From 001667bfe0df902e466c3953daaae35b9650124f Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 6 May 2019 19:21:37 -0600 Subject: [PATCH] tested with existing CSR --- app.js | 133 +++++++++++++++++++++++++----------------------- lib/acme.js | 6 +-- lib/csr.js | 2 +- lib/keypairs.js | 5 -- 4 files changed, 74 insertions(+), 72 deletions(-) diff --git a/app.js b/app.js index c861b5b..3ea96c5 100644 --- a/app.js +++ b/app.js @@ -122,6 +122,7 @@ $('.js-loading').hidden = false; var acme = ACME.create({ Keypairs: Keypairs + , CSR: CSR }); acme.init('https://acme-staging-v02.api.letsencrypt.org/directory').then(function (result) { console.log('acme result', result); @@ -137,7 +138,6 @@ accountStuff.privateJwk = privJwk; accountStuff.email = email; accountStuff.acme = acme; - $('.js-create-order').hidden = false; }).catch(function (err) { console.error("A bad thing happened:"); console.error(err); @@ -150,14 +150,24 @@ ev.preventDefault(); ev.stopPropagation(); var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g); - var privJwk = JSON.parse($('.js-jwk').innerText).private; - return CSR({ jwk: privJwk, domains: domains }).then(function (pem) { - // Verify with https://www.sslshopper.com/csr-decoder.html - console.log('CSR:'); - console.log(pem); + //var privJwk = JSON.parse($('.js-jwk').innerText).private; + return Keypairs.generate({ + kty: $('input[name="kty"]:checked').value + , namedCurve: $('input[name="ec-crv"]:checked').value + , modulusLength: $('input[name="rsa-len"]:checked').value + }).then(function (pair) { + console.log('domain keypair:', pair); + accountStuff.domainPrivateJwk = pair.private; + return CSR({ jwk: pair.private, domains: domains }).then(function (pem) { + // Verify with https://www.sslshopper.com/csr-decoder.html + accountStuff.csr = pem; + console.log('CSR:'); + console.log(pem); - console.log('CSR info:'); - console.log(CSR._info(pem)); + console.log('CSR info:'); + console.log(CSR._info(pem)); + $('.js-create-order').hidden = false; + }); }); }); @@ -169,64 +179,61 @@ var email = accountStuff.email; var acme = accountStuff.acme; - return Keypairs.generate({ - kty: $('input[name="kty"]:checked').value - , namedCurve: $('input[name="ec-crv"]:checked').value - , modulusLength: $('input[name="rsa-len"]:checked').value - }).then(function (pair) { - console.log('domain keypair:', pair); - var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g); - return acme.certificates.create({ - accountKeypair: { privateKeyJwk: privJwk } - , account: account - , domainKeypair: { privateKeyJwk: pair.private } - , email: email - , domains: domains - , agreeToTerms: checkTos - , challenges: { - 'dns-01': { - set: function (opts) { - console.info('dns-01 set challenge:'); - console.info('TXT', opts.dnsHost); - console.info(opts.dnsAuthorization); - return new Promise(function (resolve) { - while (!window.confirm("Did you set the challenge?")) {} - resolve(); - }); - } - , remove: function (opts) { - console.log('dns-01 remove challenge:'); - console.info('TXT', opts.dnsHost); - console.info(opts.dnsAuthorization); - return new Promise(function (resolve) { - while (!window.confirm("Did you delete the challenge?")) {} - resolve(); - }); - } + + var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g); + return acme.certificates.create({ + accountKeypair: { privateKeyJwk: privJwk } + , account: account + //, domainKeypair: { privateKeyJwk: accountStuff.domainPrivateJwk } + , csr: accountStuff.csr + , email: email + , domains: domains + , agreeToTerms: checkTos + , challenges: { + 'dns-01': { + set: function (opts) { + console.info('dns-01 set challenge:'); + console.info('TXT', opts.dnsHost); + console.info(opts.dnsAuthorization); + return new Promise(function (resolve) { + while (!window.confirm("Did you set the challenge?")) {} + resolve(); + }); } - , 'http-01': { - set: function (opts) { - console.info('http-01 set challenge:'); - console.info(opts.challengeUrl); - console.info(opts.keyAuthorization); - return new Promise(function (resolve) { - while (!window.confirm("Did you set the challenge?")) {} - resolve(); - }); - } - , remove: function (opts) { - console.log('http-01 remove challenge:'); - console.info(opts.challengeUrl); - console.info(opts.keyAuthorization); - return new Promise(function (resolve) { - while (!window.confirm("Did you delete the challenge?")) {} - resolve(); - }); - } + , remove: function (opts) { + console.log('dns-01 remove challenge:'); + console.info('TXT', opts.dnsHost); + console.info(opts.dnsAuthorization); + return new Promise(function (resolve) { + while (!window.confirm("Did you delete the challenge?")) {} + resolve(); + }); } } - , challengeTypes: [$('input[name="acme-challenge-type"]:checked').value] - }); + , 'http-01': { + set: function (opts) { + console.info('http-01 set challenge:'); + console.info(opts.challengeUrl); + console.info(opts.keyAuthorization); + return new Promise(function (resolve) { + while (!window.confirm("Did you set the challenge?")) {} + resolve(); + }); + } + , remove: function (opts) { + console.log('http-01 remove challenge:'); + console.info(opts.challengeUrl); + console.info(opts.keyAuthorization); + return new Promise(function (resolve) { + while (!window.confirm("Did you delete the challenge?")) {} + resolve(); + }); + } + } + } + , challengeTypes: [$('input[name="acme-challenge-type"]:checked').value] + }).catch(function (err) { + window.alert("failed! " + err.message || JSON.stringify(err)); }); }); diff --git a/lib/acme.js b/lib/acme.js index b48f2c9..a5f95d9 100644 --- a/lib/acme.js +++ b/lib/acme.js @@ -848,10 +848,10 @@ ACME.create = function create(me) { if (!me) { me = {}; } // me.debug = true; me.challengePrefixes = ACME.challengePrefixes; - me.Keypairs = me.Keypairs || me.RSA || require('rsa-compat').RSA; - me.CSR = me.CSR || require('CSR').CSR; + me.Keypairs = me.Keypairs || exports.Keypairs || require('keypairs').Keypairs; + me.CSR = me.CSR || exports.cSR || require('CSR').CSR; me._nonces = []; - me._canCheck = {}; + me._canUse = {}; if (!me._baseUrl) { me._baseUrl = ""; } diff --git a/lib/csr.js b/lib/csr.js index 4f6d61b..12834e0 100644 --- a/lib/csr.js +++ b/lib/csr.js @@ -238,7 +238,7 @@ CSR._info = function (der) { // TODO utf8 return Enc.bufToBin(name.value); }); - }); + })[0]; })[0]; return { diff --git a/lib/keypairs.js b/lib/keypairs.js index f81bc14..932bc65 100644 --- a/lib/keypairs.js +++ b/lib/keypairs.js @@ -186,10 +186,6 @@ Keypairs.signJws = function (opts) { , signature: Enc.bufToUrlBase64(buf) }; - console.log('Signed Base64 Msg:'); - console.log(JSON.stringify(signedMsg, null, 2)); - - console.log('msg:', msg); return signedMsg; }); } @@ -263,7 +259,6 @@ Keypairs._import = function (opts) { opts.jwk.ext = true; opts.jwk.key_ops = ops; - console.log('jwk', opts.jwk); return window.crypto.subtle.importKey( "jwk" , opts.jwk