From 191d14cd742c916bd803f73cd6b95b5ba4443c87 Mon Sep 17 00:00:00 2001 From: ZhuoQinghui <1302344380@qq.com> Date: Thu, 31 Oct 2024 14:37:26 +0800 Subject: [PATCH] getCert --- src/acme-client.go | 9 ------- src/http.go | 67 +++++++++------------------------------------- src/task.go | 2 +- src/util.go | 15 ----------- src/variable.go | 6 +++++ test/task.go | 7 ----- 6 files changed, 19 insertions(+), 87 deletions(-) diff --git a/src/acme-client.go b/src/acme-client.go index 3d1db80..0f81e27 100644 --- a/src/acme-client.go +++ b/src/acme-client.go @@ -72,15 +72,6 @@ func Apply(domain Domain) { log.Fatal(err) } - //tlsCert, err := tls.X509KeyPair(cert.Certificate, cert.PrivateKey) - //if err != nil { - // log.Fatal(err) - //} - //log.Printf("Certificate: %+v", tlsCert) - //log.Printf("Certificate: %+v", cert) - //log.Printf("Certificate: %+v", cert.Domain) - //log.Printf("Certificate: %+v", cert.CertURL) - saveCertFile(cert, name) } diff --git a/src/http.go b/src/http.go index d5dc954..13d78f5 100644 --- a/src/http.go +++ b/src/http.go @@ -2,7 +2,6 @@ package src import ( "acme-mana/src/crypto" - "bytes" "encoding/base64" "encoding/hex" "encoding/json" @@ -44,7 +43,7 @@ func domainList(c *gin.Context) { } func getCert(c *gin.Context) { - name := c.Param("name") + name := c.Query("name") token := getToken(c) dir := GetAppConfig().CertDir @@ -90,14 +89,20 @@ func getCert(c *gin.Context) { } certInfo := string(certInfoContent) + data, err := json.Marshal(&DomainData{ + Fullchain: crt, + Key: key, + Info: certInfo, + }) + if err != nil { + log.Fatal(err) + } + + encryptData := encryptResult(string(data), token) c.JSON(200, gin.H{ "code": 200, "msg": "Success", - "data": gin.H{ - "crt": encryptResult(crt, token), - "key": encryptResult(key, token), - "info": encryptResult(certInfo, token), - }, + "data": encryptData, }) } @@ -126,63 +131,15 @@ func getToken(c *gin.Context) (token string) { func decryptParam(param string) string { priKey := GetAppConfig().Encrypt.PriKey - tokenBytes, err := hex.DecodeString(param) - //tokenBytes, err := base64.StdEncoding.DecodeString(param) - //if err != nil { - // log.Fatalln(err) - //} tokenPlain, err := crypto.DecryptRSABase64(priKey, tokenBytes) if err != nil { log.Fatal(err) } return string(tokenPlain) - - // 使用RSA解密 - //block, _ := pem.Decode([]byte(priKey)) - //if block == nil { - // log.Fatal("failed to parse PEM block containing the private key") - //} - //privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) - //if err != nil { - // log.Fatal(err) - //} - //paramData := []byte(param) - //plaintext, err := rsa.DecryptPKCS1v15(nil, privateKey, paramData) - //if err != nil { - // log.Fatal(err) - //} - //return string(plaintext) } func encryptResult(content string, token string) string { result := crypto.EncryptAES([]byte(token), []byte(content)) return base64.StdEncoding.EncodeToString(result) - - //key := []byte(token) - //plaintext := []byte(content) - // - //block, err := des.NewCipher(key) - //if err != nil { - // log.Fatal(err) - //} - // - //plaintext = pad(plaintext, block.BlockSize()) - // - //iv := make([]byte, block.BlockSize()) - //if _, err := io.ReadFull(rand.Reader, iv); err != nil { - // log.Fatal("Error generating random IV:", err) - //} - //mode := cipher.NewCBCEncrypter(block, iv) - // - //ciphertext := make([]byte, len(plaintext)) - //mode.CryptBlocks(ciphertext, plaintext) - // - //return base64.StdEncoding.EncodeToString(ciphertext) -} - -func pad(src []byte, blockSize int) []byte { - padding := blockSize - len(src)%blockSize - padText := bytes.Repeat([]byte{byte(padding)}, padding) - return append(src, padText...) } diff --git a/src/task.go b/src/task.go index 9ae081b..fb6eaed 100644 --- a/src/task.go +++ b/src/task.go @@ -38,7 +38,7 @@ func doRefreshCertOnce(domain Domain) { infoFile := path.Join(certDir, CertInfoFileName) certInfo := ParseCertInfo(infoFile, domain) log.Println("Checking if the certificate is expired, Domain: {}", name) - if certInfo.Info.NotAfter.Sub(time.Now()) < 7*24*time.Hour { + if certInfo.Info.NotAfter.Sub(time.Now()) < 14*24*time.Hour { log.Println("Apply for a certificate that is about to expire, domain name:", name) Apply(domain) } diff --git a/src/util.go b/src/util.go index c095db5..4f6e8de 100644 --- a/src/util.go +++ b/src/util.go @@ -14,27 +14,12 @@ func GenRsa() (priKey string, pubKey string, err error) { } publicKey := &privateKey.PublicKey publicKeyBytes := x509.MarshalPKCS1PublicKey(publicKey) - //publicKeyBytes, err := x509.MarshalPKIXPublicKey(publicKey) - //if err != nil { - // return "", "", err - //} pubKey = base64.StdEncoding.EncodeToString(publicKeyBytes) - //pemBlock := &pem.Block{ - // Type: "", - // Bytes: publicKeyBytes, - //} - //pubKey = string(pem.EncodeToMemory(pemBlock)) - //x509.MarshalPKCS8PrivateKey(privateKey) privateKeyBytes, err := x509.MarshalPKCS8PrivateKey(privateKey) if err != nil { return "", "", err } priKey = base64.StdEncoding.EncodeToString(privateKeyBytes) - //pemBlock = &pem.Block{ - // Type: "", - // Bytes: privateKeyBytes, - //} - //priKey = string(pem.EncodeToMemory(pemBlock)) err = nil return } diff --git a/src/variable.go b/src/variable.go index 02a1069..ffce274 100644 --- a/src/variable.go +++ b/src/variable.go @@ -18,3 +18,9 @@ var envConf EnvConf = InitRuntimeConf() func GetEnvConf() EnvConf { return envConf } + +type DomainData struct { + Fullchain string `json:"fullchain"` + Key string `json:"key"` + Info string `json:"info"` +} diff --git a/test/task.go b/test/task.go index 2a8ac10..519efef 100644 --- a/test/task.go +++ b/test/task.go @@ -54,10 +54,6 @@ func TestParseCert() { if err != nil { log.Fatalf("Failed to parse certificate: %v", err) } - //info, err := json.Marshal(certParse) - //if err != nil { - // log.Fatalf("Failed to marshal certificate: %v", err) - //} certInfo := src.CertInfo{ Cert: certificate.Resource{}, Info: *certParse, @@ -67,7 +63,4 @@ func TestParseCert() { log.Fatalf("Failed to marshal certificate: %v", err) } log.Println(string(info)) - - //log.Println(string(info)) - //log.Println(certParse) }