aboutsummaryrefslogtreecommitdiff
path: root/account.go
diff options
context:
space:
mode:
Diffstat (limited to 'account.go')
-rw-r--r--account.go38
1 files changed, 29 insertions, 9 deletions
diff --git a/account.go b/account.go
index 7766893..1fd0efd 100644
--- a/account.go
+++ b/account.go
@@ -3,7 +3,9 @@ package acme
import (
"crypto/rand"
"crypto/rsa"
+ "errors"
"fmt"
+ "net/http"
"net/mail"
"github.com/square/go-jose"
@@ -12,34 +14,36 @@ import (
type Account struct {
Contact []string `json:"contact"`
PrivKey *rsa.PrivateKey `json:"key"`
- Signer jose.Signer `json:"-"`
+ signer jose.Signer
+ nonce chan string
}
-func NewAccount(email string, bits int) (Account, error) {
+func NewAccount(email string, bits int) (*Account, error) {
m, err := mail.ParseAddress(email)
if err != nil {
- return Account{}, err
+ return nil, err
}
key, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
- return Account{}, err
+ return nil, err
}
- return Account{
+ return &Account{
Contact: []string{"mailto:" + m.Address},
PrivKey: key,
+ nonce: make(chan string, 100),
}, nil
}
func (a *Account) Sign(msg []byte) ([]byte, error) {
- if a.Signer == nil {
+ if a.signer == nil {
signer, err := jose.NewSigner(jose.RS256, a.PrivKey)
if err != nil {
return nil, err
}
- signer.SetNonceSource(nonces)
- a.Signer = signer
+ signer.SetNonceSource(a)
+ a.signer = signer
}
- obj, err := a.Signer.Sign(msg)
+ obj, err := a.signer.Sign(msg)
return []byte(obj.FullSerialize()), err
}
@@ -51,3 +55,19 @@ func (a *Account) ParseSigned(msg []byte) ([]byte, error) {
}
return obj.Verify(&a.PrivKey.PublicKey)
}
+
+var errNoNonces = errors.New("No nonces available")
+
+// Nonce implements jose nonce provider
+func (a Account) Nonce() (string, error) {
+ if nonce, ok := <-a.nonce; ok {
+ return nonce, nil
+ }
+ return "", errNoNonces
+}
+
+func (a Account) parseNonce(r *http.Response) {
+ if nonce := r.Header.Get("Replay-Nonce"); nonce != "" {
+ a.nonce <- nonce
+ }
+}