62#include <diagnostics.h>
65#include <crypto/wolfssl/wolfcrypt/ecc.h>
66#include <crypto/wolfssl/wolfcrypt/random.h>
67#include <crypto/wolfssl/wolfcrypt/sha256.h>
68#include <crypto/wolfssl/wolfcrypt/hash.h>
69#include <crypto/wolfssl/wolfcrypt/asn_public.h>
70#include <crypto/wolfssl/wolfcrypt/wolfmath.h>
74const int ACME_ERR_NONE=0;
75const int ACME_ERR_HAL_SAVE_FAIL=-10;
76const int ACME_ERR_CSR_ERR=-11;
77const int ACME_ERR_FAIL_READ_EXPIRY=-12;
78const int ACME_ERR_STORED_CERT_INVALID=-14;
79const int ACME_FAILED_GET_DIR=-15;
80const int ACME_FAILED_GET_NONCE=-16;
81const int ACME_FAILED_GET_NONCE_DIR=-17;
82const int ACME_FAILED_GET_ACCOUNT=-18;
83const int ACME_ERR_GET_CSR_FAIL=-19;
84const int ACME_ERR_ORDER_FAIL=-20;
85const int ACME_ERR_MALLOC_FAIL=-21;
86const int ACME_ERR_SELF_FAIL=-22;
87const int ACME_ERR_DNS_FAIL=-23;
88const int ACME_ERR_TRANSACT_FAIL=-24;
101 virtual void ProcessHeader(
const char * hdr);
103 AcmeServletBuffer(AcmeDataSet * pOwner) {pAcme=pOwner;}
121AcmeServletBuffer AuthBuffer;
132eAcmeAuthState_t m_State;
139void InitNew(
const NBString & src,
int index);
142bool ProcessForState();
143bool ProcessForTimeout();
144const char * GetStateCC();
146void SetTimeoutSecs(
int secs);
147inline bool valid() {
return (m_State==eAuthValid); };
156AcmeServletBuffer DirListing;
157AcmeServletBuffer OrderResult;
158AcmeServletBuffer TransactionResult;
168AcmeAuthItem AuthItem;
170uint8_t CertBigBuffer[16384];
171SimpleBufferObject sbo{CertBigBuffer,16384};
176bool ScanHeaderAndSet(
const char * pTarget,
NBString & setv,
const char * hdr);
179void ProcessHeader(
const char * hdr);
181AcmeDataSet(
AcmeServletObject & owner):DirListing(this),OrderResult(this),TransactionResult(this),AuthItem(owner,this)
208 } eAcmeServletState_t;
210const char * m_AcmeServerUrl;
218puint8_t m_pServerKey;
219puint8_t m_pServerCert;
231AcmeDataSet * pAcmeSet;
233eAcmeServletState_t m_pvt_State;
236int m_Retry_Transaction;
237uint32_t m_StatusFlags;
256 void FillInReq(Cert & req);
264void SendForState(eAcmeServletState_t state);
265void ProcessForState(eAcmeServletState_t state);
266void ProcessForTimeout(eAcmeServletState_t state);
270PoolPtr PrepTransaction(
const NBString & url,
const char* payload=
"",
bool bJwk=
false);
271void StartTransaction(AcmeServletBuffer & buf,
const char * dir_entry,
const char* payload=
"",
bool bJwk=
false);
272void StartTransactionUrl(AcmeServletBuffer & buf,
const NBString & url,
const char* payload=
"",
bool bJwk=
false);
276bool SaveKeysToStorage();
279bool MakeSaveSelfSignedCert();
283void UseCurrentCert();
286virtual void ServeContent(
int fd);
289virtual int AddToSelectSet(fd_set &rd_set, fd_set &wr_set, fd_set &er_set);
292virtual void ActionComplete(eWebClientAction_t action);
300inline bool FlagIsSet(uint32_t flag){
return ((m_StatusFlags&flag)==flag); };
301inline bool FlagIsClear(uint32_t flag){
return ((m_StatusFlags&flag)==0); };
302inline void SetFlag(uint32_t flag) {m_StatusFlags|=flag;};
303inline void ClearFlag(uint32_t flag){m_StatusFlags &=(~flag); };
305inline eAcmeServletState_t GetState() {
return m_pvt_State;};
306inline void SetState(eAcmeServletState_t s){m_pvt_State=s;}
332void SetDiag(
bool v){bDiag=v;
if(pAcmeSet) pAcmeSet->bDiag=v;}
360m_AcmeServerUrl(pUrlDir),
362m_pvt_State(eWaitStart),
365m_Retry_Transaction(0),
398 (useStaging ?
"https://acme-staging-v02.api.letsencrypt.org/directory" :
"https://acme-v02.api.letsencrypt.org/directory")
419 "https://api.buypass.com/acme/directory"
Onboard Self-Signed Certificate Generation.
Main ACME Client Class.
Definition acmeRFC8555Servlet.h:192
void SetDiag(bool v)
Turn on diganostic printf messages to the console.
Definition acmeRFC8555Servlet.h:332
const char * GetStateCC()
Returns the specific state condition of the acmeservlet.
AcmeServletObject(const char *pUrlDir)
ACME Client Constructor.
Definition acmeRFC8555Servlet.h:358
void Delete_Everything_Restart()
Re-request the ACME certificate.
NBString GetStateString()
Returns the specific state condition of the acmeservlet.
friend CertGenData * GetDataForCertGen()
A function to be overridden to pass certificate details to the certificate generator.
Definition SSL/SslOnboardCertGeneration/CompiledCa/src/main.cpp:26
NBString GetGlobalStateString()
Returns the detailed state of the ACME process.
ACME Client for BuyPass.
Definition acmeRFC8555Servlet.h:409
BuyPassAcmeServletObject()
Enable the BuyPass ACME client.
Definition acmeRFC8555Servlet.h:417
Diagnostics item.
Definition diagnostics.h:50
Base class for all GET handlers. To handle GET requests for a specific URL in your application,...
Definition http.h:121
ACME Client for Let's Encrypt.
Definition acmeRFC8555Servlet.h:387
LetsEncryptAcmeServletObject(const bool useStaging=false)
Enable the Let's Encrypt ACME client.
Definition acmeRFC8555Servlet.h:396
Lightweight alternative to C++ CString class.
Definition nbstring.h:118
A class to create, read, and modify a JSON object.
Definition json_lexer.h:530
NetBurner IP Definitions.
NetBurner JSON Lexer. See the JSON Lexer page for complete documentation.
NetBurner Time Header File.
NetBurner IPADDR4 Class. See the IPADDR4 Class page for complete documentation.
Used to store the information that is passed in when enabling onboard generated certificates,...
Definition certgen.h:111
HTTP Request Structure.
Definition http.h:69