This commit is contained in:
AJ ONeal 2015-12-16 00:13:07 +00:00
parent aec8958ca8
commit 4015e792dd
3 changed files with 222 additions and 218 deletions

View File

@ -23,10 +23,10 @@ leCore.
## API ## API
``` ```javascript
LeCore.registerNewAccount(); LeCore.registerNewAccount(options, cb);
LeCore.getCertificate(); LeCore.getCertificate(options, cb);
LeCore.Acme // Signs requests with JWK LeCore.Acme // Signs requests with JWK
acme = new Acme(lePrivateKey) // privateKey format is abstract acme = new Acme(lePrivateKey) // privateKey format is abstract
@ -35,7 +35,9 @@ LeCore.Acme // Signs requests with JWK
acme.getNonce(url, cb) // (internal) HEAD request to get 'replay-nonce' strings acme.getNonce(url, cb) // (internal) HEAD request to get 'replay-nonce' strings
LeCore.leCrypto LeCore.leCrypto
generateSignature(lePrivateKey, nodeBufferBody, nonceString) thumbprint(lePubKey) // generates thumbprint
generateSignature(lePrivKey, bodyBuf, nonce) // generates a signature
importPemPrivateKey(privateKeyPem); // returns abstract private key
``` ```
For testing and development, you can also inject the dependencies you want to use: For testing and development, you can also inject the dependencies you want to use:

View File

@ -4,16 +4,18 @@
* Some code used from https://github.com/letsencrypt/boulder/tree/master/test/js * Some code used from https://github.com/letsencrypt/boulder/tree/master/test/js
* MPL 2.0 * MPL 2.0
*/ */
'use strict'; 'use strict';
var NOOP=function () {}, log=NOOP; module.exports.create = function (deps) {
var request=require('request'); var NOOP=function () {}, log=NOOP;
var util=require('./acme-util'); var request=require('request');
var cryptoUtil=require('./crypto-util'); var util=require('./acme-util');
var Acme = require('./acme-client'); var importPemPrivateKey = deps.leCrypto.importPemPrivateKey;
var thumbprinter = deps.leCrypto.thumbprint;
var generateCsr = deps.leCrypto.generateCsr || deps.leCrypto.generateCSR;
var Acme = deps.Acme;
function getCert(options, cb) { function getCert(options, cb) {
var state={ var state={
validatedDomains:[] validatedDomains:[]
, validAuthorizationUrls:[] , validAuthorizationUrls:[]
@ -40,10 +42,10 @@ function getCert(options, cb) {
state.domains = options.domains.slice(0); // copy array state.domains = options.domains.slice(0); // copy array
try { try {
state.accountKeyPem=options.accountPrivateKeyPem; state.accountKeyPem=options.accountPrivateKeyPem;
state.accountKeyPair=cryptoUtil.importPemPrivateKey(state.accountKeyPem); state.accountKeyPair=importPemPrivateKey(state.accountKeyPem);
state.acme=new Acme(state.accountKeyPair); state.acme=new Acme(state.accountKeyPair);
state.certPrivateKeyPem=options.domainPrivateKeyPem; state.certPrivateKeyPem=options.domainPrivateKeyPem;
state.certPrivateKey=cryptoUtil.importPemPrivateKey(state.certPrivateKeyPem); state.certPrivateKey=importPemPrivateKey(state.certPrivateKeyPem);
} catch(err) { } catch(err) {
return handleErr(err, 'Failed to parse privateKey'); return handleErr(err, 'Failed to parse privateKey');
} }
@ -100,7 +102,7 @@ function getCert(options, cb) {
} }
challenge=httpChallenges[0]; challenge=httpChallenges[0];
thumbprint=cryptoUtil.thumbprint(state.accountKeyPair.publicKey); thumbprint=thumbprinter(state.accountKeyPair.publicKey);
keyAuthorization=challenge.token+'.'+thumbprint; keyAuthorization=challenge.token+'.'+thumbprint;
state.responseUrl=challenge.uri; state.responseUrl=challenge.uri;
@ -152,7 +154,7 @@ function getCert(options, cb) {
} }
function getCertificate() { function getCertificate() {
var csr=cryptoUtil.generateCSR(state.certPrivateKey, state.validatedDomains); var csr=generateCsr(state.certPrivateKey, state.validatedDomains);
log('Requesting certificate...'); log('Requesting certificate...');
state.acme.post(state.newCertificateUrl, { state.acme.post(state.newCertificateUrl, {
resource:'new-cert', resource:'new-cert',
@ -234,13 +236,13 @@ function getCert(options, cb) {
log(text, err, info); log(text, err, info);
cb(err || new Error(text)); cb(err || new Error(text));
} }
}
} function certBufferToPem(cert) {
function certBufferToPem(cert) {
cert=util.toStandardB64(cert.toString('base64')); cert=util.toStandardB64(cert.toString('base64'));
cert=cert.match(/.{1,64}/g).join('\n'); cert=cert.match(/.{1,64}/g).join('\n');
return '-----BEGIN CERTIFICATE-----\n'+cert+'\n-----END CERTIFICATE-----'; return '-----BEGIN CERTIFICATE-----\n'+cert+'\n-----END CERTIFICATE-----';
} }
module.exports = getCert; return getCert;
};

View File

@ -9,7 +9,7 @@ function create(deps) {
var LeCore = {}; var LeCore = {};
LeCore.leCrypto = deps.leCrypto; LeCore.leCrypto = deps.leCrypto;
LeCore.Acme = require('./lib/acme-client').create(deps); deps.Acme = LeCore.Acme = require('./lib/acme-client').create(deps);
LeCore.registerNewAccount = require('./lib/register-new-account').create(deps); LeCore.registerNewAccount = require('./lib/register-new-account').create(deps);
LeCore.getCertificate = require('./lib/get-certificate').create(deps); LeCore.getCertificate = require('./lib/get-certificate').create(deps);