From e600438aebbb3ee375090ce46d401fd07ff0add4 Mon Sep 17 00:00:00 2001 From: xenolf Date: Fri, 12 Jun 2015 00:13:43 +0200 Subject: [PATCH] Extract JWS to its own struct --- acme/client.go | 37 ++++++++----------------------------- acme/jws.go | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 29 deletions(-) create mode 100644 acme/jws.go diff --git a/acme/client.go b/acme/client.go index 29b28264..9ba405b8 100644 --- a/acme/client.go +++ b/acme/client.go @@ -1,7 +1,6 @@ package acme import ( - "bytes" "crypto/rsa" "encoding/json" "errors" @@ -12,8 +11,6 @@ import ( "os" "regexp" "strings" - - "github.com/square/go-jose" ) // Logger is used to log errors; if nil, the default log.Logger is used. @@ -44,6 +41,7 @@ type solver interface { type Client struct { regURL string user User + jws *jws Solvers map[string]solver } @@ -53,33 +51,14 @@ func NewClient(caURL string, usr User) *Client { logger().Fatalf("Could not validate the private account key of %s -> %v", usr.GetEmail(), err) } + jws := &jws{privKey: usr.GetPrivateKey()} + // REVIEW: best possibility? solvers := make(map[string]solver) - solvers["simpleHttp"] = &simpleHTTPChallenge{} + solvers["simpleHttp"] = &simpleHTTPChallenge{jws: jws} solvers["dvsni"] = &dvsniChallenge{} - return &Client{regURL: caURL, user: usr} -} - -// Posts a JWS signed message to the specified URL -func (c *Client) jwsPost(url string, content []byte) (*http.Response, error) { - signer, err := jose.NewSigner(jose.RS256, c.user.GetPrivateKey()) - if err != nil { - return nil, err - } - - signed, err := signer.Sign(content) - if err != nil { - return nil, err - } - signedContent := signed.FullSerialize() - - resp, err := http.Post(url, "application/json", bytes.NewBuffer([]byte(signedContent))) - if err != nil { - return nil, err - } - - return resp, err + return &Client{regURL: caURL, user: usr, jws: jws} } // Register the current account to the ACME server. @@ -90,7 +69,7 @@ func (c *Client) Register() (*RegistrationResource, error) { return nil, err } - resp, err := c.jwsPost(c.regURL, jsonBytes) + resp, err := c.jws.post(c.regURL, jsonBytes) if err != nil { return nil, err } @@ -135,7 +114,7 @@ func (c *Client) AgreeToTos() error { logger().Printf("Agreement: %s", string(jsonBytes)) - resp, err := c.jwsPost(c.user.GetRegistration().URI, jsonBytes) + resp, err := c.jws.post(c.user.GetRegistration().URI, jsonBytes) if err != nil { return err } @@ -183,7 +162,7 @@ func (c *Client) getChallenges(domains []string) []*authorizationResource { return } - resp, err := c.jwsPost(c.user.GetRegistration().NewAuthzURL, jsonBytes) + resp, err := c.jws.post(c.user.GetRegistration().NewAuthzURL, jsonBytes) if err != nil { errc <- err return diff --git a/acme/jws.go b/acme/jws.go new file mode 100644 index 00000000..a0052b14 --- /dev/null +++ b/acme/jws.go @@ -0,0 +1,34 @@ +package acme + +import ( + "bytes" + "crypto/rsa" + "net/http" + + "github.com/square/go-jose" +) + +type jws struct { + privKey *rsa.PrivateKey +} + +// Posts a JWS signed message to the specified URL +func (j *jws) post(url string, content []byte) (*http.Response, error) { + signer, err := jose.NewSigner(jose.RS256, j.privKey) + if err != nil { + return nil, err + } + + signed, err := signer.Sign(content) + if err != nil { + return nil, err + } + signedContent := signed.FullSerialize() + + resp, err := http.Post(url, "application/json", bytes.NewBuffer([]byte(signedContent))) + if err != nil { + return nil, err + } + + return resp, err +}