Compare commits

..

41 Commits
v1.x ... master

Author SHA1 Message Date
AJ ONeal 2fd9678ab5 v2.1.4: update links and urls 2018-11-20 14:39:54 -07:00
AJ ONeal 7a6c2ae573 v2.1.3 2018-05-12 16:54:19 -06:00
AJ ONeal 4758dc2bd2 remove unused package 2018-05-12 16:53:44 -06:00
AJ ONeal d28d82130c Update 'README.md' 2018-04-18 16:16:50 +00:00
AJ ONeal 3a41c3006c update rsa-compat 2018-03-21 15:21:53 -06:00
AJ ONeal bfe1737b9b Update 'README.md' 2018-01-12 02:43:04 +00:00
Tim Caswell 9172d4c98e Bump version to 2.1.1 2017-06-28 12:52:22 -05:00
Tim Caswell 530b25f691 Merge branch 'remove-url-warning' into 'master'
Remove warning about unknown keys in le urls

See merge request !6
2017-06-28 09:59:08 -06:00
Tim Caswell d85f4070f3 Remove warning about unknown keys in le urls 2017-06-27 12:34:52 -05:00
tigerbot 51bcc1f20a v2.1.0 2017-04-26 18:50:21 -06:00
tigerbot f79c62032c Merge remote-tracking branch 'MaitreyaBuddha/master' into master 2017-04-26 16:55:55 -06:00
tigerbot 3ed2d45d3d Merge remote-tracking branch 'MaitreyaBuddha/userAgent' into master 2017-04-14 13:16:30 -06:00
tigerbot d0e20a44cd renamed httpsOptions to tlsOptions 2017-04-10 14:21:09 -06:00
Kelly Johnson 10978ab99a https://git.daplie.com/Daplie/le-acme-core/issues/17
Add User-Agent header to request object used by le-acme-core.
Expose options to add/remove information from header
Add mocha tests
2017-03-11 13:49:12 -08:00
Kelly Johnson 72fb7b7c07 https://git.daplie.com/Daplie/le-acme-core/issues/20
example/letsencrypt.js now “works” up until the point of not having a server to give proper challenge response
2017-03-11 11:36:07 -08:00
Drew Warren 72646ced80 v2.0.9 2017-01-17 13:50:35 -07:00
Drew Warren 9f01021948 Change GitHub to GitLab 2017-01-17 13:49:59 -07:00
Drew Warren f63070ce54 v2.0.8 2017-01-17 12:49:45 -07:00
Drew Warren 6126222e8f Merge branch 'dev' into 'master'
Separate handling errors

Closes #16

See merge request !2
2017-01-17 19:09:40 +00:00
Drew Warren 7288d14fac Separate handling errors
Prevent res.body from being called if res is not defined.
Close #16
2017-01-17 12:01:02 -07:00
AJ ONeal 681c0edc71 Merge branch 'master' into 'master'
Add key-change URL support

See merge request !1
2017-01-16 23:02:15 +00:00
Rodrigo López Dato f350ae44c1
Add key-change URL support
Fixes warning when retrieving LE URLs on staging or prod
2017-01-12 19:37:34 -03:00
AJ ONeal 6b1b168e5a auto-update banner 2016-12-30 02:40:45 -07:00
AJ ONeal a97c5933d6 auto-update ad 2016-12-30 00:52:44 -07:00
AJ ONeal a8b9817415 Update README.md 2016-11-25 10:38:39 -07:00
AJ ONeal fe635a965c whitespace 2016-09-02 09:27:31 -06:00
AJ ONeal 8436b615cb v2.0.7 2016-09-02 09:22:25 -06:00
AJ ONeal fbaa77cb4c update deps for #12 2016-09-02 09:22:18 -06:00
AJ ONeal 528cec03a8 v2.0.6 2016-08-11 08:41:33 -06:00
AJ ONeal e3d4add0b9 fix https://github.com/Daplie/letsencrypt-cli/issues/20, use corret error object e instead of err 2016-08-11 08:41:30 -06:00
AJ ONeal 218497ab0e fix link 2016-08-09 16:02:47 -04:00
AJ ONeal 764c614940 v2.0.5 2016-08-09 16:02:01 -04:00
AJ ONeal 80613b98e2 update deps 2016-08-09 16:01:56 -04:00
AJ ONeal 4050bd2a82 v2.0.4 2016-08-09 15:58:36 -04:00
AJ ONeal 17df564f69 minor cleanup 2016-08-09 15:58:11 -04:00
AJ ONeal 60e4ed8f7b fix deps scope 2016-08-08 19:04:31 -04:00
AJ ONeal 420351da62 export defaults and change quotes 2016-08-08 16:55:06 -04:00
AJ ONeal 903ebf0491 remove deprecated uses 2016-08-08 14:12:23 -04:00
AJ ONeal 4c7c21a751 link to letiny-core 2016-08-08 12:04:44 -06:00
AJ ONeal 01f283b7fd add getOptions 2016-08-08 12:02:53 -06:00
AJ ONeal c1513fe120 letiny-core -> le-acme-core 2016-08-08 11:58:08 -06:00
18 changed files with 318 additions and 165 deletions

2
.gitignore vendored
View File

@ -29,3 +29,5 @@ build/Release
# Dependency directory # Dependency directory
# https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git # https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git
node_modules node_modules
.idea
.DS_Store

View File

@ -1,3 +1,3 @@
ISRG ISRG
Anatol Sommer <anatol@anatol.at> Anatol Sommer <anatol@anatol.at>
AJ ONeal <aj@daplie.com> (https://daplie.com/) AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)

102
README.md
View File

@ -1,4 +1,8 @@
# letiny-core # le-acme-core
Looking for **letiny-core**? Check the [v1.x branch](https://git.coolaj86.com/coolaj86/le-acme-core.js/tree/v1.x).
<!-- rename to le-acme-core -->
A framework for building letsencrypt clients, forked from `letiny`. A framework for building letsencrypt clients, forked from `letiny`.
@ -9,19 +13,44 @@ Supports all of:
* browser WebCrypto (not implemented, but... Let's Encrypt over WebRTC anyone?) * browser WebCrypto (not implemented, but... Let's Encrypt over WebRTC anyone?)
* any javascript implementation * any javascript implementation
# NEW: Let's Encrypt v2 Support
Let's Encrypt v2 (aka ACME v2 or ACME draft 11) is available in [acme-v2.js](https://git.coolaj86.com/coolaj86/acme-v2.js)
### These aren't the droids you're looking for ### These aren't the droids you're looking for
This is a library / framework for building letsencrypt clients. This is a library / framework for building letsencrypt clients.
You probably want one of these pre-built clients instead: You probably want one of these pre-built clients instead:
* [`letsencrypt`](https://github.com/Daplie/node-letsencrypt) (compatible with the official client) * [`letsencrypt`](https://git.coolaj86.com/coolaj86/greenlock.js) (compatible with the official client)
* `letiny` (lightweight client cli) * `letiny` (lightweight client cli)
* [`letsencrypt-express`](https://github.com/Daplie/letsencrypt-express) (automatic https for express) * [`letsencrypt-express`](https://git.coolaj86.com/coolaj86/greenlock-express.js) (automatic https for express)
## Install & Usage: ## Install & Usage:
```bash ```bash
npm install --save letiny-core npm install --save le-acme-core
```
To use the default dependencies:
```javascript
'use strict';
var ACME = require('le-acme-core').ACME.create();
```
For **testing** and **development**, you can also inject the dependencies you want to use:
```javascript
'use strict';
var ACME = require('le-acme-core').ACME.create({
, RSA: require('rsa-compat').RSA
});
ACME.getAcmeUrls(discoveryUrl, function (err, urls) {
console.log(urls);
});
``` ```
You will follow these steps to obtain certificates: You will follow these steps to obtain certificates:
@ -49,12 +78,12 @@ Note: use **YOUR EMAIL** and accept the terms of service (run `ddns --help` to s
<!-- TODO tutorial on ddns --> <!-- TODO tutorial on ddns -->
Install letiny-core and its dependencies. **Note**: it's okay if you're on windows Install le-acme-core and its dependencies. **Note**: it's okay if you're on windows
and `ursa` fails to compile. It'll still work. and `ursa` fails to compile. It'll still work.
