WIP TLS-SNI-01

[ci skip]
2015-11-19 15:26:23 +01:00 · 2015-11-19 15:26:23 +01:00 · e8d64bb50b
commit e8d64bb50b
parent 6a803c6265
3 changed files with 45 additions and 1 deletions
--- a/acme/dvsni_challenge.go
+++ b/acme/dvsni_challenge.go
@ -1 +0,0 @@
-package acme
--- a/acme/messages.go
+++ b/acme/messages.go
@ -80,6 +80,7 @@ type challenge struct {
 	Token            string `json:"token,omitempty"`
 	KeyAuthorization string `json:"keyAuthorization,omitempty"`
 	TLS              bool   `json:"tls,omitempty"`
+	Iterations       int    `json:"n,omitempty"`
 }

 type csrMessage struct {
--- a/acme/tls_sni_challenge.go
+++ b/acme/tls_sni_challenge.go
@ -0,0 +1,44 @@
+package acme
+
+import (
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/hex"
+	"net"
+)
+
+type tlsSNIChallenge struct {
+	jws     *jws
+	optPort string
+	start   chan net.Listener
+	end     chan error
+}
+
+func (t *tlsSNIChallenge) Solve(chlng challenge, domain string) error {
+
+	logf("[INFO] acme: Trying to solve TLS-SNI-01")
+
+	// Generate the Key Authorization for the challenge
+	keyAuth, err := getKeyAuthorization(chlng.Token, &t.jws.privKey.PublicKey)
+	if err != nil {
+		return err
+	}
+
+	zet := make([]string, chlng.Iterations)
+
+	zetBytes := sha256.Sum256([]byte(keyAuth))
+	zet[0] = hex.EncodeToString(zetBytes[:sha256.Size])
+	for i := 1; i < chlng.Iterations; i++ {
+		zetBytes = sha256.Sum256([]byte(zet[i-1]))
+		zet[i] = hex.EncodeToString(zetBytes[:sha256.Size])
+	}
+
+	certificates, err := t.generateCertificates(zet)
+
+	return nil
+}
+
+func (t *tlsSNIChallenge) generateCertificates(zet []string) ([]*x509.Certificate, error) {
+	
+	return nil, nil
+}