diff --git a/letsencrypt/acme/__init__.py b/letsencrypt/acme/__init__.py new file mode 100644 index 000000000..69418608b --- /dev/null +++ b/letsencrypt/acme/__init__.py @@ -0,0 +1 @@ +"""ACME protocol implementation.""" diff --git a/letsencrypt/client/acme.py b/letsencrypt/acme/messages.py similarity index 100% rename from letsencrypt/client/acme.py rename to letsencrypt/acme/messages.py diff --git a/letsencrypt/client/tests/acme_test.py b/letsencrypt/acme/messages_test.py similarity index 84% rename from letsencrypt/client/tests/acme_test.py rename to letsencrypt/acme/messages_test.py index 514c6b14e..0eccb7a62 100644 --- a/letsencrypt/client/tests/acme_test.py +++ b/letsencrypt/acme/messages_test.py @@ -1,4 +1,4 @@ -"""Tests for letsencrypt.client.acme.""" +"""Tests for letsencrypt.acme.messages.""" import pkg_resources import unittest @@ -6,7 +6,7 @@ import jsonschema class ACMEObjectValidateTest(unittest.TestCase): - """Tests for letsencrypt.client.acme.acme_object_validate.""" + """Tests for letsencrypt.acme.messages.acme_object_validate.""" def setUp(self): self.schemata = { @@ -20,7 +20,7 @@ class ACMEObjectValidateTest(unittest.TestCase): } def _call(self, json_string): - from letsencrypt.client.acme import acme_object_validate + from letsencrypt.acme.messages import acme_object_validate return acme_object_validate(json_string, self.schemata) def _test_fails(self, json_string): @@ -43,11 +43,11 @@ class ACMEObjectValidateTest(unittest.TestCase): class PrettyTest(unittest.TestCase): # pylint: disable=too-few-public-methods - """Tests for letsencrypt.client.acme.pretty.""" + """Tests for letsencrypt.acme.messages.pretty.""" @classmethod def _call(cls, json_string): - from letsencrypt.client.acme import pretty + from letsencrypt.acme.messages import pretty return pretty(json_string) def test_it(self): @@ -57,21 +57,21 @@ class PrettyTest(unittest.TestCase): # pylint: disable=too-few-public-methods class MessageFactoriesTest(unittest.TestCase): - """Tests for ACME message factories from letsencrypt.client.acme.""" + """Tests for ACME message factories from letsencrypt.acme.messages.""" def setUp(self): self.privkey = pkg_resources.resource_string( - __name__, 'testdata/rsa256_key.pem') + 'letsencrypt.client.tests', 'testdata/rsa256_key.pem') self.nonce = '\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9' self.b64nonce = '7Nbyb1lI6xPVI3Hg3aKSqQ' @classmethod def _validate(cls, msg): - from letsencrypt.client.acme import SCHEMATA + from letsencrypt.acme.messages import SCHEMATA jsonschema.validate(msg, SCHEMATA[msg['type']]) def test_challenge_request(self): - from letsencrypt.client.acme import challenge_request + from letsencrypt.acme.messages import challenge_request msg = challenge_request('example.com') self._validate(msg) self.assertEqual(msg, { @@ -80,7 +80,7 @@ class MessageFactoriesTest(unittest.TestCase): }) def test_authorization_request(self): - from letsencrypt.client.acme import authorization_request + from letsencrypt.acme.messages import authorization_request responses = [ { 'type': 'simpleHttps', @@ -115,7 +115,7 @@ class MessageFactoriesTest(unittest.TestCase): }) def test_certificate_request(self): - from letsencrypt.client.acme import certificate_request + from letsencrypt.acme.messages import certificate_request msg = certificate_request( 'TODO: real DER CSR?', self.privkey, self.nonce) self._validate(msg) @@ -130,7 +130,7 @@ class MessageFactoriesTest(unittest.TestCase): }) def test_revocation_request(self): - from letsencrypt.client.acme import revocation_request + from letsencrypt.acme.messages import revocation_request msg = revocation_request( 'TODO: real DER cert?', self.privkey, self.nonce) self._validate(msg) @@ -145,7 +145,7 @@ class MessageFactoriesTest(unittest.TestCase): }) def test_status_request(self): - from letsencrypt.client.acme import status_request + from letsencrypt.acme.messages import status_request msg = status_request(u'O7-s9MNq1siZHlgrMzi9_A') self._validate(msg) self.assertEqual(msg, { diff --git a/letsencrypt/client/schemata/authorization.json b/letsencrypt/acme/schemata/authorization.json similarity index 88% rename from letsencrypt/client/schemata/authorization.json rename to letsencrypt/acme/schemata/authorization.json index 59877b648..742a9c0d5 100644 --- a/letsencrypt/client/schemata/authorization.json +++ b/letsencrypt/acme/schemata/authorization.json @@ -15,7 +15,7 @@ "type": "string" }, "jwk": { - "$ref": "file:letsencrypt/client/schemata/jwk.json" + "$ref": "file:letsencrypt/acme/schemata/jwk.json" } } } diff --git a/letsencrypt/client/schemata/authorizationRequest.json b/letsencrypt/acme/schemata/authorizationRequest.json similarity index 85% rename from letsencrypt/client/schemata/authorizationRequest.json rename to letsencrypt/acme/schemata/authorizationRequest.json index a0d198333..ee22808bc 100644 --- a/letsencrypt/client/schemata/authorizationRequest.json +++ b/letsencrypt/acme/schemata/authorizationRequest.json @@ -15,14 +15,14 @@ "type": "string" }, "signature" : { - "$ref": "file:letsencrypt/client/schemata/signature.json" + "$ref": "file:letsencrypt/acme/schemata/signature.json" }, "responses": { "type": "array", "minItems": 1, "items": { "anyOf": [ - { "$ref": "file:letsencrypt/client/schemata/responseobject.json" }, + { "$ref": "file:letsencrypt/acme/schemata/responseobject.json" }, { "type": "null" } ] } diff --git a/letsencrypt/client/schemata/certificate.json b/letsencrypt/acme/schemata/certificate.json similarity index 100% rename from letsencrypt/client/schemata/certificate.json rename to letsencrypt/acme/schemata/certificate.json diff --git a/letsencrypt/client/schemata/certificateRequest.json b/letsencrypt/acme/schemata/certificateRequest.json similarity index 87% rename from letsencrypt/client/schemata/certificateRequest.json rename to letsencrypt/acme/schemata/certificateRequest.json index 0ea5b83d7..c75e93bd9 100644 --- a/letsencrypt/client/schemata/certificateRequest.json +++ b/letsencrypt/acme/schemata/certificateRequest.json @@ -13,7 +13,7 @@ "pattern": "^[-_=0-9A-Za-z]+$" }, "signature" : { - "$ref": "file:letsencrypt/client/schemata/signature.json" + "$ref": "file:letsencrypt/acme/schemata/signature.json" } } } diff --git a/letsencrypt/client/schemata/challenge.json b/letsencrypt/acme/schemata/challenge.json similarity index 91% rename from letsencrypt/client/schemata/challenge.json rename to letsencrypt/acme/schemata/challenge.json index 92e22424b..b4b2a5205 100644 --- a/letsencrypt/client/schemata/challenge.json +++ b/letsencrypt/acme/schemata/challenge.json @@ -18,7 +18,7 @@ "type": "array", "minItems": 1, "items": { - "$ref": "file:letsencrypt/client/schemata/challengeobject.json" + "$ref": "file:letsencrypt/acme/schemata/challengeobject.json" } }, "combinations": { diff --git a/letsencrypt/client/schemata/challengeRequest.json b/letsencrypt/acme/schemata/challengeRequest.json similarity index 100% rename from letsencrypt/client/schemata/challengeRequest.json rename to letsencrypt/acme/schemata/challengeRequest.json diff --git a/letsencrypt/client/schemata/challengeobject.json b/letsencrypt/acme/schemata/challengeobject.json similarity index 100% rename from letsencrypt/client/schemata/challengeobject.json rename to letsencrypt/acme/schemata/challengeobject.json diff --git a/letsencrypt/client/schemata/defer.json b/letsencrypt/acme/schemata/defer.json similarity index 100% rename from letsencrypt/client/schemata/defer.json rename to letsencrypt/acme/schemata/defer.json diff --git a/letsencrypt/client/schemata/error.json b/letsencrypt/acme/schemata/error.json similarity index 100% rename from letsencrypt/client/schemata/error.json rename to letsencrypt/acme/schemata/error.json diff --git a/letsencrypt/client/schemata/jwk.json b/letsencrypt/acme/schemata/jwk.json similarity index 100% rename from letsencrypt/client/schemata/jwk.json rename to letsencrypt/acme/schemata/jwk.json diff --git a/letsencrypt/client/schemata/responseobject.json b/letsencrypt/acme/schemata/responseobject.json similarity index 96% rename from letsencrypt/client/schemata/responseobject.json rename to letsencrypt/acme/schemata/responseobject.json index dfb1fac28..c6d6c9c1b 100644 --- a/letsencrypt/client/schemata/responseobject.json +++ b/letsencrypt/acme/schemata/responseobject.json @@ -59,7 +59,7 @@ "pattern": "^[-_=0-9A-Za-z]+$" }, "signature": { - "$ref": "file:letsencrypt/client/schemata/signature.json" + "$ref": "file:letsencrypt/acme/schemata/signature.json" } } }, diff --git a/letsencrypt/client/schemata/revocation.json b/letsencrypt/acme/schemata/revocation.json similarity index 100% rename from letsencrypt/client/schemata/revocation.json rename to letsencrypt/acme/schemata/revocation.json diff --git a/letsencrypt/client/schemata/revocationRequest.json b/letsencrypt/acme/schemata/revocationRequest.json similarity index 86% rename from letsencrypt/client/schemata/revocationRequest.json rename to letsencrypt/acme/schemata/revocationRequest.json index 38cbe85b8..5eb604fd9 100644 --- a/letsencrypt/client/schemata/revocationRequest.json +++ b/letsencrypt/acme/schemata/revocationRequest.json @@ -12,7 +12,7 @@ "type" : "string" }, "signature" : { - "$ref": "file:letsencrypt/client/schemata/signature.json" + "$ref": "file:letsencrypt/acme/schemata/signature.json" } } } diff --git a/letsencrypt/client/schemata/signature.json b/letsencrypt/acme/schemata/signature.json similarity index 100% rename from letsencrypt/client/schemata/signature.json rename to letsencrypt/acme/schemata/signature.json diff --git a/letsencrypt/client/schemata/statusRequest.json b/letsencrypt/acme/schemata/statusRequest.json similarity index 100% rename from letsencrypt/client/schemata/statusRequest.json rename to letsencrypt/acme/schemata/statusRequest.json diff --git a/letsencrypt/client/auth_handler.py b/letsencrypt/client/auth_handler.py index b85996818..8e3c094fb 100644 --- a/letsencrypt/client/auth_handler.py +++ b/letsencrypt/client/auth_handler.py @@ -2,7 +2,8 @@ import logging import sys -from letsencrypt.client import acme +from letsencrypt import acme + from letsencrypt.client import CONFIG from letsencrypt.client import challenge_util from letsencrypt.client import errors @@ -105,7 +106,7 @@ class AuthHandler(object): # pylint: disable=too-many-instance-attributes """ try: auth = self.network.send_and_receive_expected( - acme.authorization_request( + acme.messages.authorization_request( self.msgs[domain]["sessionID"], domain, self.msgs[domain]["nonce"], diff --git a/letsencrypt/client/client.py b/letsencrypt/client/client.py index 223a1ce3a..197cee4e1 100644 --- a/letsencrypt/client/client.py +++ b/letsencrypt/client/client.py @@ -9,7 +9,8 @@ import sys import M2Crypto import zope.component -from letsencrypt.client import acme +from letsencrypt import acme + from letsencrypt.client import auth_handler from letsencrypt.client import client_authenticator from letsencrypt.client import CONFIG @@ -120,7 +121,7 @@ class Client(object): """ return self.network.send_and_receive_expected( - acme.challenge_request(domain), "challenge") + acme.messages.challenge_request(domain), "challenge") def acme_certificate(self, csr_der): """Handle ACME "certificate" phase. @@ -133,7 +134,8 @@ class Client(object): """ logging.info("Preparing and sending CSR...") return self.network.send_and_receive_expected( - acme.certificate_request(csr_der, self.authkey.pem), "certificate") + acme.messages.certificate_request( + csr_der, self.authkey.pem), "certificate") def save_certificate(self, certificate_dict, cert_path, chain_path): # pylint: disable=no-self-use diff --git a/letsencrypt/client/network.py b/letsencrypt/client/network.py index 2ec93136d..021ef8565 100644 --- a/letsencrypt/client/network.py +++ b/letsencrypt/client/network.py @@ -7,7 +7,8 @@ import time import jsonschema import requests -from letsencrypt.client import acme +from letsencrypt import acme + from letsencrypt.client import errors @@ -43,7 +44,7 @@ class Network(object): """ json_encoded = json.dumps(msg) - acme.acme_object_validate(json_encoded) + acme.messages.acme_object_validate(json_encoded) try: response = requests.post( @@ -57,7 +58,7 @@ class Network(object): 'Sending ACME message to server has failed: %s' % error) try: - acme.acme_object_validate(response.content) + acme.messages.acme_object_validate(response.content) except ValueError: raise errors.LetsEncryptClientError( 'Server did not send JSON serializable message') @@ -115,7 +116,8 @@ class Network(object): elif response["type"] == "defer": logging.info("Waiting for %d seconds...", delay) time.sleep(delay) - response = self.send(acme.status_request(response["token"])) + response = self.send( + acme.messages.status_request(response["token"])) else: logging.fatal("Received unexpected message") logging.fatal("Expected: %s", expected) diff --git a/letsencrypt/client/revoker.py b/letsencrypt/client/revoker.py index f8b75b39c..2731c4827 100644 --- a/letsencrypt/client/revoker.py +++ b/letsencrypt/client/revoker.py @@ -7,7 +7,8 @@ import shutil import M2Crypto import zope.component -from letsencrypt.client import acme +from letsencrypt import acme + from letsencrypt.client import CONFIG from letsencrypt.client import crypto_util from letsencrypt.client import display @@ -35,7 +36,7 @@ class Revoker(object): key = backup_key_file.read() revocation = self.network.send_and_receive_expected( - acme.revocation_request(cert_der, key), "revocation") + acme.messages.revocation_request(cert_der, key), "revocation") zope.component.getUtility(interfaces.IDisplay).generic_notification( "You have successfully revoked the certificate for " diff --git a/setup.py b/setup.py index 5501c7dd6..ee92bfe83 100755 --- a/setup.py +++ b/setup.py @@ -59,6 +59,7 @@ setup( url="https://letsencrypt.org", packages=[ 'letsencrypt', + 'letsencrypt.acme', 'letsencrypt.client', 'letsencrypt.client.apache', 'letsencrypt.client.tests',