coolaj86
/
greenlock.js
mirror of https://github.com/therootcompany/greenlock.js.git
1
0
Fork 0
Code Projects Releases Wiki Activity

updates

This commit is contained in:
AJ ONeal 2015-12-15 12:45:36 +00:00
parent 03826d845d
commit bdeb1357d4
2 changed files with 47 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
backends/ursa.js
View File

@ -51,42 +51,19 @@ function createAccount(args, handlers) {
// TODO support ECDSA // TODO support ECDSA
// arg.rsaBitLength args.rsaExponent // arg.rsaBitLength args.rsaExponent
return cutils.generateRsaKeypairAsync(args.rsaBitLength, args.rsaExponent).then(function (obj) { return cutils.generateRsaKeypairAsync(args.rsaBitLength, args.rsaExponent).then(function (pems) {
/* obj = { privateKeyPem, publicKeyPem, publicKeyMd5 } */ /* pems = { privateKeyPem, privateKeyJwk, publicKeyPem, publicKeyMd5 } */
var accountId = obj.publicKeyMd5; // I would have chosen sha1 or sha2... but whatever
var accountDir = path.join(args.accountsDir, accountId);
var isoDate = new Date().toISOString();
/*
files.accountId = accountId; // md5sum(publicKeyPem)
files.publicKeyPem = keypair.publicKeyPem; // ascii PEM: ----BEGIN...
files.privateKeyPem = keypair.privateKeyPem; // ascii PEM: ----BEGIN...
files.privateKeyJson = keypair.private_key; // json { n: ..., e: ..., iq: ..., etc }
*/
// TODO register
return lef.registerNewAccountAsync({ return lef.registerNewAccountAsync({
email: args.email email: args.email
, domains: Array.isArray(args.domains) || (args.domains||'').split(',')
, newReg: args.server , newReg: args.server
, debug: args.debug || handlers.debug , debug: args.debug || handlers.debug
, webroot: args.webrootPath
, setChallenge: function (domain, key, value, done) {
args.domains = [domain];
handlers.setChallenge(args, key, value, done);
}
, removeChallenge: function (domain, key, done) {
args.domains = [domain];
handlers.removeChallenge(args, key, done);
}
, agreeToTerms: function (tosUrl, agree) { , agreeToTerms: function (tosUrl, agree) {
// args.email = email; // args.email = email; // already there
args.tosUrl = tosUrl; args.tosUrl = tosUrl;
handlers.agreeToTerms(args, agree); handlers.agreeToTerms(args, agree);
} }
// TODO send either privateKeyPem or privateKeyJson or privateKeyJwk (?) , accountPrivateKeyPem: pems.privateKeyPem
, privateKeyPem: obj.privateKeyPem
}).then(function (body) { }).then(function (body) {
if ('string' === typeof body) { if ('string' === typeof body) {
try { try {
@ -95,34 +72,41 @@ function createAccount(args, handlers) {
// ignore // ignore
} }
} }
return mkdirpAsync(args.accountDir, function () { return mkdirpAsync(args.accountDir, function () {
var jwk = cutils.toAcmePrivateKey(obj.privateKeyPem);
var accountDir = path.join(args.accountsDir, pems.publicKeyMd5);
var isoDate = new Date().toISOString();
var accountMeta = {
creation_host: localname
, creation_dt: isoDate
};
// meta.json {"creation_host": "ns1.redirect-www.org", "creation_dt": "2015-12-11T04:14:38Z"} // meta.json {"creation_host": "ns1.redirect-www.org", "creation_dt": "2015-12-11T04:14:38Z"}
// private_key.json { "e", "d", "n", "q", "p", "kty", "qi", "dp", "dq" } // private_key.json { "e", "d", "n", "q", "p", "kty", "qi", "dp", "dq" }
// regr.json { "body" } // regr.json:
/* /*
{ body: { body:
{ contact: [ 'mailto:coolaj86@gmail.com' ], { contact: [ 'mailto:coolaj86@gmail.com' ],
agreement: 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf', agreement: 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf',
key: key: { e: 'AQAB', kty: 'RSA', n: '...' } },
{ e: 'AQAB',
kty: 'RSA',
n: '...' } },
uri: 'https://acme-v01.api.letsencrypt.org/acme/reg/71272', uri: 'https://acme-v01.api.letsencrypt.org/acme/reg/71272',
new_authzr_uri: 'https://acme-v01.api.letsencrypt.org/acme/new-authz', new_authzr_uri: 'https://acme-v01.api.letsencrypt.org/acme/new-authz',
terms_of_service: 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf' } terms_of_service: 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf' }
*/ */
return PromiseA.all([ return PromiseA.all([
fs.writeFileAsync(path.join(accountDir, 'meta.json'), JSON.stringify({ creation_host: localname, creation_dt: isoDate }), 'utf8') fs.writeFileAsync(path.join(accountDir, 'meta.json'), JSON.stringify(accountMeta), 'utf8')
, fs.writeFileAsync(path.join(accountDir, 'private_key.json'), JSON.stringify(jwk), 'utf8') , fs.writeFileAsync(path.join(accountDir, 'private_key.json'), JSON.stringify(pems.privateKeyJwk), 'utf8')
, fs.writeFileAsync(path.join(accountDir, 'regr.json'), JSON.stringify({ body: body }), 'utf8') , fs.writeFileAsync(path.join(accountDir, 'regr.json'), JSON.stringify({ body: body }), 'utf8')
]); ]).then(function () {
return pems;
});
}); });
}); });
}); });
} }
function getAccount(args, accountId) { function getAccount(accountId, args, handlers) {
console.log(args.accountsDir, accountId); console.log(args.accountsDir, accountId);
var accountDir = path.join(args.accountsDir, accountId); var accountDir = path.join(args.accountsDir, accountId);
var files = {}; var files = {};
@ -143,7 +127,7 @@ function getAccount(args, accountId) {
files[keyname] = data; files[keyname] = data;
}, function (err) { }, function (err) {
files[keyname] = err; files[keyname] = { error: err };
}); });
})).then(function () { })).then(function () {
@ -151,11 +135,12 @@ function getAccount(args, accountId) {
return !files[key].error; return !files[key].error;
})) { })) {
console.warn("Account '" + accountId + "' was currupt. No big deal (I think?). Creating a new one..."); console.warn("Account '" + accountId + "' was currupt. No big deal (I think?). Creating a new one...");
return createAccount(args); return createAccount(args, handlers);
} }
return cutils.parseAccountPrivateKeyAsync(files.private_key).then(function (keypair) { return cutils.parseAccountPrivateKeyAsync(files.private_key).then(function (keypair) {
files.accountId = accountId; // md5sum(publicKeyPem) files.accountId = accountId; // md5sum(publicKeyPem)
files.publicKeyMd5 = accountId; // md5sum(publicKeyPem)
files.publicKeyPem = keypair.publicKeyPem; // ascii PEM: ----BEGIN... files.publicKeyPem = keypair.publicKeyPem; // ascii PEM: ----BEGIN...
files.privateKeyPem = keypair.privateKeyPem; // ascii PEM: ----BEGIN... files.privateKeyPem = keypair.privateKeyPem; // ascii PEM: ----BEGIN...
files.privateKeyJson = keypair.private_key; // json { n: ..., e: ..., iq: ..., etc } files.privateKeyJson = keypair.private_key; // json { n: ..., e: ..., iq: ..., etc }
@ -174,19 +159,10 @@ function getAccountByEmail(args) {
return PromiseA.resolve(null); return PromiseA.resolve(null);
} }
module.exports.create = function (defaults, opts) { module.exports.create = function (defaults, handlers) {
var LE = require('../'); var LE = require('../');
var pyconf = PromiseA.promisifyAll(require('pyconf')); var pyconf = PromiseA.promisifyAll(require('pyconf'));
if (!opts) {
opts = {};
}
/*
defaults.webroot = true;
defaults.renewByDefault = true;
defaults.text = true;
*/
defaults.server = defaults.server || LE.liveServer; defaults.server = defaults.server || LE.liveServer;
var wrapped = { var wrapped = {
@ -201,7 +177,7 @@ module.exports.create = function (defaults, opts) {
return renewal.account; return renewal.account;
}, function (err) { }, function (err) {
if ("EENOENT" === err.code) { if ("EENOENT" === err.code) {
return getAccountByEmail(args); return getAccountByEmail(args, handlers);
} }
return PromiseA.reject(err); return PromiseA.reject(err);
@ -211,12 +187,25 @@ module.exports.create = function (defaults, opts) {
args._acmeUrls = urls; args._acmeUrls = urls;
if (accountId) { if (accountId) {
return getAccount(args, accountId); return getAccount(accountId, args, handlers);
} else { } else {
return createAccount(args); return createAccount(args);
} }
}); });
}).then(function (account) { }).then(function (account) {
/*
, domains: Array.isArray(args.domains) || (args.domains||'').split(',')
, webroot: args.webrootPath
, accountPrivateKeyPem: obj.privateKeyPem
, setChallenge: function (domain, key, value, done) {
args.domains = [domain];
handlers.setChallenge(args, key, value, done);
}
, removeChallenge: function (domain, key, done) {
args.domains = [domain];
handlers.removeChallenge(args, key, done);
}
*/
console.log(account); console.log(account);
throw new Error("IMPLEMENTATION NOT COMPLETE"); throw new Error("IMPLEMENTATION NOT COMPLETE");
}); });

