Merge pull request #6 from jaredhendrickson13/rsa4096_fix

v1.0.2 Fixes
jaredhendrickson13 · Jan 7, 2021 · bc2faf8 · bc2faf8
2 parents aefc752 + 4932463
commit bc2faf8
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@ simple_acme_dns
 ================
 **simple_acme_dns** is a pure-Python ACME client specifically tailored to the DNS-01 challenge. This makes it easy to manage ACME 
 certificates and accounts without the need for an external tool like `certbot`. Although this module is intended for use
-with Let's Encrypt, it will support any CA utilizing the ACME protocol.
+with Let's Encrypt, it will support any CA utilizing the ACME v2 protocol.
 
 Sub-modules
 -----------
@@ -225,7 +225,7 @@ b'-----BEGIN CERTIFICATE REQUEST-----\nMIHxMIGZAgECMAAwWTATBgckjkn...'
 :   Generates a new RSA or EC private key.
 
 - :param `key_type` [`str`]: the requested `private_key` type. Options are: [`ec256`, `ec384`, `rsa2048`,
-`rsa4098`]
+`rsa4096`]
 
 - :return [`bytes`]: the encoded private key PEM data string. This method will update the `private_key` property
  of the object with the same value.
@@ -245,7 +245,7 @@ b'-----BEGIN EC PRIVATE KEY-----\nMIGkAgEBBDAZRFNLcQdVJmLh42p8F4D92...'
 :   Generates a new private key and CSR.
 
 - :param `key_type` [`str`]: the requested `private_key` type. Options are: [`ec256`, `ec384`, `rsa2048`,
-`rsa4098`]
+`rsa4096`]
 
 - :return [`tuple`]: first value contains the key, the second value contains the CSR. This method will update
 the `private_key` and `csr` properties of this object with the same values.

diff --git a/examples/example_advanced.py b/examples/example_advanced.py
@@ -29,7 +29,7 @@
 client.new_account()
 
 # Create a new RSA private key and CSR
-client.generate_private_key_and_csr(key_type="rsa4098")
+client.generate_private_key_and_csr(key_type="rsa4096")
 
 # Request the verification token for our domains. Print each challenge FQDN and it's corresponding token.
 for domain, token in client.request_verification_tokens():

diff --git a/setup.py b/setup.py
@@ -32,12 +32,12 @@ def requirements():
     name='simple_acme_dns',
     author='Jared Hendrickson',
     author_email='jaredhendrickson13@gmail.com',
-    url="https://github.com/jaredhendrickson13/pyacmedns",
+    url="https://github.com/jaredhendrickson13/simple_acme_dns",
     license="Apache-2.0",
-    description="A Python ACME client for the DNS-01 challenege",
+    description="A Python ACME client for the DNS-01 challenge",
     long_description=read_me(),
     long_description_content_type="text/markdown",
-    version="1.0.1",
+    version="1.0.2",
     packages=["simple_acme_dns", "simple_acme_dns.tools", "simple_acme_dns.errors"],
     install_requires=requirements(),
     classifiers=[

diff --git a/simple_acme_dns/__init__.py b/simple_acme_dns/__init__.py
@@ -34,7 +34,7 @@
 __doc__ = """
 simple_acme_dns is a Python ACME client specifically tailored to the DNS-01 challenge. This makes it easy to manage ACME 
 certificates and accounts all within Python without the need for an external tool like `certbot`. Although this module 
-is intended for use with Let's Encrypt, it will support any CA utilizing the ACME protocol. 
+is intended for use with Let's Encrypt, it will support any CA utilizing the ACME v2 protocol. 
 """
 
 
@@ -129,7 +129,7 @@ def generate_private_key(self, key_type='ec256'):
         """
         Generates a new RSA or EC private key.\n
         - :param `key_type` [`str`]: the requested `private_key` type. Options are: [`ec256`, `ec384`, `rsa2048`,
-        `rsa4098`]\n
+        `rsa4096`]\n
         - :return [`bytes`]: the encoded private key PEM data string. This method will update the `private_key` property
          of the object with the same value.\n
         - :raises `InvalidKeyType`: when an unknown/unsupported `key_type` is requested\n\n
@@ -160,14 +160,14 @@ def generate_private_key(self, key_type='ec256'):
             key = OpenSSL.crypto.PKey()
             key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
             self.private_key = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
-        # Generate a RSA4098 private key
-        elif key_type == 'rsa4098':
+        # Generate a RSA4096 private key
+        elif key_type == 'rsa4096':
             key = OpenSSL.crypto.PKey()
             key.generate_key(OpenSSL.crypto.TYPE_RSA, 4096)
             self.private_key = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
         # Otherwise, the requested key type is not supported. Throw an error
         else:
-            options = ['ec256', 'ec384', 'rsa2048', 'rsa4098']
+            options = ['ec256', 'ec384', 'rsa2048', 'rsa4096']
             msg = "Invalid private key rtype '{key_type}'. Options {options}".format(key_type=key_type, options=options)
             raise errors.InvalidKeyType(msg)
         return self.private_key
@@ -176,7 +176,7 @@ def generate_private_key_and_csr(self, key_type='ec256'):
         """
         Generates a new private key and CSR.\n
         - :param `key_type` [`str`]: the requested `private_key` type. Options are: [`ec256`, `ec384`, `rsa2048`,
-        `rsa4098`]\n
+        `rsa4096`]\n
         - :return [`tuple`]: first value contains the key, the second value contains the CSR. This method will update
         the `private_key` and `csr` properties of this object with the same values.\n\n
 
@@ -374,8 +374,6 @@ def export_account_to_file(self, path='.', name='account.json', save_certificate
         ... )
         ```
         """
-        self.__validate_registration__()
-        self.__validate_domains__()
         dir_path = pathlib.Path(path).absolute()
 
         # Ensure our path is an existing directory, throw an error otherwise
@@ -531,12 +529,14 @@ def check_dns_propagation(self, timeout=300, interval=2, authoritative=False, ro
 
     def __verify_challenge__(self):
         """
-        Checks that the DNS-01 challenge is supported by the ACME server and initializes the challenge. This is an
+        Checks that the DNS-01 challenge is supported by the ACME server and initializes the challenge. In addition,
+        this method will overwrite the `domains` attribute with the domains listed in each challenge. This is an
         internal method and is not intended for use otherwise.
         :return: (list) a list of acme.challenges.ChallengeBody objects
         :raises: ChallengeUnavailable when the specified ACME server does not support the DNS-01 challenge
         """
         self.__challenges__ = []
+        self.domains = []
         authz_list = self.__order__.authorizations
 
         # Loop through each of our authorizations
@@ -546,6 +546,7 @@ def __verify_challenge__(self):
                 # Add the DNS-01 challenge if it is found
                 if isinstance(i.chall, challenges.DNS01):
                     self.__challenges__.append(i)
+                    self.domains += [authz.body.identifier.value]
 
         # If no challenges were found, throw an error
         if not self.__challenges__: