Browse Source

Fix the account key rollover

pull/39/head
Rodolphe Breard 4 years ago
parent
commit
04841e1773
  1. 18
      acmed/src/acme_proto/account.rs
  2. 4
      acmed/src/acme_proto/structs/account.rs

18
acmed/src/acme_proto/account.rs

@ -104,15 +104,25 @@ pub fn update_account_key(
let ep = account.get_endpoint(&endpoint_name)?; let ep = account.get_endpoint(&endpoint_name)?;
let old_account_key = account.get_past_key(&ep.key_hash)?; let old_account_key = account.get_past_key(&ep.key_hash)?;
let old_key = &old_account_key.key; let old_key = &old_account_key.key;
let rollover_struct = AccountKeyRollover::new(account, &old_key)?;
let account_url = account.get_endpoint(&endpoint_name)?.account_url.clone();
let rollover_struct = AccountKeyRollover::new(&account_url, &old_key)?;
let rollover_struct = serde_json::to_string(&rollover_struct)?; let rollover_struct = serde_json::to_string(&rollover_struct)?;
let rollover_payload = encode_jwk_no_nonce( let rollover_payload = encode_jwk_no_nonce(
&old_key,
&old_account_key.signature_algorithm,
&account.current_key.key,
&account.current_key.signature_algorithm,
rollover_struct.as_bytes(), rollover_struct.as_bytes(),
&url, &url,
)?; )?;
let data_builder = set_data_builder!(account, endpoint_name, rollover_payload.as_bytes());
let data_builder = |n: &str, url: &str| {
encode_kid(
&old_key,
&old_account_key.signature_algorithm,
&account_url,
rollover_payload.as_bytes(),
url,
n,
)
};
create_account_if_does_not_exist!( create_account_if_does_not_exist!(
http::post_jose_no_response(endpoint, root_certs, &data_builder, &url), http::post_jose_no_response(endpoint, root_certs, &data_builder, &url),
endpoint, endpoint,

4
acmed/src/acme_proto/structs/account.rs

@ -56,9 +56,9 @@ pub struct AccountKeyRollover {
} }
impl AccountKeyRollover { impl AccountKeyRollover {
pub fn new(account: &crate::account::Account, old_key: &KeyPair) -> Result<Self, Error> {
pub fn new(account_str: &str, old_key: &KeyPair) -> Result<Self, Error> {
Ok(AccountKeyRollover { Ok(AccountKeyRollover {
account: account.name.clone(),
account: account_str.to_string(),
old_key: old_key.jwk_public_key()?, old_key: old_key.jwk_public_key()?,
}) })
} }

Loading…
Cancel
Save