diff --git a/lib/letsencrypt-forge-extra.js b/lib/letsencrypt-forge-extra.js index 36f5056..b865e94 100644 --- a/lib/letsencrypt-forge-extra.js +++ b/lib/letsencrypt-forge-extra.js @@ -16,7 +16,7 @@ function b64ToBinstr(b64) { return new Buffer(b64, 'base64').toString('binary'); } -function toAcmePrivateKey(forgePrivkey) { +function privatePemToJwk(forgePrivkey) { //var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem); // required in node.js 4.2.2 (but not io.js 1.6.3) @@ -68,7 +68,7 @@ function generateRsaKeypair(bitlen, exp, cb) { // for compat with python client account id pems.publicKeyMd5 = crypto.createHash('md5').update(pems.publicKeyPem).digest('hex'); // json { n: ..., e: ..., iq: ..., etc } - pems.privateKeyJwk = toAcmePrivateKey(keypair.privateKey); + pems.privateKeyJwk = privatePemToJwk(keypair.privateKey); // deprecate pems.privateKeyJson = pems.privateKeyJwk; @@ -77,7 +77,7 @@ function generateRsaKeypair(bitlen, exp, cb) { cb(null, pems); } -function parseAccountPrivateKey(pkj, cb) { +function privateJwkToPems(pkj, cb) { var pki = forge.pki; Object.keys(pkj).forEach(function (key) { @@ -113,13 +113,10 @@ function parseAccountPrivateKey(pkj, cb) { , privateKeyJson: pkj // I would have chosen sha1 or sha2... but whatever , publicKeyMd5: crypto.createHash('md5').update(pubPem).digest('hex') + , publicKeySha256: crypto.createHash('sha256').update(pubPem).digest('hex') }); } module.exports.generateRsaKeypair = generateRsaKeypair; -module.exports.privateJwkToPems = parseAccountPrivateKey; -module.exports.privatePemToJwk = toAcmePrivateKey; - -// TODO deprecate -module.exports.toAcmePrivateKey = toAcmePrivateKey; -module.exports.parseAccountPrivateKey = parseAccountPrivateKey; +module.exports.privateJwkToPems = privateJwkToPems; +module.exports.privatePemToJwk = privatePemToJwk; diff --git a/lib/letsencrypt-ursa.js b/lib/letsencrypt-ursa.js index bed7b37..ea8296d 100644 --- a/lib/letsencrypt-ursa.js +++ b/lib/letsencrypt-ursa.js @@ -19,7 +19,7 @@ function b64ToBinstr(b64) { } */ -function toAcmePrivateKey(privkeyPem) { +function privatePemToJwk(privkeyPem) { var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem); // required in node.js 4.2.2 (but not io.js 1.6.3) @@ -55,7 +55,7 @@ function generateRsaKeypair(bitlen, exp, cb) { // for compat with python client account id pems.publicKeyMd5 = crypto.createHash('md5').update(pems.publicKeyPem).digest('hex'); // json { n: ..., e: ..., iq: ..., etc } - pems.privateKeyJwk = toAcmePrivateKey(pems.privateKeyPem); + pems.privateKeyJwk = privatePemToJwk(pems.privateKeyPem); pems.privateKeyJson = pems.privateKeyJwk; // TODO thumbprint @@ -63,12 +63,13 @@ function generateRsaKeypair(bitlen, exp, cb) { cb(null, pems); } -function parseAccountPrivateKey(pkj, cb) { +function privateJwkToPems(pkj, cb) { Object.keys(pkj).forEach(function (key) { pkj[key] = new Buffer(pkj[key], 'base64'); }); var priv; + var pems; try { priv = ursa.createPrivateKeyFromComponents( @@ -86,16 +87,22 @@ function parseAccountPrivateKey(pkj, cb) { return; } - cb(null, { - privateKeyPem: priv.toPrivatePem.toString('ascii') - , publicKeyPem: priv.toPublicPem.toString('ascii') - }); + pems = { + privateKeyPem: priv.toPrivatePem().toString('ascii') + , publicKeyPem: priv.toPublicPem().toString('ascii') + }; + + // for account id + pems.publicKeySha256 = crypto.createHash('sha256').update(pems.publicKeyPem).digest('hex'); + // for compat with python client account id + pems.publicKeyMd5 = crypto.createHash('md5').update(pems.publicKeyPem).digest('hex'); + // json { n: ..., e: ..., iq: ..., etc } + pems.privateKeyJwk = privatePemToJwk(pems.privateKeyPem); + pems.privateKeyJson = pems.privateKeyJwk; + + cb(null, pems); } module.exports.generateRsaKeypair = generateRsaKeypair; -module.exports.privateJwkToPems = parseAccountPrivateKey; -module.exports.privatePemToJwk = toAcmePrivateKey; - -// TODO deprecate -module.exports.toAcmePrivateKey = toAcmePrivateKey; -module.exports.parseAccountPrivateKey = parseAccountPrivateKey; +module.exports.privateJwkToPems = privateJwkToPems; +module.exports.privatePemToJwk = privatePemToJwk;