```bash ```bash
git clone https://github.com/Daplie/letiny-core.git ~/letiny-core git clone https://git.coolaj86.com/coolaj86/le-acme-core.js.git ~/le-acme-core
pushd ~/letiny-core pushd ~/le-acme-core
npm install npm install
``` ```
@ -73,7 +102,7 @@ The Goodies
```javascript ```javascript
// Accounts // Accounts
LeCore.registerNewAccount(options, cb) // returns "regr" registration data ACME.registerNewAccount(options, cb) // returns "regr" registration data
{ newRegUrl: '<url>' // no defaults, specify acmeUrls.newAuthz { newRegUrl: '<url>' // no defaults, specify acmeUrls.newAuthz
, email: '<email>' // valid email (server checks MX records) , email: '<email>' // valid email (server checks MX records)
@ -84,7 +113,7 @@ LeCore.registerNewAccount(options, cb) // returns "regr" registration dat
} }
// Registration // Registration
LeCore.getCertificate(options, cb) // returns (err, pems={ privkey (key), cert, chain (ca) }) ACME.getCertificate(options, cb) // returns (err, pems={ privkey (key), cert, chain (ca) })
{ newAuthzUrl: '<url>' // specify acmeUrls.newAuthz { newAuthzUrl: '<url>' // specify acmeUrls.newAuthz
, newCertUrl: '<url>' // specify acmeUrls.newCert , newCertUrl: '<url>' // specify acmeUrls.newCert
@ -102,49 +131,32 @@ LeCore.getCertificate(options, cb) // returns (err, pems={ privkey (k
} }
// Discovery URLs // Discovery URLs
LeCore.getAcmeUrls(acmeDiscoveryUrl, cb) // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert}) ACME.getAcmeUrls(acmeDiscoveryUrl, cb) // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert})
``` ```
Helpers & Stuff Helpers & Stuff
```javascript ```javascript
// Constants // Constants
LeCore.productionServerUrl // https://acme-v01.api.letsencrypt.org/directory ACME.productionServerUrl // https://acme-v01.api.letsencrypt.org/directory
LeCore.stagingServerUrl // https://acme-staging.api.letsencrypt.org/directory ACME.stagingServerUrl // https://acme-staging.api.letsencrypt.org/directory
LeCore.acmeChallengePrefix // /.well-known/acme-challenge/ ACME.acmeChallengePrefix // /.well-known/acme-challenge/
LeCore.configDir // /etc/letsencrypt/ ACME.knownEndpoints // new-authz, new-cert, new-reg, revoke-cert
LeCore.logsDir // /var/log/letsencrypt/
LeCore.workDir // /var/lib/letsencrypt/
LeCore.knownEndpoints // new-authz, new-cert, new-reg, revoke-cert
// HTTP Client Helpers // HTTP Client Helpers
LeCore.Acme // Signs requests with JWK ACME.Acme // Signs requests with JWK
acme = new Acme(keypair) // 'keypair' is an object with `privateKeyPem` and/or `privateKeyJwk` acme = new Acme(keypair) // 'keypair' is an object with `privateKeyPem` and/or `privateKeyJwk`
acme.post(url, body, cb) // POST with signature acme.post(url, body, cb) // POST with signature
acme.parseLinks(link) // (internal) parses 'link' header acme.parseLinks(link) // (internal) parses 'link' header
acme.getNonce(url, cb) // (internal) HEAD request to get 'replay-nonce' strings acme.getNonce(url, cb) // (internal) HEAD request to get 'replay-nonce' strings
``` ```
For testing and development, you can also inject the dependencies you want to use:
```javascript
LeCore = LeCore.create({
request: require('request')
, RSA: rquire('rsa-compat').RSA
});
// now uses node `request` (could also use jQuery or Angular in the browser)
LeCore.getAcmeUrls(discoveryUrl, function (err, urls) {
console.log(urls);
});
```
## Example ## Example
Below you'll find a stripped-down example. You can see the full example in the example folder. Below you'll find a stripped-down example. You can see the full example in the example folder.
* [example/](https://github.com/Daplie/letiny-core/blob/master/example/) * [example/](https://git.coolaj86.com/coolaj86/le-acme-core.js/blob/master/example/)
#### Register Account & Domain #### Register Account & Domain
@ -153,12 +165,12 @@ This is how you **register an ACME account** and **get an HTTPS certificate**
```javascript ```javascript
'use strict'; 'use strict';
var LeCore = require('letiny-core'); var ACME = require('le-acme-core').ACME.create();
var RSA = require('rsa-compat').RSA; var RSA = require('rsa-compat').RSA;
var email = 'user@example.com'; // CHANGE TO YOUR EMAIL var email = 'user@example.com'; // CHANGE TO YOUR EMAIL
var domains = 'example.com'; // CHANGE TO YOUR DOMAIN var domains = 'example.com'; // CHANGE TO YOUR DOMAIN
var acmeDiscoveryUrl = LeCore.stagingServerUrl; // CHANGE to production, when ready var acmeDiscoveryUrl = ACME.stagingServerUrl; // CHANGE to production, when ready
var accountKeypair = null; // { privateKeyPem: null, privateKeyJwk: null }; var accountKeypair = null; // { privateKeyPem: null, privateKeyJwk: null };
var domainKeypair = null; // same as above var domainKeypair = null; // same as above
@ -167,14 +179,14 @@ var acmeUrls = null;
RSA.generateKeypair(2048, 65537, function (err, keypair) { RSA.generateKeypair(2048, 65537, function (err, keypair) {
accountKeypair = keypair; accountKeypair = keypair;
// ... // ...
