diff --git a/lib/get-certificate.js b/lib/get-certificate.js index 081b19f..b6b0540 100644 --- a/lib/get-certificate.js +++ b/lib/get-certificate.js @@ -68,7 +68,7 @@ module.exports.create = function (deps) { if ('{' === body[0] || '{' === String.fromCharCode(body[0])) { try { - body = JSON.parse(body); + body = JSON.parse(body.toString('utf8')); } catch(e) { err = new Error("[Error] letiny-core: body could not be parsed"); err.code = "E_BODY_PARSE"; @@ -118,7 +118,17 @@ module.exports.create = function (deps) { type:'dns', value:state.domain, } - }, getReadyToValidate); + }, function (err, res, body) { + if (!err && res.body) { + try { + body = bodyToError(res, body); + } catch(e) { + err = e; + } + } + + getReadyToValidate(err, res, body) + }); } function getReadyToValidate(err, res, body) { @@ -161,6 +171,14 @@ module.exports.create = function (deps) { resource:'challenge', keyAuthorization:keyAuthorization }, function(err, res, body) { + if (!err && res.body) { + try { + body = bodyToError(res, body); + } catch(e) { + err = e; + } + } + ensureValidation(err, res, body, function unlink() { options.removeChallenge(state.domain, challenge.token, function () { // ignore @@ -205,10 +223,10 @@ module.exports.create = function (deps) { nextDomain(); } else if (authz.status==='invalid') { unlink(); - return handleErr(null, 'The CA was unable to validate the file you provisioned', body); + return handleErr(null, 'The CA was unable to validate the file you provisioned: ' + authz.detail, body); } else { unlink(); - return handleErr(null, 'CA returned an authorization in an unexpected state', authz); + return handleErr(null, 'CA returned an authorization in an unexpected state' + authz.detail, authz); } } @@ -219,7 +237,17 @@ module.exports.create = function (deps) { resource:'new-cert', csr:csr, authorizations:state.validAuthorizationUrls - }, downloadCertificate); + }, function (err, res, body ) { + if (!err && res.body) { + try { + body = bodyToError(res, body); + } catch(e) { + err = e; + } + } + + downloadCertificate(err, res, body); + }); } function downloadCertificate(err, res, body) { diff --git a/lib/letsencrypt-forge-extra.js b/lib/letsencrypt-forge-extra.js index 8058255..36f5056 100644 --- a/lib/letsencrypt-forge-extra.js +++ b/lib/letsencrypt-forge-extra.js @@ -19,6 +19,14 @@ function b64ToBinstr(b64) { function toAcmePrivateKey(forgePrivkey) { //var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem); + // required in node.js 4.2.2 (but not io.js 1.6.3) + Object.keys(forgePrivkey).forEach(function (k) { + var val = forgePrivkey[k]; + if (val && val.toByteArray) { + forgePrivkey[k] = val.toByteArray(); + } + }); + return { kty: "RSA" , n: binstrToB64(forgePrivkey.n) @@ -49,7 +57,7 @@ function toForgePrivateKey(forgePrivkey) { // It takes SEVERAL seconds even on a nice macbook pro function generateRsaKeypair(bitlen, exp, cb) { var pki = forge.pki; - var keypair = pki.rsa.generateKeyPair({ bits: bitlen, e: exp }); + var keypair = pki.rsa.generateKeyPair({ bits: bitlen || 2048, e: exp || 65537 }); var pems = { publicKeyPem: pki.publicKeyToPem(keypair.publicKey) // ascii PEM: ----BEGIN... , privateKeyPem: pki.privateKeyToPem(keypair.privateKey) // ascii PEM: ----BEGIN... diff --git a/lib/letsencrypt-ursa.js b/lib/letsencrypt-ursa.js index ae8cd63..bed7b37 100644 --- a/lib/letsencrypt-ursa.js +++ b/lib/letsencrypt-ursa.js @@ -9,28 +9,42 @@ var crypto = require('crypto'); var ursa = require('ursa'); var forge = require('node-forge'); -function binstr2b64(binstr) { +function binstrToB64(binstr) { return new Buffer(binstr, 'binary').toString('base64'); } +/* +function b64ToBinstr(b64) { + return new Buffer(b64, 'base64').toString('binary'); +} +*/ + function toAcmePrivateKey(privkeyPem) { var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem); + // required in node.js 4.2.2 (but not io.js 1.6.3) + Object.keys(forgePrivkey).forEach(function (k) { + var val = forgePrivkey[k]; + if (val && val.toByteArray) { + forgePrivkey[k] = val.toByteArray(); + } + }); + return { kty: "RSA" - , n: binstr2b64(forgePrivkey.n) - , e: binstr2b64(forgePrivkey.e) - , d: binstr2b64(forgePrivkey.d) - , p: binstr2b64(forgePrivkey.p) - , q: binstr2b64(forgePrivkey.q) - , dp: binstr2b64(forgePrivkey.dP) - , dq: binstr2b64(forgePrivkey.dQ) - , qi: binstr2b64(forgePrivkey.qInv) + , n: binstrToB64(forgePrivkey.n) + , e: binstrToB64(forgePrivkey.e) + , d: binstrToB64(forgePrivkey.d) + , p: binstrToB64(forgePrivkey.p) + , q: binstrToB64(forgePrivkey.q) + , dp: binstrToB64(forgePrivkey.dP) + , dq: binstrToB64(forgePrivkey.dQ) + , qi: binstrToB64(forgePrivkey.qInv) }; } function generateRsaKeypair(bitlen, exp, cb) { - var keypair = ursa.generatePrivateKey(bitlen /*|| 2048*/, exp /*65537*/); + var keypair = ursa.generatePrivateKey(bitlen || 2048, exp || 6553); var pems = { publicKeyPem: keypair.toPublicPem().toString('ascii') // ascii PEM: ----BEGIN... , privateKeyPem: keypair.toPrivatePem().toString('ascii') // ascii PEM: ----BEGIN... diff --git a/lib/register-new-account.js b/lib/register-new-account.js index 4b0fa93..b51184c 100644 --- a/lib/register-new-account.js +++ b/lib/register-new-account.js @@ -106,20 +106,12 @@ module.exports.create = function (deps) { return handleErr(err, 'Couldn\'t POST agreement back to server', body); } - data = body; - // handle for node and browser - if ('string' === typeof body) { + if ('string' === typeof body || '{' === body[0] || '{' === String.fromCharCode(body[0])) { try { - data = JSON.parse(body); + data = JSON.parse(body.toString('utf8')); } catch(e) { - // ignore - } - } else { - // might be a buffer - data = body.toString('utf8'); - if (!(data.length > 10)) { - // probably json - data = body; + cb(e); + return; } }