2018-04-27 01:11:13 +08:00
|
|
|
package acme
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto"
|
|
|
|
"crypto/ecdsa"
|
|
|
|
"crypto/elliptic"
|
|
|
|
"crypto/rand"
|
|
|
|
|
2019-07-29 22:54:32 +08:00
|
|
|
"github.com/go-acme/lego/certcrypto"
|
|
|
|
"github.com/go-acme/lego/lego"
|
|
|
|
"github.com/go-acme/lego/registration"
|
2018-04-27 01:11:13 +08:00
|
|
|
)
|
|
|
|
|
2018-10-10 06:51:48 +08:00
|
|
|
func (c *certManager) getOrCreateAccount() (*Account, error) {
|
2018-10-09 04:11:19 +08:00
|
|
|
account, err := c.storage.GetAccount(c.acmeHost)
|
2018-04-27 01:11:13 +08:00
|
|
|
if err != nil {
|
2018-10-09 04:11:19 +08:00
|
|
|
return nil, err
|
|
|
|
}
|
2018-10-10 06:51:48 +08:00
|
|
|
if account != nil {
|
|
|
|
return account, nil
|
2018-10-09 04:11:19 +08:00
|
|
|
}
|
2018-10-10 06:51:48 +08:00
|
|
|
// register new
|
|
|
|
account, err = c.createAccount(c.email)
|
2018-04-27 01:11:13 +08:00
|
|
|
if err != nil {
|
2018-10-09 04:11:19 +08:00
|
|
|
return nil, err
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
2018-10-10 06:51:48 +08:00
|
|
|
err = c.storage.StoreAccount(c.acmeHost, account)
|
|
|
|
return account, err
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
|
|
|
|
2018-10-09 04:11:19 +08:00
|
|
|
func (c *certManager) createAccount(email string) (*Account, error) {
|
2018-04-27 01:11:13 +08:00
|
|
|
privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
|
|
|
|
if err != nil {
|
2018-10-09 04:11:19 +08:00
|
|
|
return nil, err
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
2018-10-09 04:11:19 +08:00
|
|
|
acct := &Account{
|
2018-04-27 01:11:13 +08:00
|
|
|
key: privateKey,
|
|
|
|
Email: c.email,
|
|
|
|
}
|
2019-07-29 22:54:32 +08:00
|
|
|
config := lego.NewConfig(acct)
|
|
|
|
config.CADirURL = c.acmeDirectory
|
|
|
|
config.Certificate.KeyType = certcrypto.EC384
|
|
|
|
client, err := lego.NewClient(config)
|
2018-04-27 01:11:13 +08:00
|
|
|
if err != nil {
|
2018-10-09 04:11:19 +08:00
|
|
|
return nil, err
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
2019-07-29 22:54:32 +08:00
|
|
|
reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
|
2018-04-27 01:11:13 +08:00
|
|
|
if err != nil {
|
2018-10-09 04:11:19 +08:00
|
|
|
return nil, err
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
2018-10-09 04:11:19 +08:00
|
|
|
acct.Registration = reg
|
|
|
|
return acct, nil
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
|
|
|
|
2018-10-09 04:11:19 +08:00
|
|
|
type Account struct {
|
2019-07-29 22:54:32 +08:00
|
|
|
Email string `json:"email"`
|
|
|
|
Registration *registration.Resource `json:"registration"`
|
2020-01-29 01:10:58 +08:00
|
|
|
key *ecdsa.PrivateKey
|
2018-04-27 01:11:13 +08:00
|
|
|
}
|
|
|
|
|
2018-10-09 04:11:19 +08:00
|
|
|
func (a *Account) GetEmail() string {
|
2018-04-27 01:11:13 +08:00
|
|
|
return a.Email
|
|
|
|
}
|
2018-10-09 04:11:19 +08:00
|
|
|
func (a *Account) GetPrivateKey() crypto.PrivateKey {
|
2018-04-27 01:11:13 +08:00
|
|
|
return a.key
|
|
|
|
}
|
2019-07-29 22:54:32 +08:00
|
|
|
func (a *Account) GetRegistration() *registration.Resource {
|
2018-04-27 01:11:13 +08:00
|
|
|
return a.Registration
|
|
|
|
}
|