multiple minor enhancements and bugfixes

lib/get-certificate.js

@@ -68,7 +68,7 @@ module.exports.create = function (deps) {
 
       if ('{' === body[0] || '{' === String.fromCharCode(body[0])) {
         try {
-          body = JSON.parse(body);
+          body = JSON.parse(body.toString('utf8'));
         } catch(e) {
           err = new Error("[Error] letiny-core: body could not be parsed");
           err.code = "E_BODY_PARSE";
@@ -118,7 +118,17 @@ module.exports.create = function (deps) {
           type:'dns',
           value:state.domain,
         }
-      }, getReadyToValidate);
+      }, function (err, res, body) {
+        if (!err && res.body) {
+          try {
+            body = bodyToError(res, body);
+          } catch(e) {
+            err = e;
+          }
+        }
+
+        getReadyToValidate(err, res, body)
+      });
     }
 
     function getReadyToValidate(err, res, body) {
@@ -161,6 +171,14 @@ module.exports.create = function (deps) {
           resource:'challenge',
           keyAuthorization:keyAuthorization
         }, function(err, res, body) {
+          if (!err && res.body) {
+            try {
+              body = bodyToError(res, body);
+            } catch(e) {
+              err = e;
+            }
+          }
+
           ensureValidation(err, res, body, function unlink() {
             options.removeChallenge(state.domain, challenge.token, function () {
               // ignore
@@ -205,10 +223,10 @@ module.exports.create = function (deps) {
         nextDomain();
       } else if (authz.status==='invalid') {
         unlink();
-        return handleErr(null, 'The CA was unable to validate the file you provisioned', body);
+        return handleErr(null, 'The CA was unable to validate the file you provisioned: ' + authz.detail, body);
       } else {
         unlink();
-        return handleErr(null, 'CA returned an authorization in an unexpected state', authz);
+        return handleErr(null, 'CA returned an authorization in an unexpected state' + authz.detail, authz);
       }
     }
 
@@ -219,7 +237,17 @@ module.exports.create = function (deps) {
         resource:'new-cert',
         csr:csr,
         authorizations:state.validAuthorizationUrls
-      }, downloadCertificate);
+      }, function (err, res, body ) {
+        if (!err && res.body) {
+          try {
+            body = bodyToError(res, body);
+          } catch(e) {
+            err = e;
+          }
+        }
+
+        downloadCertificate(err, res, body);
+      });
     }
 
     function downloadCertificate(err, res, body) {

lib/letsencrypt-forge-extra.js

@@ -19,6 +19,14 @@ function b64ToBinstr(b64) {
 function toAcmePrivateKey(forgePrivkey) {
   //var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem);
 
+  // required in node.js 4.2.2 (but not io.js 1.6.3)
+  Object.keys(forgePrivkey).forEach(function (k) {
+    var val = forgePrivkey[k];
+    if (val && val.toByteArray) {
+      forgePrivkey[k] = val.toByteArray();
+    }
+  });
+
   return {
     kty: "RSA"
   , n: binstrToB64(forgePrivkey.n)
@@ -49,7 +57,7 @@ function toForgePrivateKey(forgePrivkey) {
 // It takes SEVERAL seconds even on a nice macbook pro
 function generateRsaKeypair(bitlen, exp, cb) {
   var pki = forge.pki;
-  var keypair = pki.rsa.generateKeyPair({ bits: bitlen, e: exp });
+  var keypair = pki.rsa.generateKeyPair({ bits: bitlen || 2048, e: exp || 65537 });
   var pems = {
     publicKeyPem: pki.publicKeyToPem(keypair.publicKey)     // ascii PEM: ----BEGIN...
   , privateKeyPem: pki.privateKeyToPem(keypair.privateKey)  // ascii PEM: ----BEGIN...

lib/letsencrypt-ursa.js

@@ -9,28 +9,42 @@ var crypto = require('crypto');
 var ursa = require('ursa');
 var forge = require('node-forge');
 
-function binstr2b64(binstr) {
+function binstrToB64(binstr) {
   return new Buffer(binstr, 'binary').toString('base64');
 }
 
+/*
+function b64ToBinstr(b64) {
+  return new Buffer(b64, 'base64').toString('binary');
+}
+*/
+
 function toAcmePrivateKey(privkeyPem) {
   var forgePrivkey = forge.pki.privateKeyFromPem(privkeyPem);
 
+  // required in node.js 4.2.2 (but not io.js 1.6.3)
+  Object.keys(forgePrivkey).forEach(function (k) {
+    var val = forgePrivkey[k];
+    if (val && val.toByteArray) {
+      forgePrivkey[k] = val.toByteArray();
+    }
+  });
+
   return {
     kty: "RSA"
-  , n: binstr2b64(forgePrivkey.n)
+  , n: binstrToB64(forgePrivkey.n)
-  , e: binstr2b64(forgePrivkey.e)
+  , e: binstrToB64(forgePrivkey.e)
-  , d: binstr2b64(forgePrivkey.d)
+  , d: binstrToB64(forgePrivkey.d)
-  , p: binstr2b64(forgePrivkey.p)
+  , p: binstrToB64(forgePrivkey.p)
-  , q: binstr2b64(forgePrivkey.q)
+  , q: binstrToB64(forgePrivkey.q)
-  , dp: binstr2b64(forgePrivkey.dP)
+  , dp: binstrToB64(forgePrivkey.dP)
-  , dq: binstr2b64(forgePrivkey.dQ)
+  , dq: binstrToB64(forgePrivkey.dQ)
-  , qi: binstr2b64(forgePrivkey.qInv)
+  , qi: binstrToB64(forgePrivkey.qInv)
   };
 }
 
 function generateRsaKeypair(bitlen, exp, cb) {
-  var keypair = ursa.generatePrivateKey(bitlen /*|| 2048*/, exp /*65537*/);
+  var keypair = ursa.generatePrivateKey(bitlen || 2048, exp || 6553);
   var pems = {
     publicKeyPem: keypair.toPublicPem().toString('ascii')   // ascii PEM: ----BEGIN...
   , privateKeyPem: keypair.toPrivatePem().toString('ascii') // ascii PEM: ----BEGIN...

lib/register-new-account.js

@@ -106,20 +106,12 @@ module.exports.create = function (deps) {
           return handleErr(err, 'Couldn\'t POST agreement back to server', body);
         }
 
-        data = body;
+        if ('string' === typeof body || '{' === body[0] || '{' === String.fromCharCode(body[0])) {
-        // handle for node and browser
-        if ('string' === typeof body) {
           try {
-            data = JSON.parse(body);
+            data = JSON.parse(body.toString('utf8'));
           } catch(e) {
-            // ignore
+            cb(e);
-          }
+            return;
-        } else {
-          // might be a buffer
-          data = body.toString('utf8');
-          if (!(data.length > 10)) {
-            // probably json
-            data = body;
           }
         }