Spaces:
Running
Running
| import josepy as jose | |
| from acme import messages, jose | |
| from acme import client, messages | |
| from cryptography.hazmat.primitives.asymmetric import rsa, ec | |
| from cryptography.hazmat.backends import default_backend | |
| def pg_client(directory, key_type="rsa", key_size=None, key_curve=None): | |
| try: | |
| if key_type.lower() == "rsa": | |
| if key_size == "" or key_size == None: | |
| key_size = 4096 | |
| rsa_key = rsa.generate_private_key(public_exponent=65537, key_size=key_size, backend=default_backend()) | |
| account_key = jose.JWKRSA(key=rsa_key) | |
| net = client.ClientNetwork(account_key, user_agent='project-gatekeeper/v1.5') | |
| directory_obj = messages.Directory.from_json(net.get(directory).json()) | |
| acme_client = client.ClientV2(directory_obj, net=net) | |
| return acme_client | |
| elif key_type.lower() == "ecc": | |
| if key_curve == "" or key_curve == None: | |
| key_curve = "ec256" | |
| if key_curve == 'SECP256R1' or key_curve == 'ec256': | |
| ec_key = ec.generate_private_key(ec.SECP256R1(), default_backend()) | |
| algo=jose.ES256 | |
| elif key_curve == 'SECP384R1' or key_curve == 'ec384': | |
| ec_key = ec.generate_private_key(ec.SECP384R1(), default_backend()) | |
| algo=jose.ES384 | |
| account_key = jose.JWKEC(key=ec_key) | |
| net = client.ClientNetwork(account_key, alg=algo, user_agent='project-gatekeeper/v2') | |
| response = net.get(directory) | |
| directory_obj = messages.Directory.from_json(response.json()) | |
| acme_client = client.ClientV2(directory_obj, net=net) | |
| return acme_client | |
| else: | |
| print("Invalid key_type") | |
| return False | |
| except: | |
| print("Error in initialization") | |
| return False | |
| def new_account(pgclient, email, kid=None, hmac=None): | |
| external_account_binding = None | |
| if kid and hmac: | |
| if isinstance(hmac, bytes): | |
| hmac = hmac.decode('utf-8') | |
| if not isinstance(hmac, str): | |
| print("Error: HMAC is not a string after decoding.") | |
| return False | |
| try: | |
| hmac_bytes = jose.b64.b64decode(hmac) | |
| except Exception as e: | |
| print(f"Error decoding HMAC key: {e}") | |
| return False | |
| hmac_key_b64 = jose.b64.b64encode(hmac_bytes).decode('utf-8') | |
| external_account_binding = messages.ExternalAccountBinding.from_data( | |
| account_public_key=pgclient.net.key, | |
| kid=kid, | |
| hmac_key=hmac_key_b64, | |
| directory=pgclient.directory | |
| ) | |
| registration = messages.NewRegistration.from_data( | |
| email=email, | |
| terms_of_service_agreed=True, | |
| external_account_binding=external_account_binding | |
| ) | |
| try: | |
| account = pgclient.new_account(registration) | |
| return account | |
| except Exception as e: | |
| print(f"Error creating account: {e}") | |
| return False |