aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-06 04:54:40 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-06 04:54:40 +0100
commit327e4172e4070e7ebbe4802220c82f93d6b54d95 (patch)
tree7ec66e6a4c0b3ece44227c650932b89db74b5226
parent7088b2b5670f662d396a9b3a2a6229f7856fb59f (diff)
Simplify KeyAuth
-rw-r--r--account.go49
-rw-r--r--challenge.go10
2 files changed, 31 insertions, 28 deletions
diff --git a/account.go b/account.go
index 4fa8cec..fa3351b 100644
--- a/account.go
+++ b/account.go
@@ -18,16 +18,36 @@ const KeySize = 2048
type Account struct {
key crypto.PrivateKey
signer jose.Signer
+ thumb string
}
-func NewAccount(key crypto.PrivateKey) (*Account, error) {
- switch k := key.(type) {
+func NewAccount(privKey crypto.PrivateKey) (*Account, error) {
+ thumb := func(alg string, pubKey crypto.PublicKey) (string, error) {
+ wk := &jose.JsonWebKey{Key: pubKey, Algorithm: alg}
+ t, err := wk.Thumbprint(crypto.SHA256)
+ return base64.RawURLEncoding.EncodeToString(t), err
+ }
+ switch k := privKey.(type) {
case *rsa.PrivateKey:
- signer, err := jose.NewSigner(jose.RS256, k)
- return &Account{key: k, signer: signer}, err
+ s, err := jose.NewSigner(jose.RS256, k)
+ if err != nil {
+ return nil, err
+ }
+ t, err := thumb("RSA", k.Public())
+ if err != nil {
+ return nil, err
+ }
+ return &Account{key: k, signer: s, thumb: t}, nil
case *ecdsa.PrivateKey:
- signer, err := jose.NewSigner(jose.ES384, k)
- return &Account{key: k, signer: signer}, err
+ s, err := jose.NewSigner(jose.ES384, k)
+ if err != nil {
+ return nil, err
+ }
+ t, err := thumb("EC", k.Public())
+ if err != nil {
+ return nil, err
+ }
+ return &Account{key: k, signer: s, thumb: t}, nil
default:
return nil, errKeyType
}
@@ -36,7 +56,7 @@ func NewAccount(key crypto.PrivateKey) (*Account, error) {
// Signer describes a signing interface
type Signer interface {
Sign([]byte, jose.NonceSource) (io.Reader, error)
- KeyAuth(string) (string, error)
+ KeyAuth(string) string
}
// Sign implements Signer interface
@@ -49,17 +69,6 @@ func (a *Account) Sign(msg []byte, n jose.NonceSource) (io.Reader, error) {
return strings.NewReader(obj.FullSerialize()), nil
}
-func (a *Account) KeyAuth(token string) (string, error) {
- var wk *jose.JsonWebKey
- switch k := a.key.(type) {
- case *rsa.PrivateKey:
- wk = &jose.JsonWebKey{Key: k.Public(), Algorithm: "RSA"}
- case *ecdsa.PrivateKey:
- wk = &jose.JsonWebKey{Key: k.Public(), Algorithm: "EC"}
- }
- thumb, err := wk.Thumbprint(crypto.SHA256)
- if err != nil {
- return "", err
- }
- return token + "." + base64.RawURLEncoding.EncodeToString(thumb), nil
+func (a *Account) KeyAuth(token string) string {
+ return token + "." + a.thumb
}
diff --git a/challenge.go b/challenge.go
index fa313b0..e7b28c2 100644
--- a/challenge.go
+++ b/challenge.go
@@ -37,18 +37,12 @@ const (
)
func (p *Provider) Solve(s Signer, ch Challenge, sol Solver) error {
- var err error
-
// update challenge
ch.Resource = ResChallenge
- ch.KeyAuthorization, err = s.KeyAuth(ch.Token)
- if err != nil {
- return err
- }
+ ch.KeyAuthorization = s.KeyAuth(ch.Token)
// prepare solver
- err = sol.Solve(ch)
- if err != nil {
+ if err := sol.Solve(ch); err != nil {
return err
}
defer sol.Solved()