LeCore.getAcmeUrls(acmeDiscoveryUrl, function (err, urls) { ACME.getAcmeUrls(acmeDiscoveryUrl, function (err, urls) {
// ... // ...
runDemo(); runDemo();
}); });
}); });
function runDemo() { function runDemo() {
LeCore.registerNewAccount( ACME.registerNewAccount(
{ newRegUrl: acmeUrls.newReg { newRegUrl: acmeUrls.newReg
, email: email , email: email
, accountKeypair: accountKeypair , accountKeypair: accountKeypair
@ -186,7 +198,7 @@ function runDemo() {
} }
, function (err, regr) { , function (err, regr) {
LeCore.getCertificate( ACME.getCertificate(
{ newAuthzUrl: acmeUrls.newAuthz { newAuthzUrl: acmeUrls.newAuthz
, newCertUrl: acmeUrls.newCert , newCertUrl: acmeUrls.newCert
@ -214,7 +226,7 @@ function runDemo() {
``` ```
**But wait**, there's more! **But wait**, there's more!
See [example/letsencrypt.js](https://github.com/Daplie/letiny-core/blob/master/example/letsencrypt.js) See [example/letsencrypt.js](https://git.coolaj86.com/coolaj86/le-acme-core.js/blob/master/example/letsencrypt.js)
#### Run a Server on 80, 443, and 5001 (https/tls) #### Run a Server on 80, 443, and 5001 (https/tls)
@ -227,7 +239,7 @@ var http = require('http');
var LeCore = deps.LeCore; var LeCore = deps.LeCore;
var httpsOptions = deps.httpsOptions; var tlsOptions = deps.tlsOptions;
var challengeStore = deps.challengeStore; var challengeStore = deps.challengeStore;
var certStore = deps.certStore; var certStore = deps.certStore;
@ -252,7 +264,7 @@ function acmeResponder(req, res) {
// //
// Server // Server
// //
https.createServer(httpsOptions, acmeResponder).listen(5001, function () { https.createServer(tlsOptions, acmeResponder).listen(5001, function () {
console.log('Listening https on', this.address()); console.log('Listening https on', this.address());
}); });
http.createServer(acmeResponder).listen(80, function () { http.createServer(acmeResponder).listen(80, function () {
@ -261,7 +273,7 @@ http.createServer(acmeResponder).listen(80, function () {
``` ```
**But wait**, there's more! **But wait**, there's more!
See [example/serve.js](https://github.com/Daplie/letiny-core/blob/master/example/serve.js) See [example/serve.js](https://git.coolaj86.com/coolaj86/le-acme-core.js/blob/master/example/serve.js)
#### Put some storage in place #### Put some storage in place
@ -302,14 +314,14 @@ var certStore = {
**But wait**, there's more! **But wait**, there's more!
See See
* [example/challenge-store.js](https://github.com/Daplie/letiny-core/blob/master/challenge-store.js) * [example/challenge-store.js](https://git.coolaj86.com/coolaj86/le-acme-core.js/blob/master/challenge-store.js)
* [example/cert-store.js](https://github.com/Daplie/letiny-core/blob/master/cert-store.js) * [example/cert-store.js](https://git.coolaj86.com/coolaj86/le-acme-core.js/blob/master/cert-store.js)
## Authors ## Authors
* ISRG * ISRG
* Anatol Sommer (https://github.com/anatolsommer) * Anatol Sommer (https://github.com/anatolsommer)
* AJ ONeal <aj@daplie.com> (https://daplie.com) * AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com)
## Licence ## Licence

View File

@ -1,6 +1,6 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';

View File

@ -1,6 +1,6 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';

View File

@ -1,12 +1,12 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';
//var LeCore = require('letiny-core'); //var LeCore = require('letiny-core');
var LeCore = require('../'); var LeCore = require('../').ACME.create();
var email = process.argv[2] || 'user@example.com'; // CHANGE TO YOUR EMAIL var email = process.argv[2] || 'user@example.com'; // CHANGE TO YOUR EMAIL
var domains = [process.argv[3] || 'example.com']; // CHANGE TO YOUR DOMAIN var domains = [process.argv[3] || 'example.com']; // CHANGE TO YOUR DOMAIN
@ -17,8 +17,8 @@ var certStore = require('./cert-store');
var serve = require('./serve'); var serve = require('./serve');
var closer; var closer;
var accountPrivateKeyPem = null; var accountKeypair = null;
var domainPrivateKeyPem = null; var domainKeypair = null;
var acmeUrls = null; var acmeUrls = null;
@ -44,14 +44,14 @@ function init() {
function getPrivateKeys(cb) { function getPrivateKeys(cb) {
