cleanup and comments

This commit is contained in:
AJ ONeal 2016-08-01 21:49:54 -04:00
parent 92e436108e
commit 663ead5ec0
2 changed files with 21 additions and 23 deletions

View File

@ -15,7 +15,7 @@ function createAccount(args, handlers) {
// TODO support ECDSA // TODO support ECDSA
// arg.rsaBitLength args.rsaExponent // arg.rsaBitLength args.rsaExponent
return RSA.generateKeypairAsync(args.rsaKeySize || 1024, 65537, { public: true, pem: true }).then(function (keypair) { return RSA.generateKeypairAsync(args.rsaKeySize || 1024, 65537, { public: true, pem: true }).then(function (keypair) {
/* pems = { privateKeyPem, privateKeyJwk, publicKeyPem } */ /* keypair = { privateKeyPem, privateKeyJwk, publicKeyPem } */
return LeCore.registerNewAccountAsync({ return LeCore.registerNewAccountAsync({
email: args.email email: args.email
@ -25,7 +25,6 @@ function createAccount(args, handlers) {
args.tosUrl = tosUrl; args.tosUrl = tosUrl;
handlers.agreeToTerms(args, agree); handlers.agreeToTerms(args, agree);
} }
, accountPrivateKeyPem: RSA.exportPrivatePem(keypair)
, accountKeypair: keypair , accountKeypair: keypair
, debug: args.debug || handlers.debug , debug: args.debug || handlers.debug
@ -68,8 +67,9 @@ function createAccount(args, handlers) {
]).then(function () { ]).then(function () {
var pems = {}; var pems = {};
// pems.private_key;
pems.meta = accountMeta; pems.meta = accountMeta;
pems.privateKey = RSA.exportPrivateJwk(keypair); pems.keypair = keypair;
pems.regr = regr; pems.regr = regr;
pems.accountId = accountId; pems.accountId = accountId;
pems.id = accountId; pems.id = accountId;
@ -117,17 +117,13 @@ function getAccount(args, handlers) {
var keypair = { privateKeyJwk: files.private_key }; var keypair = { privateKeyJwk: files.private_key };
keypair.privateKeyPem = RSA.exportPrivatePem(keypair); keypair.privateKeyPem = RSA.exportPrivatePem(keypair);
keypair.publicKeyPem = RSA.exportPublicPem(keypair); keypair.publicKeyPem = RSA.exportPublicPem(keypair);
keypair.publicKeyMd5 = crypto.createHash('md5').update(keypair.publicKeyPem).digest('hex');
keypair.publicKeySha256 = crypto.createHash('sha256').update(keypair.publicKeyPem).digest('hex');
//files.private_key;
//files.regr;
//files.meta;
files.accountId = accountId; // preserve current account id files.accountId = accountId; // preserve current account id
files.id = accountId; files.id = accountId;
files.privateKeyJwk = keypair.privateKeyJwk; // json { n: ..., e: ..., iq: ..., etc } files.keypair = keypair;
//files.privateKeyJson = keypair.privateKeyJwk; // json { n: ..., e: ..., iq: ..., etc }
files.privateKeyPem = keypair.privateKeyPem; // ascii PEM: ----BEGIN...
files.publicKeyPem = keypair.publicKeyPem; // ascii PEM: ----BEGIN...
files.publicKeyMd5 = keypair.publicKeyMd5;
files.publicKeySha256 = keypair.publicKeySha256;
return files; return files;
}); });

