Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def make_client(email=None):
"""Build an acme.Client and register a new account with a random key."""
key = josepy.JWKRSA(key=rsa.generate_private_key(65537, 2048, default_backend()))
net = acme_client.ClientNetwork(key, user_agent="Boulder integration tester")
directory = messages.Directory.from_json(net.get(DIRECTORY).json())
client = acme_client.ClientV2(directory, net)
tos = client.directory.meta.terms_of_service
if tos == ACCEPTABLE_TOS:
net.account = client.new_account(messages.NewRegistration.from_data(email=email,
terms_of_service_agreed=True))
else:
raise Exception("Unrecognized terms of service URL %s" % tos)
return client
def uninitialized_client(key=None):
if key is None:
key = josepy.JWKRSA(key=rsa.generate_private_key(65537, 2048, default_backend()))
net = acme_client.ClientNetwork(key, user_agent="Boulder integration tester")
directory = messages.Directory.from_json(net.get(DIRECTORY_V2).json())
return acme_client.ClientV2(directory, net)
# Making registration resource now
registration = messages.RegistrationResource.from_json({
'uri': data['uri'],
'terms_of_service': data['tos'],
'body': {
'contact': [data['body']['contact']],
'status': data['body']['status'],
'key': {
'e': key_dict['e'],
'kty': 'RSA',
'n': key_dict['n']
}
}
})
return client.ClientV2(
messages.Directory({
'newAccount': data['new_account_uri'],
'newNonce': data['new_nonce_uri'],
'newOrder': data['new_order_uri'],
'revokeCert': data['revoke_cert_uri']
}),
client.ClientNetwork(key, account=registration)
), key
- Change contact information
- Deactivate Account
"""
# Create account key
acc_key = jose.JWKRSA(
key=rsa.generate_private_key(public_exponent=65537,
key_size=ACC_KEY_BITS,
backend=default_backend()))
# Register account and accept TOS
net = client.ClientNetwork(acc_key, user_agent=USER_AGENT)
directory = messages.Directory.from_json(net.get(DIRECTORY_URL).json())
client_acme = client.ClientV2(directory, net=net)
# Terms of Service URL is in client_acme.directory.meta.terms_of_service
# Registration Resource: regr
# Creates account with contact information.
email = ('fake@example.com')
regr = client_acme.new_account(
messages.NewRegistration.from_data(
email=email, terms_of_service_agreed=True))
# Create domain private key and CSR
pkey_pem, csr_pem = new_csr_comp(DOMAIN)
# Issue certificate
orderr = client_acme.new_order(csr_pem)
directory = messages.Directory.from_json(
network.get(self._acme_server).json()
)
self._acme_client = client.ClientV2(directory, net=network)
except errors.Error as err:
_LOGGER.error("Can't connect to ACME server: %s", err)
raise AcmeClientError()
return
# Create a new registration
try:
network = client.ClientNetwork(self._account_jwk, user_agent=USER_AGENT)
directory = messages.Directory.from_json(
network.get(self._acme_server).json()
)
self._acme_client = client.ClientV2(directory, net=network)
except errors.Error as err:
_LOGGER.error("Can't connect to ACME server: %s", err)
raise AcmeClientError()
try:
_LOGGER.info(
"Register a ACME account with TOS: %s",
self._acme_client.directory.meta.terms_of_service,
)
regr = self._acme_client.new_account(
messages.NewRegistration.from_data(
email=self._email, terms_of_service_agreed=True
)
)
except errors.Error as err:
_LOGGER.error("Can't register to ACME server: %s", err)
def registered_client(args, existing_account_key, existing_account_reg):
"""Return an ACME v2 client from account key and registration.
Register a new account or recover missing registration if necessary."""
key = check_or_generate_account_key(args, existing_account_key)
net = acme_client.ClientNetwork(
key=key,
account=existing_account_reg,
user_agent=args.user_agent
)
directory = messages.Directory.from_json(net.get(args.server).json())
client = acme_client.ClientV2(directory, net=net)
if existing_account_reg is None:
if args.email is None:
logger.warning('--email was not provided; ACME CA will have no '
'way of contacting you.')
new_reg = messages.NewRegistration.from_data(email=args.email)
if "terms_of_service" in client.directory.meta:
logger.info("By using simp_le, you implicitly agree "
"to the CA's terms of service: %s",
client.directory.meta.terms_of_service)
new_reg = new_reg.update(terms_of_service_agreed=True)
try:
client.new_account(new_reg)
except acme_errors.ConflictError as error:
with open(key_file, 'r') as f:
key = jose.JWK.json_loads(f.read())
except IOError as error:
# Generate new private key, as we expect that the account doesn't exist
private_key = rsa.generate_private_key(
public_exponent = 65537,
key_size = settings.LETSENCRYPT_ACCT_KEY_BITS,
backend = default_backend()
)
key = jose.JWKRSA(key=private_key)
# Prepare ACME client connection with account private key
net = client.ClientNetwork(key)
directory = messages.Directory.from_json(
net.get(settings.LETSENCRYPT_ACME_SERVER).json()
)
client_acme = client.ClientV2(directory, net=net)
# Generate a new account and store account information locally
email = getattr(settings, 'KUMQUAT_EMAIL', None)
regr = client_acme.new_account(
messages.NewRegistration.from_data(
email = email,
terms_of_service_agreed = True
)
)
# Store private key as json format
with open(key_file, 'w') as f:
f.write(key.json_dumps())
# Store regr information as json format
with open(reg_file, 'w') as f:
f.write(regr.json_dumps())
return key, regr