console.log('Generating Account Keypair'); console.log('Generating Account Keypair');
console.log("(Note: if you're using forge and not ursa, this will take a long time"); const RSA = require('rsa-compat').RSA;
LeCore.leCrypto.generateRsaKeypair(2048, 65537, function (err, pems) { RSA.generateKeypair(2048, 65537, {}, function (err, pems) {
accountPrivateKeyPem = pems.privateKeyPem; accountKeypair = pems;
console.log('Generating Domain Keypair'); console.log('Generating Domain Keypair');
LeCore.leCrypto.generateRsaKeypair(2048, 65537, function (err, pems) { RSA.generateKeypair(2048, 65537, {}, function (err, pems2) {
domainPrivateKeyPem = pems.privateKeyPem; domainKeypair = pems2;
cb(); cb();
}); });
}); });
@ -62,7 +62,7 @@ function runDemo() {
LeCore.registerNewAccount( LeCore.registerNewAccount(
{ newRegUrl: acmeUrls.newReg { newRegUrl: acmeUrls.newReg
, email: email , email: email
, accountPrivateKeyPem: accountPrivateKeyPem , accountKeypair: accountKeypair
, agreeToTerms: function (tosUrl, done) { , agreeToTerms: function (tosUrl, done) {
// agree to the exact version of these terms // agree to the exact version of these terms
@ -82,8 +82,8 @@ function runDemo() {
{ newAuthzUrl: acmeUrls.newAuthz { newAuthzUrl: acmeUrls.newAuthz
, newCertUrl: acmeUrls.newCert , newCertUrl: acmeUrls.newCert
, domainPrivateKeyPem: domainPrivateKeyPem , domainKeypair: domainKeypair
, accountPrivateKeyPem: accountPrivateKeyPem , accountKeypair: accountKeypair
, domains: domains , domains: domains
, setChallenge: challengeStore.set , setChallenge: challengeStore.set
@ -111,8 +111,7 @@ function runDemo() {
// //
closer = serve.init({ closer = serve.init({
LeCore: LeCore LeCore: LeCore
// needs a default key and cert chain, anything will do , tlsOptions: {}
, httpsOptions: require('localhost.daplie.com-certificates')
, challengeStore: challengeStore , challengeStore: challengeStore
, certStore: certStore , certStore: certStore
}); });

View File

@ -1,6 +1,6 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';
@ -15,7 +15,7 @@ module.exports.init = function (deps) {
var LeCore = deps.LeCore; var LeCore = deps.LeCore;
var httpsOptions = deps.httpsOptions; var tlsOptions = deps.tlsOptions || deps.httpsOptions;
var challengeStore = deps.challengeStore; var challengeStore = deps.challengeStore;
var certStore = deps.certStore; var certStore = deps.certStore;
@ -63,11 +63,11 @@ module.exports.init = function (deps) {
// //
// Server // Server
// //
httpsOptions.SNICallback = certGetter; tlsOptions.SNICallback = certGetter;
https.createServer(httpsOptions, acmeResponder).listen(443, function () { https.createServer(tlsOptions, acmeResponder).listen(443, function () {
console.log('Listening https on', this.address()); console.log('Listening https on', this.address());
}); });
https.createServer(httpsOptions, acmeResponder).listen(5001, function () { https.createServer(tlsOptions, acmeResponder).listen(5001, function () {
console.log('Listening https on', this.address()); console.log('Listening https on', this.address());
}); });
http.createServer(acmeResponder).listen(80, function () { http.createServer(acmeResponder).listen(80, function () {

View File

@ -11,7 +11,7 @@ module.exports.create = function (deps) {
var NOOP = function () { var NOOP = function () {
}; };
var log = NOOP; var log = NOOP;
var request=require('request'); var acmeRequest = deps.acmeRequest;
var RSA = deps.RSA; var RSA = deps.RSA;
var generateSignature = RSA.signJws; var generateSignature = RSA.signJws;
@ -30,7 +30,7 @@ module.exports.create = function (deps) {
Acme.prototype.getNonce=function(url, cb) { Acme.prototype.getNonce=function(url, cb) {
var self=this; var self=this;
request.head({ acmeRequest.create().head({
url:url, url:url,
}, function(err, res/*, body*/) { }, function(err, res/*, body*/) {
if (err) { if (err) {
@ -73,10 +73,10 @@ module.exports.create = function (deps) {
//process.exit(1); //process.exit(1);
//return; //return;
return request.post({ return acmeRequest.create().post({
url:url, url: url
body:signed, , body: signed
encoding:null , encoding: null
}, function(err, res, body) { }, function(err, res, body) {
var parsed; var parsed;

View File

@ -1,17 +0,0 @@
/*!
* letiny
* Copyright(c) 2015 Anatol Sommer <anatol@anatol.at>
* Some code used from https://github.com/letsencrypt/boulder/tree/master/test/js
* MPL 2.0
*/
'use strict';
exports.Acme = require('./acme-client');
exports.registerNewAccount = require('./register-new-account');
exports.getCertificate = require('./get-certificate');
exports.getCert=function (options, cb) {
exports.registerNewAccount(options, function () {
exports.getCertificate(options, cb);
});
};

View File

@ -1,12 +1,12 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';
module.exports.create = function (deps) { module.exports.create = function (deps) {
var request = deps.request; var acmeRequest = deps.acmeRequest;
var knownUrls = deps.LeCore.knownEndpoints; var knownUrls = deps.LeCore.knownEndpoints;
function getAcmeUrls(acmeDiscoveryUrl, cb) { function getAcmeUrls(acmeDiscoveryUrl, cb) {
@ -15,7 +15,7 @@ module.exports.create = function (deps) {
} }
// TODO check response header on request for cache time // TODO check response header on request for cache time
return request({ return acmeRequest.create()({
url: acmeDiscoveryUrl url: acmeDiscoveryUrl
, encoding: 'utf8' , encoding: 'utf8'
}, function (err, resp) { }, function (err, resp) {
@ -30,18 +30,15 @@ module.exports.create = function (deps) {
try { try {
data = JSON.parse(data); data = JSON.parse(data);
} catch(e) { } catch(e) {
err.raw = data; e.raw = data;
err.stack += '\n' + data; e.url = acmeDiscoveryUrl;
e.stack += '\n\nresponse data:\n'
+ data + '\n\nacmeDiscoveryUrl:' + acmeDiscoveryUrl;
cb(e); cb(e);
return; return;
} }
} }
if (4 !== Object.keys(data).length) {
console.warn("This Let's Encrypt / ACME server has been updated with urls that this client doesn't understand");
console.warn(data);
}
if (!knownUrls.every(function (url) { if (!knownUrls.every(function (url) {
return data[url]; return data[url];
})) { })) {
@ -54,6 +51,7 @@ module.exports.create = function (deps) {
, newCert: data['new-cert'] , newCert: data['new-cert']
, newReg: data['new-reg'] , newReg: data['new-reg']
, revokeCert: data['revoke-cert'] , revokeCert: data['revoke-cert']
, keyChange: data['key-change']
}); });
}); });
} }

View File

@ -17,8 +17,14 @@ function _toStandardBase64(str) {
return b64; return b64;
} }
function certBufferToPem(cert) {
cert = _toStandardBase64(cert.toString('base64'));
cert = cert.match(/.{1,64}/g).join('\r\n');
return '-----BEGIN CERTIFICATE-----\r\n'+cert+'\r\n-----END CERTIFICATE-----\r\n';
}
module.exports.create = function (deps) { module.exports.create = function (deps) {
var request=deps.request; var acmeRequest = deps.acmeRequest;
var Acme = deps.Acme; var Acme = deps.Acme;
var RSA = deps.RSA; var RSA = deps.RSA;
@ -187,7 +193,7 @@ module.exports.create = function (deps) {
if (authz.status==='pending') { if (authz.status==='pending') {
setTimeout(function() { setTimeout(function() {
request({ acmeRequest.create()({
method: 'GET' method: 'GET'
, url: state.authorizationUrl , url: state.authorizationUrl
}, function(err, res, body) { }, function(err, res, body) {
@ -272,7 +278,7 @@ module.exports.create = function (deps) {
state.certificate=body; state.certificate=body;
certUrl=res.headers.location; certUrl=res.headers.location;
request({ acmeRequest.create()({
method: 'GET' method: 'GET'
, url: certUrl , url: certUrl
, encoding: null , encoding: null
@ -304,7 +310,7 @@ module.exports.create = function (deps) {
function downloadIssuerCert(links) { function downloadIssuerCert(links) {
log('Requesting issuer certificate...'); log('Requesting issuer certificate...');
request({ acmeRequest.create()({
method: 'GET' method: 'GET'
, url: links.up , url: links.up
, encoding: null , encoding: null
@ -402,11 +408,5 @@ module.exports.create = function (deps) {
nextDomain(); nextDomain();
} }
function certBufferToPem(cert) {
cert=_toStandardBase64(cert.toString('base64'));
cert=cert.match(/.{1,64}/g).join('\r\n');
return '-----BEGIN CERTIFICATE-----\r\n'+cert+'\r\n-----END CERTIFICATE-----\r\n';
}
return getCert; return getCert;
}; };

72
lib/le-acme-request.js Normal file
View File

@ -0,0 +1,72 @@
/*!
* le-acme-core
* Author: Kelly Johnson
* Copyright 2017
* Apache-2.0 OR MIT (and hence also MPL 2.0)
*/
'use strict';
const request = require('request');
const pkgJSON = require('../package.json');
const version = pkgJSON.version;
const os = require('os');
const uaDefaults = {
pkg: `Greenlock/${version}`
, os: ` (${os.type()}; ${process.arch} ${os.platform()} ${os.release()})`
, node: ` Node.js/${process.version}`
, user: ''
}
let currentUAProps;
function getUaString() {
let userAgent = '';
for (let key in currentUAProps) {
userAgent += currentUAProps[key];
}
return userAgent.trim();
}
function getRequest() {
return request.defaults({
headers: {
'User-Agent': getUaString()
}
});
}
function resetUa() {
currentUAProps = {};
for (let key in uaDefaults) {
currentUAProps[key] = uaDefaults[key];
}
}
function addUaString(string) {
currentUAProps.user += ` ${string}`;
}
function omitUaProperties(opts) {
if (opts.all) {
currentUAProps = {};
} else {
for (let key in opts) {
currentUAProps[key] = '';
}
}
}
// Set our UA to begin with
resetUa();
module.exports = {
create: function create() {
// get deps and modify here if need be
return getRequest();
}
, addUaString: addUaString
, omitUaProperties: omitUaProperties
, resetUa: resetUa
, getUaString: getUaString
};

View File

@ -1,12 +0,0 @@
/*!
* letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com
* Apache-2.0 OR MIT (and hence also MPL 2.0)
*/
'use strict';
var request = require('request');
var RSA = require('rsa-compat').RSA;
module.exports.request = request;
module.exports.RSA = RSA;

View File

@ -8,7 +8,7 @@
'use strict'; 'use strict';
module.exports.create = function (deps) { module.exports.create = function (deps) {
var NOOP=function () {}, log=NOOP; var NOOP=function () {}, log=NOOP;
var request=deps.request; var acmeRequest = deps.acmeRequest;
var RSA = deps.RSA; var RSA = deps.RSA;
var Acme = deps.Acme; var Acme = deps.Acme;
@ -24,7 +24,11 @@ module.exports.create = function (deps) {
function getTerms(err, res) { function getTerms(err, res) {
var links; var links;
if (err || Math.floor(res.statusCode/100)!==2) { if (err) {
return handleErr(err, 'Registration request failed: ' + err.toString());
}
if (Math.floor(res.statusCode/100)!==2) {
return handleErr(err, 'Registration request failed: ' + res.body.toString('utf8')); return handleErr(err, 'Registration request failed: ' + res.body.toString('utf8'));
} }
@ -51,7 +55,7 @@ module.exports.create = function (deps) {
state.agreeTerms = agree; state.agreeTerms = agree;
state.termsUrl=links['terms-of-service']; state.termsUrl=links['terms-of-service'];
log(state.termsUrl); log(state.termsUrl);
request.get(state.termsUrl, getAgreement); acmeRequest.create().get(state.termsUrl, getAgreement);
}); });
} else { } else {
cb(null, null); cb(null, null);

57
node.js
View File

@ -1,30 +1,53 @@
/*! /*!
* letiny-core * letiny-core
* Copyright(c) 2015 AJ ONeal <aj@daplie.com> https://daplie.com * Copyright(c) 2015 AJ ONeal <coolaj86@gmail.com> https://coolaj86.com
* Apache-2.0 OR MIT (and hence also MPL 2.0) * Apache-2.0 OR MIT (and hence also MPL 2.0)
*/ */
'use strict'; 'use strict';
var defaults = {
productionServerUrl: 'https://acme-v01.api.letsencrypt.org/directory'
, stagingServerUrl: 'https://acme-staging.api.letsencrypt.org/directory'
, acmeChallengePrefix: '/.well-known/acme-challenge/'
, knownEndpoints: [ 'new-authz', 'new-cert', 'new-reg', 'revoke-cert', 'key-change' ]
, challengeType: 'http-01'
, rsaKeySize: 2048
};
function create(deps) { function create(deps) {
var LeCore = {}; deps = deps || {};
deps.LeCore = {};
// Note: these are NOT DEFAULTS Object.keys(defaults).forEach(function (key) {
// They are de facto standards that you may deps[key] = defaults[key];
// or may not use in your implementation deps.LeCore[key] = defaults[key];
LeCore.productionServerUrl = "https://acme-v01.api.letsencrypt.org/directory"; });
LeCore.stagingServerUrl = "https://acme-staging.api.letsencrypt.org/directory";
LeCore.acmeChallengePrefix = "/.well-known/acme-challenge/";
LeCore.knownEndpoints = [ 'new-authz', 'new-cert', 'new-reg', 'revoke-cert' ];
deps.LeCore = LeCore; deps.RSA = deps.RSA || require('rsa-compat').RSA;
deps.Acme = LeCore.Acme = require('./lib/acme-client').create(deps); deps.acmeRequest = require('./lib/le-acme-request');
deps.Acme = require('./lib/acme-client').create(deps);
LeCore.getAcmeUrls = require('./lib/get-acme-urls').create(deps); deps.LeCore.Acme = deps.Acme;
LeCore.registerNewAccount = require('./lib/register-new-account').create(deps); deps.LeCore.acmeRequest = deps.acmeRequest;
LeCore.getCertificate = require('./lib/get-certificate').create(deps); deps.LeCore.getAcmeUrls = require('./lib/get-acme-urls').create(deps);
deps.LeCore.registerNewAccount = require('./lib/register-new-account').create(deps);
deps.LeCore.getCertificate = require('./lib/get-certificate').create(deps);
deps.LeCore.getOptions = function () {
var defs = {};
return LeCore; Object.keys(defaults).forEach(function (key) {
defs[key] = defs[deps] || defaults[key];
});
return defs;
};
return deps.LeCore;
} }
module.exports = create(require('./lib/node')); // TODO make this the official usage
module.exports.create = create; module.exports.ACME = { create: create };
Object.keys(defaults).forEach(function (key) {
module.exports.ACME[key] = defaults[key];
});

View File

@ -1,6 +1,6 @@
{ {
"name": "letiny-core", "name": "le-acme-core",