View File

@ -167,7 +167,7 @@ function writeCertificateAsync(args, defaults, handlers) {
var obj = args.pyobj; var obj = args.pyobj;
var result = args.pems; var result = args.pems;
result.fullchain = result.cert + '\n' + result.ca; result.fullchain = result.cert + '\n' + (result.chain || result.ca);
obj.checkpoints = parseInt(obj.checkpoints, 10) || 0; obj.checkpoints = parseInt(obj.checkpoints, 10) || 0;
var liveDir = args.liveDir || path.join(args.configDir, 'live', args.domains[0]); var liveDir = args.liveDir || path.join(args.configDir, 'live', args.domains[0]);
@ -194,12 +194,12 @@ function writeCertificateAsync(args, defaults, handlers) {
return mkdirpAsync(archiveDir).then(function () { return mkdirpAsync(archiveDir).then(function () {
return PromiseA.all([ return PromiseA.all([
sfs.writeFileAsync(certArchive, result.cert, 'ascii') sfs.writeFileAsync(certArchive, result.cert, 'ascii')
, sfs.writeFileAsync(chainArchive, result.ca || result.chain, 'ascii') , sfs.writeFileAsync(chainArchive, (result.chain || result.ca), 'ascii')
, sfs.writeFileAsync(fullchainArchive, result.fullchain, 'ascii') , sfs.writeFileAsync(fullchainArchive, result.fullchain, 'ascii')
, sfs.writeFileAsync( , sfs.writeFileAsync(
privkeyArchive privkeyArchive
// TODO nix args.key, args.domainPrivateKeyPem ?? // TODO nix args.key, args.domainPrivateKeyPem ??
, result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) , (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair)
, 'ascii' , 'ascii'
) )
]); ]);
@ -208,12 +208,12 @@ function writeCertificateAsync(args, defaults, handlers) {
}).then(function () { }).then(function () {
return PromiseA.all([ return PromiseA.all([
sfs.writeFileAsync(certPath, result.cert, 'ascii') sfs.writeFileAsync(certPath, result.cert, 'ascii')
, sfs.writeFileAsync(chainPath, result.ca || result.chain, 'ascii') , sfs.writeFileAsync(chainPath, (result.chain || result.ca), 'ascii')
, sfs.writeFileAsync(fullchainPath, result.fullchain, 'ascii') , sfs.writeFileAsync(fullchainPath, result.fullchain, 'ascii')
, sfs.writeFileAsync( , sfs.writeFileAsync(
privkeyPath privkeyPath
// TODO nix args.key, args.domainPrivateKeyPem ?? // TODO nix args.key, args.domainPrivateKeyPem ??
, result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) , (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair)
, 'ascii' , 'ascii'
) )
]); ]);
@ -230,11 +230,14 @@ function writeCertificateAsync(args, defaults, handlers) {
, fullchainPath: fullchainPath , fullchainPath: fullchainPath
, privkeyPath: privkeyPath , privkeyPath: privkeyPath
// TODO nix keypair
, keypair: args.domainKeypair
// TODO nix args.key, args.domainPrivateKeyPem ?? // TODO nix args.key, args.domainPrivateKeyPem ??
// some ambiguity here... // some ambiguity here...
, privkey: result.key || result.privkey || args.domainPrivateKeyPem || RSA.exportPrivateKey(args.domainKeypair) , privkey: (result.privkey || result.key) || RSA.exportPrivateKey(args.domainKeypair)
, fullchain: result.fullchain || result.cert , fullchain: result.fullchain || (result.cert + '\n' + result.chain)
, chain: result.ca || result.chain , chain: (result.chain || result.ca)
// especially this one... might be cert only, might be fullchain // especially this one... might be cert only, might be fullchain
, cert: result.cert , cert: result.cert
@ -270,7 +273,6 @@ function getCertificateAsync(args, defaults, handlers) {
} }
args.domainKeypair = domainKeypair; args.domainKeypair = domainKeypair;
args.domainPrivateKeyPem = RSA.exportPrivateKeyPem(domainKeypair);
//args.registration = domainKey; //args.registration = domainKey;
return LeCore.getCertificateAsync({ return LeCore.getCertificateAsync({
@ -279,9 +281,7 @@ function getCertificateAsync(args, defaults, handlers) {
, newAuthzUrl: args._acmeUrls.newAuthz , newAuthzUrl: args._acmeUrls.newAuthz
, newCertUrl: args._acmeUrls.newCert , newCertUrl: args._acmeUrls.newCert
, accountPrivateKeyPem: account.keypair || RSA.import({ privateKeyPem: account.privateKeyPem }) , accountKeypair: RSA.import(account.keypair)
, accountKeypair: RSA.import(account.keypair || { privateKeyPem: account.privateKeyPem })
, domainPrivateKeyPem: RSA.exportPrivateKeyPem(domainKeypair)
, domainKeypair: domainKeypair , domainKeypair: domainKeypair
, domains: args.domains , domains: args.domains
@ -325,6 +325,7 @@ function getCertificateAsync(args, defaults, handlers) {
} }
}); });
}).then(function (results) { }).then(function (results) {
// { cert, chain, fullchain, privkey }
args.pems = results; args.pems = results;
return writeCertificateAsync(args, defaults, handlers); return writeCertificateAsync(args, defaults, handlers);
}); });
@ -358,6 +359,7 @@ function getOrCreateDomainCertificate(args, defaults, handlers) {
}); });
} }
// returns 'account' from lib/accounts { meta, regr, keypair, accountId (id) }
function getOrCreateAcmeAccount(args, defaults, handlers) { function getOrCreateAcmeAccount(args, defaults, handlers) {
var pyconf = PromiseA.promisifyAll(require('pyconf')); var pyconf = PromiseA.promisifyAll(require('pyconf'));