	}
 	if rsaBits == 0 {
-		return "", "", errors.Wrap(errFailedCertCreation, errRsaBitsValueWrong)
+		return "", "", errors.Wrap(errFailedCertCreation, ErrRsaBitsValueWrong)
 	}
 	var priv interface{}
 	priv, err := rsa.GenerateKey(rand.Reader, rsaBits)
@@ -122,7 +124,11 @@ func (sdk mfSDK) certs(thingKey, daysValid string, rsaBits int) (string, string,
 		SubjectKeyId: []byte{1, 2, 3, 4, 6},
 	}
 
-	derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, sdk.certsCA, publicKey(priv), sdk.certsCert.PrivateKey)
+	pubKey, err := publicKey(priv)
+	if err != nil {
+		return "", "", errors.Wrap(errFailedCertCreation, err)
+	}
+	derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, sdk.certsCA, pubKey, sdk.certsCert.PrivateKey)
 	if err != nil {
 		return "", "", errors.Wrap(errFailedCertCreation, err)
 	}
@@ -150,14 +156,17 @@ func (sdk mfSDK) certs(thingKey, daysValid string, rsaBits int) (string, string,
 	return cert, key, nil
 }
 
-func publicKey(priv interface{}) interface{} {
+func publicKey(priv interface{}) (interface{}, error) {
+	if priv == nil {
+		return nil, errPrivateKeyEmpty
+	}
 	switch k := priv.(type) {
 	case *rsa.PrivateKey:
-		return &k.PublicKey
+		return &k.PublicKey, nil
 	case *ecdsa.PrivateKey:
-		return &k.PublicKey
+		return &k.PublicKey, nil
 	default:
-		return nil
+		return nil, errPrivateKeyUnsupportedType
 	}
 }
 
@@ -176,7 +185,7 @@ func pemBlockForKey(priv interface{}) (*pem.Block, error) {
 	}
 }
 
-func (sdk mfSDK) RemoveCert(id, token string) error {
+func (sdk *mfSDK) RemoveCert(id, token string) error {
 	res, err := request(http.MethodDelete, token, fmt.Sprintf("%s/%s", sdk.certsURL, id), nil)
 	if res != nil {
 		res.Body.Close()

pkg/sdk/go/channels.go

@@ -16,7 +16,7 @@ import (
 
 const channelsEndpoint = "channels"
 
-func (sdk mfSDK) CreateChannel(c Channel, token string) (string, error) {
+func (sdk *mfSDK) CreateChannel(c Channel, token string) (string, error) {
 	data, err := json.Marshal(c)
 	if err != nil {
 		return "", err
@@ -41,7 +41,7 @@ func (sdk mfSDK) CreateChannel(c Channel, token string) (string, error) {
 	return id, nil
 }
 
-func (sdk mfSDK) CreateChannels(chs []Channel, token string) ([]Channel, error) {
+func (sdk *mfSDK) CreateChannels(chs []Channel, token string) ([]Channel, error) {
 	data, err := json.Marshal(chs)
 	if err != nil {
 		return []Channel{}, err
@@ -78,7 +78,7 @@ func (sdk mfSDK) CreateChannels(chs []Channel, token string) ([]Channel, error)
 	return ccr.Channels, nil
 }
 
-func (sdk mfSDK) Channels(token string, offset, limit uint64, name string) (ChannelsPage, error) {
+func (sdk *mfSDK) Channels(token string, offset, limit uint64, name string) (ChannelsPage, error) {
 	endpoint := fmt.Sprintf("%s?offset=%d&limit=%d&name=%s", channelsEndpoint, offset, limit, name)
 	url := createURL(sdk.baseURL, sdk.thingsPrefix, endpoint)
 
@@ -110,7 +110,7 @@ func (sdk mfSDK) Channels(token string, offset, limit uint64, name string) (Chan
 	return cp, nil
 }
 
-func (sdk mfSDK) ChannelsByThing(token, thingID string, offset, limit uint64) (ChannelsPage, error) {
+func (sdk *mfSDK) ChannelsByThing(token, thingID string, offset, limit uint64) (ChannelsPage, error) {
 	endpoint := fmt.Sprintf("things/%s/channels?offset=%d&limit=%d", thingID, offset, limit)
 	url := createURL(sdk.baseURL, sdk.thingsPrefix, endpoint)
 
@@ -142,7 +142,7 @@ func (sdk mfSDK) ChannelsByThing(token, thingID string, offset, limit uint64) (C
 	return cp, nil
 }
 
-func (sdk mfSDK) Channel(id, token string) (Channel, error) {
+func (sdk *mfSDK) Channel(id, token string) (Channel, error) {
 	endpoint := fmt.Sprintf("%s/%s", channelsEndpoint, id)
 	url := createURL(sdk.baseURL, sdk.thingsPrefix, endpoint)
 
@@ -174,7 +174,7 @@ func (sdk mfSDK) Channel(id, token string) (Channel, error) {
 	return c, nil
 }
 
-func (sdk mfSDK) UpdateChannel(c Channel, token string) error {
+func (sdk *mfSDK) UpdateChannel(c Channel, token string) error {
 	data, err := json.Marshal(c)
 	if err != nil {
 		return err
@@ -200,7 +200,7 @@ func (sdk mfSDK) UpdateChannel(c Channel, token string) error {
 	return nil
 }
 
-func (sdk mfSDK) DeleteChannel(id, token string) error {
+func (sdk *mfSDK) DeleteChannel(id, token string) error {
 	endpoint := fmt.Sprintf("%s/%s", channelsEndpoint, id)
 	url := createURL(sdk.baseURL, sdk.thingsPrefix, endpoint)
 

pkg/sdk/go/message.go

@@ -13,7 +13,7 @@ import (
 	"github.com/mainflux/mainflux/pkg/errors"
 )
 
-func (sdk mfSDK) SendMessage(chanName, msg, token string) error {
+func (sdk *mfSDK) SendMessage(chanName, msg, token string) error {
 	chanNameParts := strings.SplitN(chanName, ".", 2)
 	chanID := chanNameParts[0]
 	subtopicPart := ""
@@ -41,7 +41,7 @@ func (sdk mfSDK) SendMessage(chanName, msg, token string) error {
 	return nil
 }
 
-func (sdk mfSDK) ReadMessages(chanName, token string) (MessagesPage, error) {
+func (sdk *mfSDK) ReadMessages(chanName, token string) (MessagesPage, error) {
 	chanNameParts := strings.SplitN(chanName, ".", 2)
 	chanID := chanNameParts[0]
 	subtopicPart := ""

pkg/sdk/go/sdk.go

@@ -211,6 +211,9 @@ type SDK interface {
 
 	// RemoveCert remove a certificate
 	RemoveCert(id, token string) error
+
+	// LoadCertificates loads certificates from file needed for things certificate generation.
+	LoadCertificates(conf Config) (tls.Certificate, *x509.Certificate, error)
 }
 
 type mfSDK struct {
@@ -260,11 +263,6 @@ type Config struct {
 // NewSDK returns new mainflux SDK instance.
 func NewSDK(conf Config) SDK {
 
-	tlsCert, x509Cert, _ := loadCertificates(conf)
-	// if err != nil {
-	// 	return err
-	// }
-
 	return &mfSDK{
 		baseURL:           conf.BaseURL,
 		readerURL:         conf.ReaderURL,
@@ -283,14 +281,13 @@ func NewSDK(conf Config) SDK {
 				},
 			},
 		},
-		certsCA:        x509Cert,
-		certsCert:      tlsCert,
+
 		certsDaysValid: conf.DaysValid,
 		certsRsaBits:   conf.RsaBits,
 	}
 }
 
-func loadCertificates(conf Config) (tls.Certificate, *x509.Certificate, error) {
+func (sdk *mfSDK) LoadCertificates(conf Config) (tls.Certificate, *x509.Certificate, error) {
 	var tlsCert tls.Certificate
 	var caCert *x509.Certificate
 
@@ -325,11 +322,12 @@ func loadCertificates(conf Config) (tls.Certificate, *x509.Certificate, error) {
 	if err != nil {
 		return tlsCert, caCert, errors.Wrap(errFailedCertDecode, err)
 	}
-
+	sdk.certsCA = caCert
+	sdk.certsCert = tlsCert
 	return tlsCert, caCert, nil
 }
 
-func (sdk mfSDK) sendRequest(req *http.Request, token, contentType string) (*http.Response, error) {
+func (sdk *mfSDK) sendRequest(req *http.Request, token, contentType string) (*http.Response, error) {
 	if token != "" {
 		req.Header.Set("Authorization", token)
 	}