"version": "2.0.3", "version": "2.1.4",
"description": "A framework for building letsencrypt clients, forked from letiny", "description": "A framework for building letsencrypt clients, forked from letiny",
"main": "node.js", "main": "node.js",
"browser": "browser.js", "browser": "browser.js",
@ -8,36 +8,34 @@
"example": "example", "example": "example",
"test": "test" "test": "test"
}, },
"scripts": {
"test": "node example/letsencrypt.js"
},
"repository": { "repository": {
"type": "git", "type": "git",
"url": "git+https://github.com/Daplie/letiny-core.git" "url": "git+https://git.coolaj86.com/coolaj86/le-acme-core.js.git"
}, },
"license": "MPL-2.0", "license": "MPL-2.0",
"bugs": { "bugs": {
"url": "https://github.com/Daplie/letiny-core/issues" "url": "https://git.coolaj86.com/coolaj86/le-acme-core.js/issues"
}, },
"homepage": "https://github.com/Daplie/letiny-core#readme", "homepage": "https://git.coolaj86.com/coolaj86/le-acme-core.js#readme",
"keywords": [ "keywords": [
"le-acme",
"le-acme-",
"tiny", "tiny",
"acme", "acme",
"letsencrypt", "letsencrypt",
"client", "client",
"pem", "pem",
"jwk",
"pfx" "pfx"
], ],
"dependencies": { "dependencies": {
"node-forge": "^0.6.38", "request": "^2.74.0",
"request": "^2.55.0", "rsa-compat": "^1.3.2"
"rsa-compat": "^1.2.3"
},
"optionalDependencies": {
"ursa": "^0.9.1"
}, },
"devDependencies": { "devDependencies": {
"mocha": "^2.3.3", "better-assert": "^1.0.2",
"better-assert": "^1.0.2" "chai": "^3.5.0",
"chai-string": "^1.3.0",
"request-debug": "^0.2.0"
} }
} }

74
test/test-request.js Normal file
View File

@ -0,0 +1,74 @@
/*!
* le-acme-core
* Author: Kelly Johnson
* Copyright 2017
* Apache-2.0 OR MIT (and hence also MPL 2.0)
*/
'use strict';
const acmeRequest = require('../lib/le-acme-request');
const debugRequest = require('request-debug');
const chai = require('chai');
chai.use(require('chai-string'));
const expect = chai.expect;
const productId = 'Greenlock';
const UA = 'User-Agent';
function checkRequest(req, done, tester) {
debugRequest(req, function dbg(type, data, r) {
if (type !== 'request') return; // Only interested in the request
expect(data.headers).to.have.property(UA);
let uaString = data.headers[UA];
tester(uaString);
req.stopDebugging();
done();
});
req('http://www.google.com', function (error, response, body) {
});
}
describe('le-acme-request', function () {
beforeEach(function () {
acmeRequest.resetUa();
});
it('should build User-Agent string', function () {
let uaString = acmeRequest.getUaString();
expect(uaString).to.startsWith(productId);
});
it('should have proper User-Agent in request', function (done) {
let request = acmeRequest.create();
checkRequest(request, done, function (uaString) {
expect(uaString).to.startsWith(productId);
});
});
it('should add custom string to User Agent', function (done) {
let testStr = 'check it';
acmeRequest.addUaString(testStr);
let request = acmeRequest.create();
checkRequest(request, done, function (uaString) {
// Added space to ensure str was properly appended
expect(uaString).to.endsWith(` ${testStr}`);
});
});
it('should remove all items from User Agent', function (done) {
acmeRequest.omitUaProperties({all: true});
let request = acmeRequest.create();
checkRequest(request, done, function (uaString) {
expect(uaString).to.be.empty;
});
});
it('should remove one item from User Agent', function (done) {
acmeRequest.omitUaProperties({pkg: true});
const request = acmeRequest.create();
checkRequest(request, done, function (uaString) {
expect(uaString).to.not.have.string(productId);
});
});
});

View File

@ -1,5 +1,5 @@
var forge=require('node-forge'), assert=require('better-assert'), fs=require('fs'), var forge=require('node-forge'), assert=require('better-assert'), fs=require('fs'),
letiny=require('../lib/client'), config=require('./config.json'), letiny=require('../'), config=require('./config.json'),
res, newReg='https://acme-staging.api.letsencrypt.org/acme/new-reg'; res, newReg='https://acme-staging.api.letsencrypt.org/acme/new-reg';
config.newReg=config.newReg || newReg; config.newReg=config.newReg || newReg;