Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Adrien Dorsaz
acme-dns-tiny
Commits
f8bbba48
Commit
f8bbba48
authored
Aug 23, 2021
by
Adrien Dorsaz
Browse files
raise error if unable to find private signature in account key
parent
48f6fa12
Changes
3
Hide whitespace changes
Inline
Side-by-side
acme_dns_tiny.py
View file @
f8bbba48
...
...
@@ -146,9 +146,11 @@ def get_crt(config, log=LOGGER):
log
.
info
(
"Get private signature from account key."
)
accountkey
=
_openssl
(
"rsa"
,
[
"-in"
,
config
[
"acmednstiny"
][
"AccountKeyFile"
],
"-noout"
,
"-text"
])
pub_hex
,
pub_exp
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
).
groups
()
signature_search
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
)
if
signature_search
is
None
:
raise
ValueError
(
"Unable to retrieve private signature."
);
pub_hex
,
pub_exp
=
signature_search
.
groups
()
pub_exp
=
"{0:x}"
.
format
(
int
(
pub_exp
))
pub_exp
=
"0{0}"
.
format
(
pub_exp
)
if
len
(
pub_exp
)
%
2
else
pub_exp
# That signature is used to authenticate with the ACME server, it needs to be safely kept
...
...
tools/acme_account_deactivate.py
View file @
f8bbba48
...
...
@@ -81,9 +81,11 @@ def account_deactivate(accountkeypath, acme_directory, log=LOGGER):
log
.
info
(
"Get private signature from account key."
)
accountkey
=
_openssl
(
"rsa"
,
[
"-in"
,
accountkeypath
,
"-noout"
,
"-text"
])
pub_hex
,
pub_exp
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
).
groups
()
signature_search
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
)
if
signature_search
is
None
:
raise
ValueError
(
"Unable to retrieve private signature."
);
pub_hex
,
pub_exp
=
signature_search
.
groups
()
pub_exp
=
"{0:x}"
.
format
(
int
(
pub_exp
))
pub_exp
=
"0{0}"
.
format
(
pub_exp
)
if
len
(
pub_exp
)
%
2
else
pub_exp
# That signature is used to authenticate with the ACME server, it needs to be safely kept
...
...
tools/acme_account_rollover.py
View file @
f8bbba48
...
...
@@ -36,9 +36,11 @@ def account_rollover(old_accountkeypath, new_accountkeypath, acme_directory, log
def
_get_private_acme_signature
(
accountkeypath
):
"""Read the account key to get the signature to authenticate with the ACME server."""
accountkey
=
_openssl
(
"rsa"
,
[
"-in"
,
accountkeypath
,
"-noout"
,
"-text"
])
pub_hex
,
pub_exp
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
).
groups
()
signature_search
=
re
.
search
(
r
"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)"
,
accountkey
.
decode
(
"utf8"
),
re
.
MULTILINE
)
if
signature_search
is
None
:
raise
ValueError
(
"Unable to retrieve private signature."
);
pub_hex
,
pub_exp
=
signature_search
.
groups
()
pub_exp
=
"{0:x}"
.
format
(
int
(
pub_exp
))
pub_exp
=
"0{0}"
.
format
(
pub_exp
)
if
len
(
pub_exp
)
%
2
else
pub_exp
return
{
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment