1Panel/backend/utils/ssl/acme.go

package ssl

import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"github.com/go-acme/lego/v4/certcrypto"
	"github.com/go-acme/lego/v4/lego"
	"github.com/go-acme/lego/v4/registration"
)

func GetPrivateKey(priKey *rsa.PrivateKey) []byte {
	derStream := x509.MarshalPKCS1PrivateKey(priKey)
	block := &pem.Block{
		Type:  "privateKey",
		Bytes: derStream,
	}
	return pem.EncodeToMemory(block)
}

func NewRegisterClient(email string) (*AcmeClient, error) {

	priKey, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		panic(err)
	}
	myUser := &AcmeUser{
		Email: email,
		key:   priKey,
	}
	config := newConfig(myUser)
	client, err := lego.NewClient(config)
	if err != nil {
		return nil, err
	}
	reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
	if err != nil {
		return nil, err
	}
	myUser.Registration = reg

	acmeClient := &AcmeClient{
		User:   myUser,
		Client: client,
		Config: config,
	}

	return acmeClient, nil
}

func NewPrivateKeyClient(email string, privateKey string) (*AcmeClient, error) {

	block, _ := pem.Decode([]byte(privateKey))
	priKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		return nil, err
	}
	myUser := &AcmeUser{
		Email: email,
		key:   priKey,
	}
	config := newConfig(myUser)
	client, err := lego.NewClient(config)
	if err != nil {
		return nil, err
	}
	reg, err := client.Registration.ResolveAccountByKey()
	if err != nil {
		return nil, err
	}
	myUser.Registration = reg

	acmeClient := &AcmeClient{
		User:   myUser,
		Client: client,
		Config: config,
	}

	return acmeClient, nil
}

func newConfig(user *AcmeUser) *lego.Config {
	config := lego.NewConfig(user)
	config.CADirURL = "https://acme-v02.api.letsencrypt.org/directory"
	config.UserAgent = "acm_go/0.0.1"
	config.Certificate.KeyType = certcrypto.RSA2048

	return config
}
feat: 增加acme util，增加DNS账号管理 2022-11-10 17:44:38 +08:00			`package ssl`

			`import (`
			`"crypto/rand"`
			`"crypto/rsa"`
			`"crypto/x509"`
			`"encoding/pem"`
			`"github.com/go-acme/lego/v4/certcrypto"`
			`"github.com/go-acme/lego/v4/lego"`
			`"github.com/go-acme/lego/v4/registration"`
			`)`

			`func GetPrivateKey(priKey *rsa.PrivateKey) []byte {`
			`derStream := x509.MarshalPKCS1PrivateKey(priKey)`
			`block := &pem.Block{`
			`Type: "privateKey",`
			`Bytes: derStream,`
			`}`
			`return pem.EncodeToMemory(block)`
			`}`

			`func NewRegisterClient(email string) (*AcmeClient, error) {`

			`priKey, err := rsa.GenerateKey(rand.Reader, 2048)`
			`if err != nil {`
			`panic(err)`
			`}`
			`myUser := &AcmeUser{`
			`Email: email,`
			`key: priKey,`
			`}`
			`config := newConfig(myUser)`
			`client, err := lego.NewClient(config)`
			`if err != nil {`
			`return nil, err`
			`}`
			`reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})`
			`if err != nil {`
			`return nil, err`
			`}`
			`myUser.Registration = reg`

			`acmeClient := &AcmeClient{`
			`User: myUser,`
			`Client: client,`
			`Config: config,`
			`}`

			`return acmeClient, nil`
			`}`

			`func NewPrivateKeyClient(email string, privateKey string) (*AcmeClient, error) {`

			`block, _ := pem.Decode([]byte(privateKey))`
			`priKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)`
			`if err != nil {`
			`return nil, err`
			`}`
			`myUser := &AcmeUser{`
			`Email: email,`
			`key: priKey,`
			`}`
			`config := newConfig(myUser)`
			`client, err := lego.NewClient(config)`
			`if err != nil {`
			`return nil, err`
			`}`
			`reg, err := client.Registration.ResolveAccountByKey()`
			`if err != nil {`
			`return nil, err`
			`}`
			`myUser.Registration = reg`

			`acmeClient := &AcmeClient{`
			`User: myUser,`
			`Client: client,`
			`Config: config,`
			`}`

			`return acmeClient, nil`
			`}`

			`func newConfig(user AcmeUser) lego.Config {`
			`config := lego.NewConfig(user)`
			`config.CADirURL = "https://acme-v02.api.letsencrypt.org/directory"`
			`config.UserAgent = "acm_go/0.0.1"`
			`config.Certificate.KeyType = certcrypto.RSA2048`

			`return config`
			`}`