crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-26 07:41:33 +03:00
Code Activity

Move from_data method into client.

Browse Source
This commit is contained in:
Robert Kästel
2018-10-29 16:53:40 +01:00
parent ebd2af9ea0
commit 8963fae5dc
2 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
acme/acme/client.py
View File

@@ -16,6 +16,7 @@ from requests_toolbelt.adapters.source import SourceAddressAdapter
import requests import requests
from requests.adapters import HTTPAdapter from requests.adapters import HTTPAdapter
import sys import sys
import json
from acme import crypto_util from acme import crypto_util
from acme import errors from acme import errors
@@ -832,6 +833,35 @@ class BackwardsCompatibleClientV2(object):
""" """
return self.client.revoke(cert, rsn) return self.client.revoke(cert, rsn)
def build_new_registration(self, email, kid=None, hmac_key=None, phone=None, **kwargs):
"""Create registration resource from contact details."""
details = list(kwargs.pop('contact', ()))
if phone is not None:
details.append(messages.Registration.phone_prefix + phone)
if email is not None:
details.append(messages.Registration.email_prefix + email)
kwargs['contact'] = tuple(details)
if kid is not None and hmac_key is not None:
kwargs['external_account_binding'] = self.build_external_account_binding(kid, hmac_key)
return messages.NewRegistration(**kwargs)
def build_external_account_binding(self, kid, hmac_key):
account_public_key = self.client.net.key.public_key()
directory = self.client.directory
key_json = json.dumps(account_public_key.to_partial_json())
decoded_hmac_key = jose.b64.b64decode(hmac_key)
url = directory["newAccount"]
eab = jws.JWS.sign(key_json, jose.jwk.JWKOct(key=decoded_hmac_key),
jose.jwa.HS256, None,
url, kid)
return eab.to_partial_json()
def _acme_version_from_directory(self, directory): def _acme_version_from_directory(self, directory):
if hasattr(directory, 'newNonce'): if hasattr(directory, 'newNonce'):
return 2 return 2

9
certbot/client.py
View File

@@ -196,13 +196,10 @@ def perform_registration(acme, config, tos_cb):
if config.eab_kid is None or config.eab_hmac_key is None: if config.eab_kid is None or config.eab_hmac_key is None:
raise errors.Error("Server requires external account binding. Please use --eab-kid and --eab-hmac-key.") raise errors.Error("Server requires external account binding. Please use --eab-kid and --eab-hmac-key.")
account_public_key = acme.client.net.key.public_key()
try: try:
return acme.new_account_and_tos(messages.NewRegistration.from_data(account_public_key=account_public_key, return acme.new_account_and_tos(acme.build_new_registration(config.eab_kid,
kid=config.eab_kid, config.eab_hmac_key,
hmac_key=config.eab_hmac_key, config.email),
email=config.email,
directory=acme.client.directory),
tos_cb) tos_cb)
except messages.Error as e: except messages.Error as e:
if e.code == "invalidEmail" or e.code == "invalidContact": if e.code == "invalidEmail" or e.code == "invalidContact":