11
lib/crypto-utils-ursa.js
View File

@ -27,14 +27,17 @@ function toAcmePrivateKey(privkeyPem) {
function generateRsaKeypair(bitlen, exp, cb) { function generateRsaKeypair(bitlen, exp, cb) {
var keypair = ursa.generatePrivateKey(bitlen /*|| 2048*/, exp /*65537*/); var keypair = ursa.generatePrivateKey(bitlen /*|| 2048*/, exp /*65537*/);
var pems = { var pems = {
publicKeyPem: keypair.toPublicPem() publicKeyPem: keypair.toPublicPem() // ascii PEM: ----BEGIN...
, privateKeyPem: keypair.toPrivatePem() , privateKeyPem: keypair.toPrivatePem() // ascii PEM: ----BEGIN...
}; };
// I would have chosen sha1 or sha2... but whatever
pems.publicKeyMd5 = crypto.createHash('md5').update(pems.publicKeyPem).digest('hex'); pems.publicKeyMd5 = crypto.createHash('md5').update(pems.publicKeyPem).digest('hex');
// json { n: ..., e: ..., iq: ..., etc }
pems.privateKeyJwk = toAcmePrivateKey(pems.privateKeyPem);
pems.privateKeyJson = pems.privateKeyJwk;
// TODO thumbprint // TODO thumbprint
// TODO jwk
// TODO json
cb(null, pems); cb(null, pems);
} }