aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--client.go10
-rw-r--r--crypto.go13
2 files changed, 19 insertions, 4 deletions
diff --git a/client.go b/client.go
index f8c5aab..170f007 100644
--- a/client.go
+++ b/client.go
@@ -216,11 +216,13 @@ func (c *Client) Authorize(a *Account, domain []string) error {
switch resp.StatusCode {
case http.StatusCreated:
for _, ch := range r.Challenges {
- if ch.Type == ChallengeHTTP {
+ if canSolve[ch.Type] {
+ t, _ := Thumb(ch.Token, a.PrivKey)
ans := &Challenge{
- Resource: ResChallenge,
- Type: ch.Type,
- Token: ch.Token,
+ Resource: ResChallenge,
+ Type: ch.Type,
+ Token: ch.Token,
+ KeyAuthorization: t,
}
_, err = c.post(ch.URI, a, ans)
}
diff --git a/crypto.go b/crypto.go
index b2173e1..bce5b2a 100644
--- a/crypto.go
+++ b/crypto.go
@@ -1,13 +1,17 @@
package acme
import (
+ "crypto"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"crypto/x509/pkix"
+ "encoding/base64"
"encoding/pem"
"io"
"io/ioutil"
+
+ "github.com/square/go-jose"
)
func LoadKey(r io.Reader) (*rsa.PrivateKey, error) {
@@ -42,3 +46,12 @@ func NewCSR(altnames []string, key *rsa.PrivateKey) ([]byte, error) {
}
return x509.CreateCertificateRequest(rand.Reader, &tmpl, key)
}
+
+func Thumb(token string, key *rsa.PrivateKey) (string, error) {
+ k := &jose.JsonWebKey{Key: key, Algorithm: "RSA"}
+ t, err := k.Thumbprint(crypto.SHA256)
+ if err != nil {
+ return "", err
+ }
+ return token + "." + base64.RawStdEncoding.EncodeToString(t), nil
+}