move genReq into the library

author: Andrew Cady <d@jerkface.net> 2016-01-25 17:42:29 -0500
committer: Andrew Cady <d@jerkface.net> 2016-01-25 17:42:29 -0500
commit: 3fc632688205e46295803460b5e652751c803d59 (patch)
tree: 2ebe6903854018cb1d0c640b84807529fb6b6fa8 /src
parent: cf440860e186e7fd775ae27da08220d9fe5e233e (diff)
1 files changed, 19 insertions, 1 deletions
diff --git a/src/Network/ACME.hs b/src/Network/ACME.hs
index 5a66028..f6bffe2 100644
--- a/src/Network/ACME.hs
+++ b/src/Network/ACME.hs
@@ -31,14 +31,32 @@ import           Network.Wreq               (Response, checkStatus, defaults,
                                             statusMessage)
 import qualified Network.Wreq               as W
 import qualified Network.Wreq.Session       as WS
-import           OpenSSL.RSA
 import           System.Directory
 import           Text.Email.Validate
 import           Text.Domain.Validate hiding (validate)
 import           Network.URI
+import           OpenSSL
+import           OpenSSL.EVP.Digest
+import           OpenSSL.RSA
+import           OpenSSL.X509.Request
+import Data.List
 type HttpProvisioner = URI -> ByteString -> IO ()
+genReq :: Keys -> [DomainName] -> IO CSR
+genReq _ [] = error "genReq called with zero domains"
+genReq (Keys priv pub) domains@(domain:_) = withOpenSSL $ do
+  Just dig <- getDigestByName "SHA256"
+  req <- newX509Req
+  setSubjectName req [("CN", domainToString domain)]
+  setVersion req 0
+  setPublicKey req pub
+  void $ addExtensions req [(nidSubjectAltName, intercalate ", " (map (("DNS:" ++) . domainToString) domains))]
+  signX509Req req priv (Just dig)
+  CSR domains . toStrict <$> writeX509ReqDER req
+  where
+    nidSubjectAltName = 85
 fileProvisioner :: WritableDir -> HttpProvisioner
 fileProvisioner challengeDir = BC.writeFile . uToF
  where
author	Andrew Cady <d@jerkface.net>	2016-01-25 17:42:29 -0500
committer	Andrew Cady <d@jerkface.net>	2016-01-25 17:42:29 -0500
commit	3fc632688205e46295803460b5e652751c803d59 (patch)
tree	2ebe6903854018cb1d0c640b84807529fb6b6fa8 /src
parent	cf440860e186e7fd775ae27da08220d9fe5e233e (diff)

diff --git a/src/Network/ACME.hs b/src/Network/ACME.hs index 5a66028..f6bffe2 100644 --- a/src/Network/ACME.hs +++ b/src/Network/ACME.hs
@@ -31,14 +31,32 @@ import Network.Wreq (Response, checkStatus, defaults,
31	statusMessage)	31	statusMessage)
32	import qualified Network.Wreq as W	32	import qualified Network.Wreq as W
33	import qualified Network.Wreq.Session as WS	33	import qualified Network.Wreq.Session as WS
34	import OpenSSL.RSA
35	import System.Directory	34	import System.Directory
36	import Text.Email.Validate	35	import Text.Email.Validate
37	import Text.Domain.Validate hiding (validate)	36	import Text.Domain.Validate hiding (validate)
38	import Network.URI	37	import Network.URI
		38	import OpenSSL
		39	import OpenSSL.EVP.Digest
		40	import OpenSSL.RSA
		41	import OpenSSL.X509.Request
		42	import Data.List
39		43
40	type HttpProvisioner = URI -> ByteString -> IO ()	44	type HttpProvisioner = URI -> ByteString -> IO ()
41		45
		46	genReq :: Keys -> [DomainName] -> IO CSR
		47	genReq _ [] = error "genReq called with zero domains"
		48	genReq (Keys priv pub) domains@(domain:_) = withOpenSSL $ do
		49	Just dig <- getDigestByName "SHA256"
		50	req <- newX509Req
		51	setSubjectName req [("CN", domainToString domain)]
		52	setVersion req 0
		53	setPublicKey req pub
		54	void $ addExtensions req [(nidSubjectAltName, intercalate ", " (map (("DNS:" ++) . domainToString) domains))]
		55	signX509Req req priv (Just dig)
		56	CSR domains . toStrict <$> writeX509ReqDER req
		57	where
		58	nidSubjectAltName = 85
		59
42	fileProvisioner :: WritableDir -> HttpProvisioner	60	fileProvisioner :: WritableDir -> HttpProvisioner
43	fileProvisioner challengeDir = BC.writeFile . uToF	61	fileProvisioner challengeDir = BC.writeFile . uToF
44	where	62	where