Commit f8bbba48 authored by Adrien Dorsaz's avatar Adrien Dorsaz
Browse files

raise error if unable to find private signature in account key

parent 48f6fa12
......@@ -146,9 +146,11 @@ def get_crt(config, log=LOGGER):
log.info("Get private signature from account key.")
accountkey = _openssl("rsa", ["-in", config["acmednstiny"]["AccountKeyFile"],
"-noout", "-text"])
pub_hex, pub_exp = re.search(
r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE).groups()
signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE)
if signature_search is None:
raise ValueError("Unable to retrieve private signature.");
pub_hex, pub_exp = signature_search.groups()
pub_exp = "{0:x}".format(int(pub_exp))
pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
# That signature is used to authenticate with the ACME server, it needs to be safely kept
......
......@@ -81,9 +81,11 @@ def account_deactivate(accountkeypath, acme_directory, log=LOGGER):
log.info("Get private signature from account key.")
accountkey = _openssl("rsa", ["-in", accountkeypath, "-noout", "-text"])
pub_hex, pub_exp = re.search(
r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE).groups()
signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE)
if signature_search is None:
raise ValueError("Unable to retrieve private signature.");
pub_hex, pub_exp = signature_search.groups()
pub_exp = "{0:x}".format(int(pub_exp))
pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
# That signature is used to authenticate with the ACME server, it needs to be safely kept
......
......@@ -36,9 +36,11 @@ def account_rollover(old_accountkeypath, new_accountkeypath, acme_directory, log
def _get_private_acme_signature(accountkeypath):
"""Read the account key to get the signature to authenticate with the ACME server."""
accountkey = _openssl("rsa", ["-in", accountkeypath, "-noout", "-text"])
pub_hex, pub_exp = re.search(
r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE).groups()
signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
accountkey.decode("utf8"), re.MULTILINE)
if signature_search is None:
raise ValueError("Unable to retrieve private signature.");
pub_hex, pub_exp = signature_search.groups()
pub_exp = "{0:x}".format(int(pub_exp))
pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
return {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment