Stowage/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-10-19 15:53:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

caddytls: Don't decode HMAC

Browse source 
https://caddy.community/t/trouble-with-external-account-hmac/8600?u=matt
This commit is contained in:
Matthew Holt 2020-06-11 15:33:27 -06:00
parent b3bff13f7d
commit 6d03fb48f9
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
3 changed files with 7 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/caddytls/acmeissuer.go
View file

@ -17,7 +17,6 @@ package caddytls
import (
"context"
"crypto/x509"
"encoding/base64"
"fmt"
"io/ioutil"
"net/url"
@ -141,16 +140,12 @@ func (m *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) {
}
if m.ExternalAccount != nil {
hmac, err := base64.StdEncoding.DecodeString(m.ExternalAccount.EncodedHMAC)
if err != nil {
return template, err
}
if m.ExternalAccount.KeyID == "" || len(hmac) == 0 {
if m.ExternalAccount.KeyID == "" || m.ExternalAccount.HMAC == "" {
return template, fmt.Errorf("when an external account binding is specified, both key ID and HMAC are required")
}
template.ExternalAccount = &certmagic.ExternalAccountBinding{
KeyID: m.ExternalAccount.KeyID,
HMAC: hmac,
HMAC: m.ExternalAccount.HMAC,
}
}
@ -238,8 +233,8 @@ type ExternalAccountBinding struct {
// The key identifier.
KeyID string `json:"key_id,omitempty"`
// The base64-encoded HMAC.
EncodedHMAC string `json:"hmac,omitempty"`
// The HMAC.
HMAC string `json:"hmac,omitempty"`
}
// Interface guards