raise error if unable to find private signature in account key

f8bbba48 · Adrien Dorsaz · 48f6fa12 · f8bbba48 · f8bbba48 · f8bbba48
Commit f8bbba48 authored Aug 23, 2021 by Adrien Dorsaz
--- a/acme_dns_tiny.py
+++ b/acme_dns_tiny.py
@@ -146,9 +146,11 @@ def get_crt(config, log=LOGGER):
    log.info("Get private signature from account key.")
    accountkey = _openssl("rsa", ["-in", config["acmednstiny"]["AccountKeyFile"],
                                  "-noout", "-text"])
-    pub_hex, pub_exp = re.search(
-        r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
-        accountkey.decode("utf8"), re.MULTILINE).groups()
+    signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
+        accountkey.decode("utf8"), re.MULTILINE)
+    if signature_search is None:
+        raise ValueError("Unable to retrieve private signature.");
+    pub_hex, pub_exp = signature_search.groups()
    pub_exp = "{0:x}".format(int(pub_exp))
    pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
    # That signature is used to authenticate with the ACME server, it needs to be safely kept

--- a/tools/acme_account_deactivate.py
+++ b/tools/acme_account_deactivate.py
@@ -81,9 +81,11 @@ def account_deactivate(accountkeypath, acme_directory, log=LOGGER):

    log.info("Get private signature from account key.")
    accountkey = _openssl("rsa", ["-in", accountkeypath, "-noout", "-text"])
-    pub_hex, pub_exp = re.search(
-        r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
-        accountkey.decode("utf8"), re.MULTILINE).groups()
+    signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
+        accountkey.decode("utf8"), re.MULTILINE)
+    if signature_search is None:
+        raise ValueError("Unable to retrieve private signature.");
+    pub_hex, pub_exp = signature_search.groups()
    pub_exp = "{0:x}".format(int(pub_exp))
    pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
    # That signature is used to authenticate with the ACME server, it needs to be safely kept

--- a/tools/acme_account_rollover.py
+++ b/tools/acme_account_rollover.py
@@ -36,9 +36,11 @@ def account_rollover(old_accountkeypath, new_accountkeypath, acme_directory, log
    def _get_private_acme_signature(accountkeypath):
        """Read the account key to get the signature to authenticate with the ACME server."""
        accountkey = _openssl("rsa", ["-in", accountkeypath, "-noout", "-text"])
-        pub_hex, pub_exp = re.search(
-            r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
-            accountkey.decode("utf8"), re.MULTILINE).groups()
+        signature_search = re.search(r"modulus:\s+?00:([a-f0-9\:\s]+?)\r?\npublicExponent: ([0-9]+)",
+            accountkey.decode("utf8"), re.MULTILINE)
+        if signature_search is None:
+            raise ValueError("Unable to retrieve private signature.");
+        pub_hex, pub_exp = signature_search.groups()
        pub_exp = "{0:x}".format(int(pub_exp))
        pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp
        return {