From c510952c88bcb2305d4e2ab5764b9dd93e353cd1 Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Wed, 9 Dec 2015 19:23:19 -0800 Subject: [PATCH] s/privateKeyPem/accountKeyPem --- src/acme.js | 62 ++++++++++++++++++++++++++--------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/src/acme.js b/src/acme.js index ef595ff1c..856b035a2 100644 --- a/src/acme.js +++ b/src/acme.js @@ -73,13 +73,13 @@ function b64(str) { return urlBase64Encode(buf.toString('base64')); } -function sendSignedRequest(url, privateKeyPem, payload, callback) { +function sendSignedRequest(url, accountKeyPem, payload, callback) { assert.strictEqual(typeof url, 'string'); - assert(util.isBuffer(privateKeyPem)); + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof payload, 'string'); assert.strictEqual(typeof callback, 'function'); - var privateKey = ursa.createPrivateKey(privateKeyPem); + var privateKey = ursa.createPrivateKey(accountKeyPem); var header = { alg: 'RS256', @@ -118,8 +118,8 @@ function sendSignedRequest(url, privateKeyPem, payload, callback) { }); } -function registerUser(privateKeyPem, email, callback) { - assert(util.isBuffer(privateKeyPem)); +function registerUser(accountKeyPem, email, callback) { + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof email, 'string'); assert.strictEqual(typeof callback, 'function'); @@ -131,7 +131,7 @@ function registerUser(privateKeyPem, email, callback) { debug('registerUser: %s', email); - sendSignedRequest(CA_STAGING + '/acme/new-reg', privateKeyPem, JSON.stringify(payload), function (error, result) { + sendSignedRequest(CA_STAGING + '/acme/new-reg', accountKeyPem, JSON.stringify(payload), function (error, result) { if (error) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, 'Network error when registering user: ' + error.message)); if (result.statusCode === 409) return callback(new AcmeError(AcmeError.ALREADY_EXISTS, result.body.detail)); if (result.statusCode !== 201) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, util.format('Failed to register user. Expecting 201, got %s %s', result.statusCode, result.text))); @@ -142,8 +142,8 @@ function registerUser(privateKeyPem, email, callback) { }); } -function registerDomain(privateKeyPem, domain, callback) { - assert(util.isBuffer(privateKeyPem)); +function registerDomain(accountKeyPem, domain, callback) { + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof domain, 'string'); assert.strictEqual(typeof callback, 'function'); @@ -157,7 +157,7 @@ function registerDomain(privateKeyPem, domain, callback) { debug('registerDomain: %s', domain); - sendSignedRequest(CA_STAGING + '/acme/new-authz', privateKeyPem, JSON.stringify(payload), function (error, result) { + sendSignedRequest(CA_STAGING + '/acme/new-authz', accountKeyPem, JSON.stringify(payload), function (error, result) { if (error) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, 'Network error when registering domain: ' + error.message)); if (result.statusCode === 403) return callback(new AcmeError(AcmeError.FORBIDDEN, result.body.detail)); if (result.statusCode !== 201) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, util.format('Failed to register user. Expecting 201, got %s %s', result.statusCode, result.text))); @@ -168,8 +168,8 @@ function registerDomain(privateKeyPem, domain, callback) { }); } -function prepareHttpChallenge(privateKeyPem, challenge, callback) { - assert(util.isBuffer(privateKeyPem)); +function prepareHttpChallenge(accountKeyPem, challenge, callback) { + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof challenge, 'object'); assert.strictEqual(typeof callback, 'function'); @@ -177,7 +177,7 @@ function prepareHttpChallenge(privateKeyPem, challenge, callback) { var token = challenge.token; - var privateKey = ursa.createPrivateKey(privateKeyPem); + var privateKey = ursa.createPrivateKey(accountKeyPem); var jwk = { e: b64(privateKey.getExponent()), @@ -199,8 +199,8 @@ function prepareHttpChallenge(privateKeyPem, challenge, callback) { }); } -function notifyChallengeReady(privateKeyPem, challenge, callback) { - assert(util.isBuffer(privateKeyPem)); +function notifyChallengeReady(accountKeyPem, challenge, callback) { + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof challenge, 'object'); assert.strictEqual(typeof callback, 'function'); @@ -213,7 +213,7 @@ function notifyChallengeReady(privateKeyPem, challenge, callback) { keyAuthorization: keyAuthorization }; - sendSignedRequest(challenge.uri, privateKeyPem, JSON.stringify(payload), function (error, result) { + sendSignedRequest(challenge.uri, accountKeyPem, JSON.stringify(payload), function (error, result) { if (error) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, 'Network error when notifying challenge: ' + error.message)); if (result.statusCode !== 202) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, util.format('Failed to notify challenge. Expecting 202, got %s %s', result.statusCode, result.text))); @@ -250,8 +250,8 @@ function waitForChallenge(challenge, callback) { } // https://community.letsencrypt.org/t/public-beta-rate-limits/4772 for rate limits -function signCertificate(privateKeyPem, certificateDer, callback) { - assert(util.isBuffer(privateKeyPem)); +function signCertificate(accountKeyPem, certificateDer, callback) { + assert(util.isBuffer(accountKeyPem)); assert(util.isBuffer(certificateDer)); assert.strictEqual(typeof callback, 'function'); @@ -262,7 +262,7 @@ function signCertificate(privateKeyPem, certificateDer, callback) { debug('signCertificate: signing %s', payload.csr); - sendSignedRequest(CA_STAGING + '/acme/new-cert', privateKeyPem, JSON.stringify(payload), function (error, result) { + sendSignedRequest(CA_STAGING + '/acme/new-cert', accountKeyPem, JSON.stringify(payload), function (error, result) { if (error) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, 'Network error when signing certificate: ' + error.message)); if (result.statusCode !== 201) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, util.format('Failed to sign certificate. Expecting 201, got %s %s', result.statusCode, result.text))); @@ -273,16 +273,16 @@ function signCertificate(privateKeyPem, certificateDer, callback) { }); } -function acmeFlow(domain, email, privateKeyPem, callback) { +function acmeFlow(domain, email, accountKeyPem, callback) { assert.strictEqual(typeof domain, 'string'); assert.strictEqual(typeof email, 'string'); - assert(util.isBuffer(privateKeyPem)); + assert(util.isBuffer(accountKeyPem)); assert.strictEqual(typeof callback, 'function'); - registerUser(privateKeyPem, email, function (error) { + registerUser(accountKeyPem, email, function (error) { if (error && error.reason !== AcmeError.ALREADY_EXISTS) return callback(error); - registerDomain(privateKeyPem, domain, function (error, result) { + registerDomain(accountKeyPem, domain, function (error, result) { if (error) return callback(error); debug('getCertificate: challenges: %j', result); @@ -291,10 +291,10 @@ function acmeFlow(domain, email, privateKeyPem, callback) { if (httpChallenges.length === 0) return callback(new AcmeError(AcmeError.EXTERNAL_ERROR, 'no http challenges')); var challenge = httpChallenges[0]; - prepareHttpChallenge(privateKeyPem, challenge, function (error) { + prepareHttpChallenge(accountKeyPem, challenge, function (error) { if (error) return callback(error); - notifyChallengeReady(privateKeyPem, challenge, function (error) { + notifyChallengeReady(accountKeyPem, challenge, function (error) { if (error) return callback(error); waitForChallenge(challenge, function (error) { @@ -306,7 +306,7 @@ function acmeFlow(domain, email, privateKeyPem, callback) { var certificateDer = safe.execSync(util.format('openssl req -nodes -outform DER -subj /CN=%s', domain), { stdio: [ serverKey, null, null ] }); if (!certificateDer) return callback(new AcmeError(AcmeError.INTERNAL_ERROR, safe.error)); - signCertificate(privateKeyPem, certificateDer, function (error, certificateDer) { + signCertificate(accountKeyPem, certificateDer, function (error, certificateDer) { if (error) return callback(error); var certificatePem = safe.execSync('openssl x509 -inform DER -outform PEM', { stdio: [ certificateDer, null, null ] }); @@ -323,19 +323,19 @@ function acmeFlow(domain, email, privateKeyPem, callback) { function getCertificate(domain, callback) { var email = 'admin@' + config.fqdn(); - var privateKeyPem; + var accountKeyPem; if (!fs.existsSync(paths.ACME_ACCOUNT_KEY_FILE)) { debug('getCertificate: generating acme account key on first run'); - privateKeyPem = safe.execSync('openssl genrsa 4096'); - if (!privateKeyPem) return callback(new AcmeError(AcmeError.INTERNAL_ERROR, safe.error)); + accountKeyPem = safe.execSync('openssl genrsa 4096'); + if (!accountKeyPem) return callback(new AcmeError(AcmeError.INTERNAL_ERROR, safe.error)); - safe.fs.writeFileSync(paths.ACME_ACCOUNT_KEY_FILE, privateKeyPem); + safe.fs.writeFileSync(paths.ACME_ACCOUNT_KEY_FILE, accountKeyPem); } else { - privateKeyPem = fs.readFileSync(paths.ACME_ACCOUNT_KEY_FILE); + accountKeyPem = fs.readFileSync(paths.ACME_ACCOUNT_KEY_FILE); } - acmeFlow(domain, email, privateKeyPem, callback); + acmeFlow(domain, email, accountKeyPem, callback); } getCertificate('foobar.girish.in', function (error, key, cert) {