diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2020-06-11 15:33:27 -0600 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2020-06-11 15:33:27 -0600 |
commit | 6d03fb48f9189d286733913f189117d3cced3df5 (patch) | |
tree | bf9af1c62916aaa253d52dee16a7e2ba91b33dec /modules/caddytls | |
parent | b3bff13f7d3635c5c51f71b9e4598d71deab4585 (diff) |
caddytls: Don't decode HMAC
https://caddy.community/t/trouble-with-external-account-hmac/8600?u=matt
Diffstat (limited to 'modules/caddytls')
-rw-r--r-- | modules/caddytls/acmeissuer.go | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/modules/caddytls/acmeissuer.go b/modules/caddytls/acmeissuer.go index d610946..195ddeb 100644 --- a/modules/caddytls/acmeissuer.go +++ b/modules/caddytls/acmeissuer.go @@ -17,7 +17,6 @@ package caddytls import ( "context" "crypto/x509" - "encoding/base64" "fmt" "io/ioutil" "net/url" @@ -141,16 +140,12 @@ func (m *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) { } if m.ExternalAccount != nil { - hmac, err := base64.StdEncoding.DecodeString(m.ExternalAccount.EncodedHMAC) - if err != nil { - return template, err - } - if m.ExternalAccount.KeyID == "" || len(hmac) == 0 { + if m.ExternalAccount.KeyID == "" || m.ExternalAccount.HMAC == "" { return template, fmt.Errorf("when an external account binding is specified, both key ID and HMAC are required") } template.ExternalAccount = &certmagic.ExternalAccountBinding{ KeyID: m.ExternalAccount.KeyID, - HMAC: hmac, + HMAC: m.ExternalAccount.HMAC, } } @@ -238,8 +233,8 @@ type ExternalAccountBinding struct { // The key identifier. KeyID string `json:"key_id,omitempty"` - // The base64-encoded HMAC. - EncodedHMAC string `json:"hmac,omitempty"` + // The HMAC. + HMAC string `json:"hmac,omitempty"` } // Interface guards |