github.com/teknogeek/dnscontrol/v2@v2.10.1-0.20200227202244-ae299b55ba42/pkg/acme/registration.go (about) 1 package acme 2 3 import ( 4 "crypto" 5 "crypto/ecdsa" 6 "crypto/elliptic" 7 "crypto/rand" 8 9 "github.com/go-acme/lego/certcrypto" 10 "github.com/go-acme/lego/lego" 11 "github.com/go-acme/lego/registration" 12 ) 13 14 func (c *certManager) getOrCreateAccount() (*Account, error) { 15 account, err := c.storage.GetAccount(c.acmeHost) 16 if err != nil { 17 return nil, err 18 } 19 if account != nil { 20 return account, nil 21 } 22 // register new 23 account, err = c.createAccount(c.email) 24 if err != nil { 25 return nil, err 26 } 27 err = c.storage.StoreAccount(c.acmeHost, account) 28 return account, err 29 } 30 31 func (c *certManager) createAccount(email string) (*Account, error) { 32 privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader) 33 if err != nil { 34 return nil, err 35 } 36 acct := &Account{ 37 key: privateKey, 38 Email: c.email, 39 } 40 config := lego.NewConfig(acct) 41 config.CADirURL = c.acmeDirectory 42 config.Certificate.KeyType = certcrypto.EC384 43 client, err := lego.NewClient(config) 44 if err != nil { 45 return nil, err 46 } 47 reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) 48 if err != nil { 49 return nil, err 50 } 51 acct.Registration = reg 52 return acct, nil 53 } 54 55 type Account struct { 56 Email string `json:"email"` 57 Registration *registration.Resource `json:"registration"` 58 key *ecdsa.PrivateKey 59 } 60 61 func (a *Account) GetEmail() string { 62 return a.Email 63 } 64 func (a *Account) GetPrivateKey() crypto.PrivateKey { 65 return a.key 66 } 67 func (a *Account) GetRegistration() *registration.Resource { 68 return a.Registration 69 }