diff options
-rw-r--r-- | acme-encrypt.cabal | 4 | ||||
-rw-r--r-- | acme.hs | 8 | ||||
-rw-r--r-- | stack.yaml | 10 |
3 files changed, 12 insertions, 10 deletions
diff --git a/acme-encrypt.cabal b/acme-encrypt.cabal index 229fe77..55b94ff 100644 --- a/acme-encrypt.cabal +++ b/acme-encrypt.cabal | |||
@@ -23,8 +23,8 @@ executable acme-encrypt-exe | |||
23 | ghc-options: -threaded -rtsopts -with-rtsopts=-N -Wall | 23 | ghc-options: -threaded -rtsopts -with-rtsopts=-N -Wall |
24 | build-depends: base, | 24 | build-depends: base, |
25 | cryptonite, aeson, bytestring, base64-bytestring, SHA, | 25 | cryptonite, aeson, bytestring, base64-bytestring, SHA, |
26 | text, HsOpenSSL, process, wreq, lens, lens-aeson, | 26 | text, HsOpenSSL, wreq, lens, lens-aeson, |
27 | optparse-applicative, directory, mtl, process-extras, time | 27 | optparse-applicative, directory, mtl, time |
28 | -- , acme-encrypt | 28 | -- , acme-encrypt |
29 | default-language: Haskell2010 | 29 | default-language: Haskell2010 |
30 | 30 | ||
@@ -48,7 +48,6 @@ import OpenSSL.X509.Request | |||
48 | import Options.Applicative hiding (header) | 48 | import Options.Applicative hiding (header) |
49 | import qualified Options.Applicative as Opt | 49 | import qualified Options.Applicative as Opt |
50 | import System.Directory | 50 | import System.Directory |
51 | import System.Process.ByteString | ||
52 | 51 | ||
53 | stagingDirectoryUrl, liveDirectoryUrl :: String | 52 | stagingDirectoryUrl, liveDirectoryUrl :: String |
54 | liveDirectoryUrl = "https://acme-v01.api.letsencrypt.org/directory" | 53 | liveDirectoryUrl = "https://acme-v01.api.letsencrypt.org/directory" |
@@ -108,7 +107,7 @@ genKey privKeyFile = withOpenSSL $ do | |||
108 | pem <- writePKCS8PrivateKey kp Nothing | 107 | pem <- writePKCS8PrivateKey kp Nothing |
109 | writeFile privKeyFile pem | 108 | writeFile privKeyFile pem |
110 | 109 | ||
111 | genReq :: FilePath -> String -> IO ByteString | 110 | genReq :: FilePath -> String -> IO String |
112 | genReq domainKeyFile domain = withOpenSSL $ do | 111 | genReq domainKeyFile domain = withOpenSSL $ do |
113 | (Keys priv pub) <- readKeys domainKeyFile | 112 | (Keys priv pub) <- readKeys domainKeyFile |
114 | Just dig <- getDigestByName "SHA256" | 113 | Just dig <- getDigestByName "SHA256" |
@@ -117,10 +116,7 @@ genReq domainKeyFile domain = withOpenSSL $ do | |||
117 | setVersion req 0 | 116 | setVersion req 0 |
118 | setPublicKey req pub | 117 | setPublicKey req pub |
119 | signX509Req req priv (Just dig) | 118 | signX509Req req priv (Just dig) |
120 | pem <- writeX509Req req ReqNewFormat | 119 | writeX509ReqDER req |
121 | -- Sigh. No DER support for X509 reqs in HsOpenSSL. | ||
122 | (_, o, _) <- readProcessWithExitCode "openssl" (words "req -outform der") (encodeUtf8 $ T.pack pem) | ||
123 | return o | ||
124 | 120 | ||
125 | data Keys = Keys SomeKeyPair RSAPubKey | 121 | data Keys = Keys SomeKeyPair RSAPubKey |
126 | readKeys :: String -> IO Keys | 122 | readKeys :: String -> IO Keys |
@@ -1,17 +1,23 @@ | |||
1 | # For more information, see: https://github.com/commercialhaskell/stack/blob/release/doc/yaml_configuration.md | 1 | # For more information, see: https://github.com/commercialhaskell/stack/blob/release/doc/yaml_configuration.md |
2 | 2 | ||
3 | # Specifies the GHC version and set of packages available (e.g., lts-3.5, nightly-2015-09-21, ghc-7.10.2) | 3 | # Specifies the GHC version and set of packages available (e.g., lts-3.5, nightly-2015-09-21, ghc-7.10.2) |
4 | resolver: lts-4.1 | 4 | resolver: lts-4.2 |
5 | 5 | ||
6 | # Local packages, usually specified by relative directory name | 6 | # Local packages, usually specified by relative directory name |
7 | packages: | 7 | packages: |
8 | - '.' | 8 | - '.' |
9 | - location: | ||
10 | git: git@github.com:afcady/HSOpenSSL.git | ||
11 | commit: 217f85d1a5ab82e3d4791bfb9f841c9303d150c6 | ||
12 | extra-dep: true | ||
9 | 13 | ||
10 | # Packages to be pulled from upstream that are not in the resolver (e.g., acme-missiles-0.3) | 14 | # Packages to be pulled from upstream that are not in the resolver (e.g., acme-missiles-0.3) |
11 | extra-deps: [] | 15 | extra-deps: [] |
12 | 16 | ||
13 | # Override default flag values for local packages and extra-deps | 17 | # Override default flag values for local packages and extra-deps |
14 | flags: {} | 18 | flags: |
19 | HsOpenSSL: | ||
20 | fast-bignum: false | ||
15 | 21 | ||
16 | # Extra package databases containing global packages | 22 | # Extra package databases containing global packages |
17 | extra-package-dbs: [] | 23 | extra-package-dbs: [] |