diff options
author | Andrew Cady <d@jerkface.net> | 2016-01-22 18:37:03 -0500 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2016-01-22 18:37:03 -0500 |
commit | f599e81c7a5625a79d56a14d03e6e36e12dbebd7 (patch) | |
tree | 39551bb580e4fd1a0a2b791dec0ec32a45c34ef3 | |
parent | 15d6572b9fa0ff6b0105eaa26583f496b18f78b4 (diff) |
move key reading function into exported library
-rw-r--r-- | acme.hs | 14 | ||||
-rw-r--r-- | src/Network/ACME.hs | 9 |
2 files changed, 12 insertions, 11 deletions
@@ -111,7 +111,7 @@ genKey privKeyFile = withOpenSSL $ do | |||
111 | 111 | ||
112 | genReq :: FilePath -> String -> IO String | 112 | genReq :: FilePath -> String -> IO String |
113 | genReq domainKeyFile domain = withOpenSSL $ do | 113 | genReq domainKeyFile domain = withOpenSSL $ do |
114 | (Keys priv pub) <- readKeys domainKeyFile | 114 | Just (Keys priv pub) <- readKeyFile domainKeyFile |
115 | Just dig <- getDigestByName "SHA256" | 115 | Just dig <- getDigestByName "SHA256" |
116 | req <- newX509Req | 116 | req <- newX509Req |
117 | setSubjectName req [("CN", domain)] | 117 | setSubjectName req [("CN", domain)] |
@@ -120,11 +120,8 @@ genReq domainKeyFile domain = withOpenSSL $ do | |||
120 | signX509Req req priv (Just dig) | 120 | signX509Req req priv (Just dig) |
121 | writeX509ReqDER req | 121 | writeX509ReqDER req |
122 | 122 | ||
123 | readKeys :: String -> IO Keys | 123 | readKeyFile :: FilePath -> IO (Maybe Keys) |
124 | readKeys privKeyFile = do | 124 | readKeyFile = readFile >=> readKeys |
125 | priv <- readFile privKeyFile >>= flip readPrivateKey PwTTY | ||
126 | pub <- rsaCopyPublic $ fromMaybe (error "Error: failed to parse RSA key.") (toKeyPair priv :: Maybe RSAKeyPair) | ||
127 | return $ Keys priv pub | ||
128 | 125 | ||
129 | data ChallengeRequest = ChallengeRequest { crUri :: String, crToken :: ByteString, crThumbToken :: ByteString } | 126 | data ChallengeRequest = ChallengeRequest { crUri :: String, crToken :: ByteString, crThumbToken :: ByteString } |
130 | 127 | ||
@@ -147,7 +144,7 @@ go CmdOpts{..} = do | |||
147 | doesDirectoryExist optDomain `otherwiseM` createDirectory domainDir | 144 | doesDirectoryExist optDomain `otherwiseM` createDirectory domainDir |
148 | doesFileExist domainKeyFile `otherwiseM` genKey domainKeyFile | 145 | doesFileExist domainKeyFile `otherwiseM` genKey domainKeyFile |
149 | 146 | ||
150 | keys <- readKeys privKeyFile | 147 | Just keys <- readKeyFile privKeyFile |
151 | 148 | ||
152 | doesFileExist domainCSRFile `otherwiseM` genReq domainKeyFile optDomain >>= writeFile domainCSRFile | 149 | doesFileExist domainCSRFile `otherwiseM` genReq domainKeyFile optDomain >>= writeFile domainCSRFile |
153 | 150 | ||
@@ -247,9 +244,6 @@ data Directory = Directory { | |||
247 | } | 244 | } |
248 | newtype Nonce = Nonce String | 245 | newtype Nonce = Nonce String |
249 | 246 | ||
250 | runTest :: ACME b -> IO b | ||
251 | runTest t = readKeys "rsa.key" >>= flip (runACME stagingDirectoryUrl) t | ||
252 | |||
253 | getDirectory :: WS.Session -> String -> IO (Maybe (Directory, Nonce)) | 247 | getDirectory :: WS.Session -> String -> IO (Maybe (Directory, Nonce)) |
254 | getDirectory sess url = do | 248 | getDirectory sess url = do |
255 | r <- WS.get sess url | 249 | r <- WS.get sess url |
diff --git a/src/Network/ACME.hs b/src/Network/ACME.hs index f8135e6..2481163 100644 --- a/src/Network/ACME.hs +++ b/src/Network/ACME.hs | |||
@@ -6,6 +6,7 @@ | |||
6 | 6 | ||
7 | module Network.ACME ( | 7 | module Network.ACME ( |
8 | Keys(..), | 8 | Keys(..), |
9 | readKeys, | ||
9 | thumbprint, | 10 | thumbprint, |
10 | JWK(..), | 11 | JWK(..), |
11 | toStrict, | 12 | toStrict, |
@@ -51,7 +52,13 @@ import OpenSSL.PEM | |||
51 | import OpenSSL.RSA | 52 | import OpenSSL.RSA |
52 | import OpenSSL.X509.Request | 53 | import OpenSSL.X509.Request |
53 | 54 | ||
54 | data Keys = Keys SomeKeyPair RSAPubKey | 55 | data Keys = Keys RSAKeyPair RSAPubKey |
56 | readKeys :: String -> IO (Maybe Keys) | ||
57 | readKeys privKeyData = do | ||
58 | keypair :: SomeKeyPair <- readPrivateKey privKeyData PwTTY | ||
59 | let (priv :: Maybe RSAKeyPair) = toKeyPair keypair | ||
60 | pub :: Maybe RSAPubKey <- maybe (return Nothing) (fmap Just . rsaCopyPublic) priv | ||
61 | return $ Keys <$> priv <*> pub | ||
55 | 62 | ||
56 | -------------------------------------------------------------------------------- | 63 | -------------------------------------------------------------------------------- |
57 | -- | Sign return a payload with a nonce-protected header. | 64 | -- | Sign return a payload with a nonce-protected header. |