From f599e81c7a5625a79d56a14d03e6e36e12dbebd7 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Fri, 22 Jan 2016 18:37:03 -0500
Subject: move key reading function into exported library

---
 acme.hs             | 14 ++++----------
 src/Network/ACME.hs |  9 ++++++++-
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/acme.hs b/acme.hs
index 8257390..69b0eb5 100644
--- a/acme.hs
+++ b/acme.hs
@@ -111,7 +111,7 @@ genKey privKeyFile = withOpenSSL $ do
 
 genReq :: FilePath -> String -> IO String
 genReq domainKeyFile domain = withOpenSSL $ do
-  (Keys priv pub) <- readKeys domainKeyFile
+  Just (Keys priv pub) <- readKeyFile domainKeyFile
   Just dig <- getDigestByName "SHA256"
   req <- newX509Req
   setSubjectName req [("CN", domain)]
@@ -120,11 +120,8 @@ genReq domainKeyFile domain = withOpenSSL $ do
   signX509Req req priv (Just dig)
   writeX509ReqDER req
 
-readKeys :: String -> IO Keys
-readKeys privKeyFile = do
-  priv <- readFile privKeyFile >>= flip readPrivateKey PwTTY
-  pub <- rsaCopyPublic $ fromMaybe (error "Error: failed to parse RSA key.") (toKeyPair priv :: Maybe RSAKeyPair)
-  return $ Keys priv pub
+readKeyFile :: FilePath -> IO (Maybe Keys)
+readKeyFile = readFile >=> readKeys
 
 data ChallengeRequest = ChallengeRequest { crUri :: String, crToken :: ByteString, crThumbToken :: ByteString }
 
@@ -147,7 +144,7 @@ go CmdOpts{..} = do
   doesDirectoryExist optDomain `otherwiseM` createDirectory domainDir
   doesFileExist domainKeyFile `otherwiseM` genKey domainKeyFile
 
-  keys <- readKeys privKeyFile
+  Just keys <- readKeyFile privKeyFile
 
   doesFileExist domainCSRFile `otherwiseM` genReq domainKeyFile optDomain >>= writeFile domainCSRFile
 
@@ -247,9 +244,6 @@ data Directory = Directory {
 }
 newtype Nonce = Nonce String
 
-runTest :: ACME b -> IO b
-runTest t = readKeys "rsa.key" >>= flip (runACME stagingDirectoryUrl) t
-
 getDirectory :: WS.Session -> String -> IO (Maybe (Directory, Nonce))
 getDirectory sess url = do
   r <- WS.get sess url
diff --git a/src/Network/ACME.hs b/src/Network/ACME.hs
index f8135e6..2481163 100644
--- a/src/Network/ACME.hs
+++ b/src/Network/ACME.hs
@@ -6,6 +6,7 @@
 
 module Network.ACME (
     Keys(..),
+    readKeys,
     thumbprint,
     JWK(..),
     toStrict,
@@ -51,7 +52,13 @@ import           OpenSSL.PEM
 import           OpenSSL.RSA
 import           OpenSSL.X509.Request
 
-data Keys = Keys SomeKeyPair RSAPubKey
+data Keys = Keys RSAKeyPair RSAPubKey
+readKeys :: String -> IO (Maybe Keys)
+readKeys privKeyData = do
+  keypair :: SomeKeyPair <- readPrivateKey privKeyData PwTTY
+  let (priv :: Maybe RSAKeyPair) = toKeyPair keypair
+  pub :: Maybe RSAPubKey <- maybe (return Nothing) (fmap Just . rsaCopyPublic) priv
+  return $ Keys <$> priv <*> pub
 
 --------------------------------------------------------------------------------
 -- | Sign return a payload with a nonce-protected header.
-- 
cgit v1.2.3