private IdentifierPart ParseIdentifierPart()
{
IdentifierPart part = new IdentifierPart(Current.Data, Current.Line, Current.Column);
Consume(); // consume identifier
// check for indexer
if (Current.TokenType == TokenType.LBracket)
{
Consume(); // [
part.Index = ParseExpression();
Consume(TokenType.RBracket); // ]
}
// check for method call
else if (Current.TokenType == TokenType.LParen)
{
Consume(); // (
part.IsMethod = true;
// parse parameters
while (Current.TokenType != TokenType.RParen)
{
part.MethodParameters.Add(ParseExpression());
if (Current.TokenType == TokenType.RParen)
{
break; // )
}
Consume(TokenType.Comma); // ,
}
Consume(TokenType.RParen); // )
}
return(part);
}
public Challenge Decode(IdentifierPart ip, ChallengePart cp, ISigner signer)
{
if (cp.Type != AcmeProtocol.CHALLENGE_TYPE_DNS)
{
throw new InvalidDataException("unsupported Challenge type")
.With("challengeType", cp.Type)
.With("supportedChallengeTypes", AcmeProtocol.CHALLENGE_TYPE_DNS);
}
//var token = (string)cp["token"];
var token = cp.Token;
// This response calculation is described in:
// https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.5
var keyAuthz = JwsHelper.ComputeKeyAuthorization(signer, token);
var keyAuthzDig = JwsHelper.ComputeKeyAuthorizationDigest(signer, token);
var ca = new DnsChallengeAnswer
{
KeyAuthorization = keyAuthz,
};
var c = new DnsChallenge(cp.Type, ca)
{
Token = token,
RecordName = $"{AcmeProtocol.DNS_CHALLENGE_NAMEPREFIX}{ip.Value}",
RecordValue = keyAuthzDig,
};
return(c);
}
public Challenge Decode(IdentifierPart ip, ChallengePart cp, ISigner signer)
{
if (cp.Type != AcmeProtocol.CHALLENGE_TYPE_HTTP)
{
throw new InvalidDataException("unsupported Challenge type")
.With("challengeType", cp.Type)
.With("supportedChallengeTypes", AcmeProtocol.CHALLENGE_TYPE_HTTP);
}
//var token = (string)cp["token"];
var token = cp.Token;
// This response calculation is described in:
// https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.2
var keyAuthz = JwsHelper.ComputeKeyAuthorization(signer, token);
var path = $"{AcmeProtocol.HTTP_CHALLENGE_PATHPREFIX}{token}";
var url = $"http://{ip.Value}/{path}";
var ca = new HttpChallengeAnswer
{
KeyAuthorization = keyAuthz,
};
var c = new HttpChallenge(cp.Type, ca)
{
Token = token,
FileUrl = url,
FilePath = path,
FileContent = keyAuthz,
};
return(c);
}
public Challenge Decode(IdentifierPart ip, ChallengePart cp, ISigner signer)
{
if (cp.Type != AcmeProtocol.CHALLENGE_TYPE_SNI)
{
throw new InvalidDataException("unsupported Challenge type")
.With("challengeType", cp.Type)
.With("supportedChallengeTypes", AcmeProtocol.CHALLENGE_TYPE_SNI);
}
var token = cp.Token;
// This response calculation is described in:
// https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.3
var keyAuthz = JwsHelper.ComputeKeyAuthorization(signer, token);
var keyAuthzDig = JwsHelper.ComputeKeyAuthorizationDigest(signer, token);
LOG.Debug("Computed key authorization {0} and digest {1}", keyAuthz, keyAuthzDig);
var ca = new TlsSniChallengeAnswer
{
KeyAuthorization = keyAuthz,
};
var c = new TlsSniChallenge(cp.Type, ca)
{
Token = token,
IterationCount = 1 // see: https://github.com/ietf-wg-acme/acme/pull/22 for reason n=1
};
return(c);
}
public void Id()
{
IdentifierPart a = new IdentifierPart("a", 1);
IdentifierPart b = new IdentifierPart("b", 10);
Identifier identifier = new Identifier(a, b);
Assert.AreEqual("a 1#b 10", identifier.Id());
}
public void Substitute()
{
IdentifierPart a = new IdentifierPart("a", 1);
IdentifierPart b = new IdentifierPart("b", 10);
Identifier identifier = new Identifier(a, b);
Assert.AreEqual("g[10].size() == 1", identifier.Substitute("g[__b__].size() == __a__"));
}
public IChallengeDecoder GetDecoder(IdentifierPart ip, ChallengePart cp)
{
return(new TlsSniChallengeDecoder());
}
public bool IsSupported(IdentifierPart ip, ChallengePart cp)
{
return(AcmeProtocol.CHALLENGE_TYPE_SNI == cp.Type);
}
public Identifier(IdentifierPart part) : this(new[] { part })
{
}
