aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--certificate.go8
-rw-r--r--crypto.go12
-rw-r--r--desire.go13
-rw-r--r--provider.go6
4 files changed, 14 insertions, 25 deletions
diff --git a/certificate.go b/certificate.go
index 195d56f..439bfba 100644
--- a/certificate.go
+++ b/certificate.go
@@ -1,7 +1,5 @@
package acme
-import "crypto/x509"
-
type CSR struct {
Resource Resource `json:"resource"` // new-cert
CSR string `json:"csr"`
@@ -16,11 +14,11 @@ func (p *Provider) Bundle(s Signer, d *Desire) error {
if err != nil {
return err
}
- d.cert = []*x509.Certificate{crt, ca}
+ d.cert.Certificate = [][]byte{crt, ca}
return nil
}
-func (p *Provider) RequestCert(s Signer, d *Desire) (*x509.Certificate, string, error) {
+func (p *Provider) RequestCert(s Signer, d *Desire) ([]byte, string, error) {
csr, err := d.CSR()
if err != nil {
return nil, "", err
@@ -41,7 +39,7 @@ func (p *Provider) RequestCert(s Signer, d *Desire) (*x509.Certificate, string,
return crt, ns.Link["up"], nil
}
-func (p *Provider) GetCert(uri string) (*x509.Certificate, error) {
+func (p *Provider) GetCert(uri string) ([]byte, error) {
resp, err := p.Get(uri)
if err != nil {
return nil, err
diff --git a/crypto.go b/crypto.go
index 223446e..ae8227c 100644
--- a/crypto.go
+++ b/crypto.go
@@ -62,10 +62,10 @@ func saveKey(w io.Writer, key crypto.PrivateKey) error {
return pem.Encode(w, block)
}
-func saveCert(w io.Writer, crt *x509.Certificate) error {
+func saveCert(w io.Writer, cert []byte) error {
block := &pem.Block{
Type: pemCRT,
- Bytes: crt.Raw,
+ Bytes: cert,
}
return pem.Encode(w, block)
}
@@ -88,14 +88,6 @@ func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
return x509.ParseCertificates(block.Bytes)
}
-func readCert(r io.Reader) (*x509.Certificate, error) {
- der, err := ioutil.ReadAll(r)
- if err != nil {
- return nil, err
- }
- return x509.ParseCertificate(der)
-}
-
func CreatePrivFile(fname string) (io.WriteCloser, error) {
return createFile(fname, 0700)
}
diff --git a/desire.go b/desire.go
index f5dde99..4de3b64 100644
--- a/desire.go
+++ b/desire.go
@@ -1,9 +1,9 @@
package acme
import (
- "crypto"
"crypto/rand"
"crypto/rsa"
+ "crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/base64"
@@ -13,8 +13,7 @@ import (
type Desire struct {
altnames []string
- key crypto.PrivateKey
- cert []*x509.Certificate
+ cert tls.Certificate
solver map[ChalType]Solver
}
@@ -24,7 +23,7 @@ func NewDesire(altnames []string, size int) (*Desire, error) {
return nil, err
}
return &Desire{
- key: key,
+ cert: tls.Certificate{PrivateKey: key},
altnames: altnames,
solver: make(map[ChalType]Solver),
}, nil
@@ -62,7 +61,7 @@ func (d *Desire) saveKey(fname string) error {
return err
}
defer fd.Close()
- return saveKey(fd, d.key)
+ return saveKey(fd, d.cert.PrivateKey)
}
func (d *Desire) saveCert(fname string) error {
@@ -74,7 +73,7 @@ func (d *Desire) saveCert(fname string) error {
return err
}
defer fd.Close()
- for _, crt := range d.cert {
+ for _, crt := range d.cert.Certificate {
if err := saveCert(fd, crt); err != nil {
return err
}
@@ -89,7 +88,7 @@ func (d *Desire) CSR() (string, error) {
if len(d.altnames) > 1 {
tmpl.DNSNames = d.altnames
}
- der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, d.key)
+ der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, d.cert.PrivateKey)
if err != nil {
return "", err
}
diff --git a/provider.go b/provider.go
index 12b486e..2971188 100644
--- a/provider.go
+++ b/provider.go
@@ -1,9 +1,9 @@
package acme
import (
- "crypto/x509"
"encoding/json"
"errors"
+ "io/ioutil"
"net/http"
"regexp"
"time"
@@ -150,11 +150,11 @@ func parseJson(resp *http.Response, v interface{}) error {
}
}
-func parseCert(resp *http.Response) (*x509.Certificate, error) {
+func parseCert(resp *http.Response) ([]byte, error) {
defer resp.Body.Close()
switch resp.Header.Get("Content-Type") {
case mimePkix:
- return readCert(resp.Body)
+ return ioutil.ReadAll(resp.Body)
case mimeProblem:
return nil, problem(resp.Body)
default: