summaryrefslogtreecommitdiff
path: root/modules/caddytls
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2020-06-11 15:33:27 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2020-06-11 15:33:27 -0600
commit6d03fb48f9189d286733913f189117d3cced3df5 (patch)
treebf9af1c62916aaa253d52dee16a7e2ba91b33dec /modules/caddytls
parentb3bff13f7d3635c5c51f71b9e4598d71deab4585 (diff)
caddytls: Don't decode HMAC
https://caddy.community/t/trouble-with-external-account-hmac/8600?u=matt
Diffstat (limited to 'modules/caddytls')
-rw-r--r--modules/caddytls/acmeissuer.go13
1 files changed, 4 insertions, 9 deletions
diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go
index d610946..195ddeb 100644
--- a/modules/caddytls/acmeissuer.go
+++ b/modules/caddytls/acmeissuer.go
@@ -17,7 +17,6 @@ package caddytls
import (
"context"
"crypto/x509"
- "encoding/base64"
"fmt"
"io/ioutil"
"net/url"
@@ -141,16 +140,12 @@ func (m *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) {
}
if m.ExternalAccount != nil {
- hmac, err := base64.StdEncoding.DecodeString(m.ExternalAccount.EncodedHMAC)
- if err != nil {
- return template, err
- }
- if m.ExternalAccount.KeyID == "" || len(hmac) == 0 {
+ if m.ExternalAccount.KeyID == "" || m.ExternalAccount.HMAC == "" {
return template, fmt.Errorf("when an external account binding is specified, both key ID and HMAC are required")
}
template.ExternalAccount = &certmagic.ExternalAccountBinding{
KeyID: m.ExternalAccount.KeyID,
- HMAC: hmac,
+ HMAC: m.ExternalAccount.HMAC,
}
}
@@ -238,8 +233,8 @@ type ExternalAccountBinding struct {
// The key identifier.
KeyID string `json:"key_id,omitempty"`
- // The base64-encoded HMAC.
- EncodedHMAC string `json:"hmac,omitempty"`
+ // The HMAC.
+ HMAC string `json:"hmac,omitempty"`
}
// Interface guards