getCert

src/acme-client.go

@@ -72,15 +72,6 @@ func Apply(domain Domain) {
 		log.Fatal(err)
 	}
 
-	//tlsCert, err := tls.X509KeyPair(cert.Certificate, cert.PrivateKey)
-	//if err != nil {
-	//	log.Fatal(err)
-	//}
-	//log.Printf("Certificate: %+v", tlsCert)
-	//log.Printf("Certificate: %+v", cert)
-	//log.Printf("Certificate: %+v", cert.Domain)
-	//log.Printf("Certificate: %+v", cert.CertURL)
-
 	saveCertFile(cert, name)
 }
 

src/http.go

@@ -2,7 +2,6 @@ package src
 
 import (
 	"acme-mana/src/crypto"
-	"bytes"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
@@ -44,7 +43,7 @@ func domainList(c *gin.Context) {
 }
 
 func getCert(c *gin.Context) {
-	name := c.Param("name")
+	name := c.Query("name")
 	token := getToken(c)
 
 	dir := GetAppConfig().CertDir
@@ -90,14 +89,20 @@ func getCert(c *gin.Context) {
 	}
 	certInfo := string(certInfoContent)
 
+	data, err := json.Marshal(&DomainData{
+		Fullchain: crt,
+		Key:       key,
+		Info:      certInfo,
+	})
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	encryptData := encryptResult(string(data), token)
 	c.JSON(200, gin.H{
 		"code": 200,
 		"msg":  "Success",
-		"data": gin.H{
+		"data": encryptData,
-			"crt":  encryptResult(crt, token),
-			"key":  encryptResult(key, token),
-			"info": encryptResult(certInfo, token),
-		},
 	})
 }
 
@@ -126,63 +131,15 @@ func getToken(c *gin.Context) (token string) {
 
 func decryptParam(param string) string {
 	priKey := GetAppConfig().Encrypt.PriKey
-
 	tokenBytes, err := hex.DecodeString(param)
-	//tokenBytes, err := base64.StdEncoding.DecodeString(param)
-	//if err != nil {
-	//	log.Fatalln(err)
-	//}
 	tokenPlain, err := crypto.DecryptRSABase64(priKey, tokenBytes)
 	if err != nil {
 		log.Fatal(err)
 	}
 	return string(tokenPlain)
-
-	// 使用RSA解密
-	//block, _ := pem.Decode([]byte(priKey))
-	//if block == nil {
-	//	log.Fatal("failed to parse PEM block containing the private key")
-	//}
-	//privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
-	//if err != nil {
-	//	log.Fatal(err)
-	//}
-	//paramData := []byte(param)
-	//plaintext, err := rsa.DecryptPKCS1v15(nil, privateKey, paramData)
-	//if err != nil {
-	//	log.Fatal(err)
-	//}
-	//return string(plaintext)
 }
 
 func encryptResult(content string, token string) string {
 	result := crypto.EncryptAES([]byte(token), []byte(content))
 	return base64.StdEncoding.EncodeToString(result)
-
-	//key := []byte(token)
-	//plaintext := []byte(content)
-	//
-	//block, err := des.NewCipher(key)
-	//if err != nil {
-	//	log.Fatal(err)
-	//}
-	//
-	//plaintext = pad(plaintext, block.BlockSize())
-	//
-	//iv := make([]byte, block.BlockSize())
-	//if _, err := io.ReadFull(rand.Reader, iv); err != nil {
-	//	log.Fatal("Error generating random IV:", err)
-	//}
-	//mode := cipher.NewCBCEncrypter(block, iv)
-	//
-	//ciphertext := make([]byte, len(plaintext))
-	//mode.CryptBlocks(ciphertext, plaintext)
-	//
-	//return base64.StdEncoding.EncodeToString(ciphertext)
-}
-
-func pad(src []byte, blockSize int) []byte {
-	padding := blockSize - len(src)%blockSize
-	padText := bytes.Repeat([]byte{byte(padding)}, padding)
-	return append(src, padText...)
 }

src/task.go

@@ -38,7 +38,7 @@ func doRefreshCertOnce(domain Domain) {
 	infoFile := path.Join(certDir, CertInfoFileName)
 	certInfo := ParseCertInfo(infoFile, domain)
 	log.Println("Checking if the certificate is expired, Domain: {}", name)
-	if certInfo.Info.NotAfter.Sub(time.Now()) < 7*24*time.Hour {
+	if certInfo.Info.NotAfter.Sub(time.Now()) < 14*24*time.Hour {
 		log.Println("Apply for a certificate that is about to expire, domain name:", name)
 		Apply(domain)
 	}

src/util.go

@@ -14,27 +14,12 @@ func GenRsa() (priKey string, pubKey string, err error) {
 	}
 	publicKey := &privateKey.PublicKey
 	publicKeyBytes := x509.MarshalPKCS1PublicKey(publicKey)
-	//publicKeyBytes, err := x509.MarshalPKIXPublicKey(publicKey)
-	//if err != nil {
-	//	return "", "", err
-	//}
 	pubKey = base64.StdEncoding.EncodeToString(publicKeyBytes)
-	//pemBlock := &pem.Block{
-	//	Type:  "",
-	//	Bytes: publicKeyBytes,
-	//}
-	//pubKey = string(pem.EncodeToMemory(pemBlock))
-	//x509.MarshalPKCS8PrivateKey(privateKey)
 	privateKeyBytes, err := x509.MarshalPKCS8PrivateKey(privateKey)
 	if err != nil {
 		return "", "", err
 	}
 	priKey = base64.StdEncoding.EncodeToString(privateKeyBytes)
-	//pemBlock = &pem.Block{
-	//	Type:  "",
-	//	Bytes: privateKeyBytes,
-	//}
-	//priKey = string(pem.EncodeToMemory(pemBlock))
 	err = nil
 	return
 }

src/variable.go

@@ -18,3 +18,9 @@ var envConf EnvConf = InitRuntimeConf()
 func GetEnvConf() EnvConf {
 	return envConf
 }
+
+type DomainData struct {
+	Fullchain string `json:"fullchain"`
+	Key       string `json:"key"`
+	Info      string `json:"info"`
+}

test/task.go

@@ -54,10 +54,6 @@ func TestParseCert() {
 	if err != nil {
 		log.Fatalf("Failed to parse certificate: %v", err)
 	}
-	//info, err := json.Marshal(certParse)
-	//if err != nil {
-	//	log.Fatalf("Failed to marshal certificate: %v", err)
-	//}
 	certInfo := src.CertInfo{
 		Cert: certificate.Resource{},
 		Info: *certParse,
@@ -67,7 +63,4 @@ func TestParseCert() {
 		log.Fatalf("Failed to marshal certificate: %v", err)
 	}
 	log.Println(string(info))
-
-	//log.Println(string(info))
-	//log.Println(certParse)
 }