From 663ead5ec044cd81d405546b2fdec5d51c293d04 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 1 Aug 2016 21:49:54 -0400 Subject: [PATCH] cleanup and comments --- lib/accounts.js | 18 +++++++----------- lib/core.js | 26 ++++++++++++++------------ 2 files changed, 21 insertions(+), 23 deletions(-) diff --git a/lib/accounts.js b/lib/accounts.js index 6751292..a4f3d3a 100644 --- a/lib/accounts.js +++ b/lib/accounts.js @@ -15,7 +15,7 @@ function createAccount(args, handlers) { // TODO support ECDSA // arg.rsaBitLength args.rsaExponent return RSA.generateKeypairAsync(args.rsaKeySize || 1024, 65537, { public: true, pem: true }).then(function (keypair) { - /* pems = { privateKeyPem, privateKeyJwk, publicKeyPem } */ + /* keypair = { privateKeyPem, privateKeyJwk, publicKeyPem } */ return LeCore.registerNewAccountAsync({ email: args.email @@ -25,7 +25,6 @@ function createAccount(args, handlers) { args.tosUrl = tosUrl; handlers.agreeToTerms(args, agree); } - , accountPrivateKeyPem: RSA.exportPrivatePem(keypair) , accountKeypair: keypair , debug: args.debug || handlers.debug @@ -68,8 +67,9 @@ function createAccount(args, handlers) { ]).then(function () { var pems = {}; + // pems.private_key; pems.meta = accountMeta; - pems.privateKey = RSA.exportPrivateJwk(keypair); + pems.keypair = keypair; pems.regr = regr; pems.accountId = accountId; pems.id = accountId; @@ -117,17 +117,13 @@ function getAccount(args, handlers) { var keypair = { privateKeyJwk: files.private_key }; keypair.privateKeyPem = RSA.exportPrivatePem(keypair); keypair.publicKeyPem = RSA.exportPublicPem(keypair); - keypair.publicKeyMd5 = crypto.createHash('md5').update(keypair.publicKeyPem).digest('hex'); - keypair.publicKeySha256 = crypto.createHash('sha256').update(keypair.publicKeyPem).digest('hex'); + //files.private_key; + //files.regr; + //files.meta; files.accountId = accountId; // preserve current account id files.id = accountId; - files.privateKeyJwk = keypair.privateKeyJwk; // json { n: ..., e: ..., iq: ..., etc } - //files.privateKeyJson = keypair.privateKeyJwk; // json { n: ..., e: ..., iq: ..., etc } - files.privateKeyPem = keypair.privateKeyPem; // ascii PEM: ----BEGIN... - files.publicKeyPem = keypair.publicKeyPem; // ascii PEM: ----BEGIN... - files.publicKeyMd5 = keypair.publicKeyMd5; - files.publicKeySha256 = keypair.publicKeySha256; + files.keypair = keypair; return files; }); diff --git a/lib/core.js b/lib/core.js index 0001a6f..b94852f 100644 --- a/lib/core.js +++ b/lib/core.js @@ -167,7 +167,7 @@ function writeCertificateAsync(args, defaults, handlers) { var obj = args.pyobj; var result = args.pems; - result.fullchain = result.cert + '\n' + result.ca; + result.fullchain = result.cert + '\n' + (result.chain || result.ca); obj.checkpoints = parseInt(obj.checkpoints, 10) || 0; var liveDir = args.liveDir || path.join(args.configDir, 'live', args.domains[0]); @@ -194,12 +194,12 @@ function writeCertificateAsync(args, defaults, handlers) { return mkdirpAsync(archiveDir).then(function () { return PromiseA.all([ sfs.writeFileAsync(certArchive, result.cert, 'ascii') - , sfs.writeFileAsync(chainArchive, result.ca || result.chain, 'ascii') + , sfs.writeFileAsync(chainArchive, (result.chain || result.ca), 'ascii') , sfs.writeFileAsync(fullchainArchive, result.fullchain, 'ascii') , sfs.writeFileAsync( privkeyArchive // TODO nix args.key, args.domainPrivateKeyPem ?? - , result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) + , (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair) , 'ascii' ) ]); @@ -208,12 +208,12 @@ function writeCertificateAsync(args, defaults, handlers) { }).then(function () { return PromiseA.all([ sfs.writeFileAsync(certPath, result.cert, 'ascii') - , sfs.writeFileAsync(chainPath, result.ca || result.chain, 'ascii') + , sfs.writeFileAsync(chainPath, (result.chain || result.ca), 'ascii') , sfs.writeFileAsync(fullchainPath, result.fullchain, 'ascii') , sfs.writeFileAsync( privkeyPath // TODO nix args.key, args.domainPrivateKeyPem ?? - , result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) + , (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair) , 'ascii' ) ]); @@ -230,11 +230,14 @@ function writeCertificateAsync(args, defaults, handlers) { , fullchainPath: fullchainPath , privkeyPath: privkeyPath + // TODO nix keypair + , keypair: args.domainKeypair + // TODO nix args.key, args.domainPrivateKeyPem ?? // some ambiguity here... - , privkey: result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) - , fullchain: result.fullchain || result.cert - , chain: result.ca || result.chain + , privkey: (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair) + , fullchain: result.fullchain || (result.cert + '\n' + result.chain) + , chain: (result.chain || result.ca) // especially this one... might be cert only, might be fullchain , cert: result.cert @@ -270,7 +273,6 @@ function getCertificateAsync(args, defaults, handlers) { } args.domainKeypair = domainKeypair; - args.domainPrivateKeyPem = RSA.exportPrivateKeyPem(domainKeypair); //args.registration = domainKey; return LeCore.getCertificateAsync({ @@ -279,9 +281,7 @@ function getCertificateAsync(args, defaults, handlers) { , newAuthzUrl: args._acmeUrls.newAuthz , newCertUrl: args._acmeUrls.newCert - , accountPrivateKeyPem: account.keypair || RSA.import({ privateKeyPem: account.privateKeyPem }) - , accountKeypair: RSA.import(account.keypair || { privateKeyPem: account.privateKeyPem }) - , domainPrivateKeyPem: RSA.exportPrivateKeyPem(domainKeypair) + , accountKeypair: RSA.import(account.keypair) , domainKeypair: domainKeypair , domains: args.domains @@ -325,6 +325,7 @@ function getCertificateAsync(args, defaults, handlers) { } }); }).then(function (results) { + // { cert, chain, fullchain, privkey } args.pems = results; return writeCertificateAsync(args, defaults, handlers); }); @@ -358,6 +359,7 @@ function getOrCreateDomainCertificate(args, defaults, handlers) { }); } +// returns 'account' from lib/accounts { meta, regr, keypair, accountId (id) } function getOrCreateAcmeAccount(args, defaults, handlers) { var pyconf = PromiseA.promisifyAll(require('pyconf'));