WIP Building out all features necessary for Let's Encrypt #6

Closed
coolaj86 wants to merge 17 commits from more-acme into master
4 changed files with 74 additions and 72 deletions
Showing only changes of commit 001667bfe0 - Show all commits

133
app.js
View File

@ -122,6 +122,7 @@
$('.js-loading').hidden = false; $('.js-loading').hidden = false;
var acme = ACME.create({ var acme = ACME.create({
Keypairs: Keypairs Keypairs: Keypairs
, CSR: CSR
}); });
acme.init('https://acme-staging-v02.api.letsencrypt.org/directory').then(function (result) { acme.init('https://acme-staging-v02.api.letsencrypt.org/directory').then(function (result) {
console.log('acme result', result); console.log('acme result', result);
@ -137,7 +138,6 @@
accountStuff.privateJwk = privJwk; accountStuff.privateJwk = privJwk;
accountStuff.email = email; accountStuff.email = email;
accountStuff.acme = acme; accountStuff.acme = acme;
$('.js-create-order').hidden = false;
}).catch(function (err) { }).catch(function (err) {
console.error("A bad thing happened:"); console.error("A bad thing happened:");
console.error(err); console.error(err);
@ -150,14 +150,24 @@
ev.preventDefault(); ev.preventDefault();
ev.stopPropagation(); ev.stopPropagation();
var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g); var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g);
var privJwk = JSON.parse($('.js-jwk').innerText).private; //var privJwk = JSON.parse($('.js-jwk').innerText).private;
return CSR({ jwk: privJwk, domains: domains }).then(function (pem) { return Keypairs.generate({
// Verify with https://www.sslshopper.com/csr-decoder.html kty: $('input[name="kty"]:checked').value
console.log('CSR:'); , namedCurve: $('input[name="ec-crv"]:checked').value
console.log(pem); , modulusLength: $('input[name="rsa-len"]:checked').value
}).then(function (pair) {
console.log('domain keypair:', pair);
accountStuff.domainPrivateJwk = pair.private;
return CSR({ jwk: pair.private, domains: domains }).then(function (pem) {
// Verify with https://www.sslshopper.com/csr-decoder.html
accountStuff.csr = pem;
console.log('CSR:');
console.log(pem);
console.log('CSR info:'); console.log('CSR info:');
console.log(CSR._info(pem)); console.log(CSR._info(pem));
$('.js-create-order').hidden = false;
});
}); });
}); });
@ -169,64 +179,61 @@
var email = accountStuff.email; var email = accountStuff.email;
var acme = accountStuff.acme; var acme = accountStuff.acme;
return Keypairs.generate({
kty: $('input[name="kty"]:checked').value var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g);
, namedCurve: $('input[name="ec-crv"]:checked').value return acme.certificates.create({
, modulusLength: $('input[name="rsa-len"]:checked').value accountKeypair: { privateKeyJwk: privJwk }
}).then(function (pair) { , account: account
console.log('domain keypair:', pair); //, domainKeypair: { privateKeyJwk: accountStuff.domainPrivateJwk }
var domains = ($('.js-domains').value||'example.com').split(/[, ]+/g); , csr: accountStuff.csr
return acme.certificates.create({ , email: email
accountKeypair: { privateKeyJwk: privJwk } , domains: domains
, account: account , agreeToTerms: checkTos
, domainKeypair: { privateKeyJwk: pair.private } , challenges: {
, email: email 'dns-01': {
, domains: domains set: function (opts) {
, agreeToTerms: checkTos console.info('dns-01 set challenge:');
, challenges: { console.info('TXT', opts.dnsHost);
'dns-01': { console.info(opts.dnsAuthorization);
set: function (opts) { return new Promise(function (resolve) {
console.info('dns-01 set challenge:'); while (!window.confirm("Did you set the challenge?")) {}
console.info('TXT', opts.dnsHost); resolve();
console.info(opts.dnsAuthorization); });
return new Promise(function (resolve) {
while (!window.confirm("Did you set the challenge?")) {}
resolve();
});
}
, remove: function (opts) {
console.log('dns-01 remove challenge:');
console.info('TXT', opts.dnsHost);
console.info(opts.dnsAuthorization);
return new Promise(function (resolve) {
while (!window.confirm("Did you delete the challenge?")) {}
resolve();
});
}
} }
, 'http-01': { , remove: function (opts) {
set: function (opts) { console.log('dns-01 remove challenge:');
console.info('http-01 set challenge:'); console.info('TXT', opts.dnsHost);
console.info(opts.challengeUrl); console.info(opts.dnsAuthorization);
console.info(opts.keyAuthorization); return new Promise(function (resolve) {
return new Promise(function (resolve) { while (!window.confirm("Did you delete the challenge?")) {}
while (!window.confirm("Did you set the challenge?")) {} resolve();
resolve(); });
});
}
, remove: function (opts) {
console.log('http-01 remove challenge:');
console.info(opts.challengeUrl);
console.info(opts.keyAuthorization);
return new Promise(function (resolve) {
while (!window.confirm("Did you delete the challenge?")) {}
resolve();
});
}
} }
} }
, challengeTypes: [$('input[name="acme-challenge-type"]:checked').value] , 'http-01': {
}); set: function (opts) {
console.info('http-01 set challenge:');
console.info(opts.challengeUrl);
console.info(opts.keyAuthorization);
return new Promise(function (resolve) {
while (!window.confirm("Did you set the challenge?")) {}
resolve();
});
}
, remove: function (opts) {
console.log('http-01 remove challenge:');
console.info(opts.challengeUrl);
console.info(opts.keyAuthorization);
return new Promise(function (resolve) {
while (!window.confirm("Did you delete the challenge?")) {}
resolve();
});
}
}
}
, challengeTypes: [$('input[name="acme-challenge-type"]:checked').value]
}).catch(function (err) {
window.alert("failed! " + err.message || JSON.stringify(err));
}); });
}); });

View File

@ -848,10 +848,10 @@ ACME.create = function create(me) {
if (!me) { me = {}; } if (!me) { me = {}; }
// me.debug = true; // me.debug = true;
me.challengePrefixes = ACME.challengePrefixes; me.challengePrefixes = ACME.challengePrefixes;
me.Keypairs = me.Keypairs || me.RSA || require('rsa-compat').RSA; me.Keypairs = me.Keypairs || exports.Keypairs || require('keypairs').Keypairs;
me.CSR = me.CSR || require('CSR').CSR; me.CSR = me.CSR || exports.cSR || require('CSR').CSR;
me._nonces = []; me._nonces = [];
me._canCheck = {}; me._canUse = {};
if (!me._baseUrl) { if (!me._baseUrl) {
me._baseUrl = ""; me._baseUrl = "";
} }

View File

@ -238,7 +238,7 @@ CSR._info = function (der) {
// TODO utf8 // TODO utf8
return Enc.bufToBin(name.value); return Enc.bufToBin(name.value);
}); });
}); })[0];
})[0]; })[0];
return { return {

View File

@ -186,10 +186,6 @@ Keypairs.signJws = function (opts) {
, signature: Enc.bufToUrlBase64(buf) , signature: Enc.bufToUrlBase64(buf)
}; };
console.log('Signed Base64 Msg:');
console.log(JSON.stringify(signedMsg, null, 2));
console.log('msg:', msg);
return signedMsg; return signedMsg;
}); });
} }
@ -263,7 +259,6 @@ Keypairs._import = function (opts) {
opts.jwk.ext = true; opts.jwk.ext = true;
opts.jwk.key_ops = ops; opts.jwk.key_ops = ops;
console.log('jwk', opts.jwk);
return window.crypto.subtle.importKey( return window.crypto.subtle.importKey(
"jwk" "jwk"
, opts.jwk , opts.jwk