Move KeyAuthorization into crate root

This commit is contained in:
Dirkjan Ochtman 2022-11-15 10:00:57 +01:00
parent 1f42c1e5a2
commit f34971b3e8
2 changed files with 37 additions and 36 deletions

View File

@ -4,12 +4,14 @@
#![warn(missing_docs)]
use std::borrow::Cow;
use std::fmt;
use std::sync::Arc;
use base64::URL_SAFE_NO_PAD;
use hyper::client::HttpConnector;
use hyper::header::{CONTENT_TYPE, LOCATION};
use hyper::{Body, Method, Request, Response};
use ring::digest::{digest, SHA256};
use ring::rand::SystemRandom;
use ring::signature::{EcdsaKeyPair, ECDSA_P256_SHA256_FIXED_SIGNING};
use serde::de::DeserializeOwned;
@ -18,8 +20,7 @@ use serde::Serialize;
mod types;
pub use types::{
AccountCredentials, Authorization, AuthorizationStatus, Challenge, ChallengeType, Error,
Identifier, KeyAuthorization, LetsEncrypt, NewAccount, NewOrder, OrderState, OrderStatus,
Problem,
Identifier, LetsEncrypt, NewAccount, NewOrder, OrderState, OrderStatus, Problem,
};
use types::{
DirectoryUrls, Empty, FinalizeRequest, Header, JoseJson, Jwk, KeyOrKeyId, SigningAlgorithm,
@ -419,6 +420,40 @@ trait Signer {
fn key(&self) -> &Key;
}
/// The response value to use for challenge responses
///
/// Use [`KeyAuthorization::dns_value()`] for DNS challenges,
/// [`KeyAuthorization::to_bytes()`] for TLS challenges, and
/// [`KeyAuthorization::as_str()`] for HTTP challenges.
///
/// <https://datatracker.ietf.org/doc/html/rfc8555#section-8.1>
///
/// <https://datatracker.ietf.org/doc/html/rfc8737#section-3>
pub struct KeyAuthorization(pub(crate) String);
impl KeyAuthorization {
/// Get the key authorization value
pub fn as_str(&self) -> &str {
&self.0
}
/// Get the SHA256 digest of the key authorization
pub fn to_bytes(&self) -> impl AsRef<[u8]> {
digest(&SHA256, self.0.as_bytes())
}
/// Get the base64-encoded SHA256 digest of the key authorization
pub fn dns_value(&self) -> String {
base64::encode_config(self.to_bytes(), URL_SAFE_NO_PAD)
}
}
impl fmt::Debug for KeyAuthorization {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_tuple("KeyAuthorization").finish()
}
}
fn nonce_from_response(rsp: &Response<Body>) -> Option<String> {
rsp.headers()
.get(REPLAY_NONCE)

View File

@ -100,40 +100,6 @@ impl fmt::Display for Problem {
impl std::error::Error for Problem {}
/// The response value to use for challenge responses
///
/// Use [`KeyAuthorization::dns_value()`] for DNS challenges,
/// [`KeyAuthorization::to_bytes()`] for TLS challenges, and
/// [`KeyAuthorization::as_str()`] for HTTP challenges.
///
/// <https://datatracker.ietf.org/doc/html/rfc8555#section-8.1>
///
/// <https://datatracker.ietf.org/doc/html/rfc8737#section-3>
pub struct KeyAuthorization(pub(crate) String);
impl KeyAuthorization {
/// Get the key authorization value
pub fn as_str(&self) -> &str {
&self.0
}
/// Get the SHA256 digest of the key authorization
pub fn to_bytes(&self) -> impl AsRef<[u8]> {
digest(&SHA256, self.0.as_bytes())
}
/// Get the base64-encoded SHA256 digest of the key authorization
pub fn dns_value(&self) -> String {
base64::encode_config(self.to_bytes(), URL_SAFE_NO_PAD)
}
}
impl fmt::Debug for KeyAuthorization {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_tuple("KeyAuthorization").finish()
}
}
#[derive(Debug, Serialize)]
pub(crate) struct FinalizeRequest {
csr: String,