rotateKeys rotates the keys of oldSTEK and returns the new distributedSTEK with updated keys and timestamps. It stores the returned STEK in storage, so this function must only be called in a storage-provided lock.
(oldSTEK distributedSTEK)
| 182 | // with updated keys and timestamps. It stores the returned STEK in storage, |
| 183 | // so this function must only be called in a storage-provided lock. |
| 184 | func (s *Provider) rotateKeys(oldSTEK distributedSTEK) (distributedSTEK, error) { |
| 185 | var newSTEK distributedSTEK |
| 186 | var err error |
| 187 | |
| 188 | newSTEK.Keys, err = s.stekConfig.RotateSTEKs(oldSTEK.Keys) |
| 189 | if err != nil { |
| 190 | return newSTEK, err |
| 191 | } |
| 192 | |
| 193 | now := time.Now() |
| 194 | newSTEK.LastRotation = now |
| 195 | newSTEK.NextRotation = now.Add(time.Duration(s.stekConfig.RotationInterval)) |
| 196 | |
| 197 | err = s.storeSTEK(newSTEK) |
| 198 | if err != nil { |
| 199 | return newSTEK, err |
| 200 | } |
| 201 | |
| 202 | return newSTEK, nil |
| 203 | } |
| 204 | |
| 205 | // rotate rotates keys on a regular basis, sending each updated set of |
| 206 | // keys down keysChan, until doneChan is closed. |
no test coverage detected