pylego 0.1.2__py3-none-any.whl → 0.1.5__py3-none-any.whl

pylego/lego.go

@@ -0,0 +1,179 @@
+package main
+
+import "C"
+import (
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/x509"
+	"encoding/json"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"os"
+
+	"github.com/go-acme/lego/v4/certcrypto"
+	"github.com/go-acme/lego/v4/certificate"
+	"github.com/go-acme/lego/v4/challenge/http01"
+	"github.com/go-acme/lego/v4/challenge/tlsalpn01"
+	"github.com/go-acme/lego/v4/lego"
+	"github.com/go-acme/lego/v4/providers/dns"
+	"github.com/go-acme/lego/v4/registration"
+)
+
+type LegoInputArgs struct {
+	Email  string `json:"email"`
+	Server string `json:"server"`
+	CSR    string `json:"csr"`
+	Plugin string `json:"plugin"`
+	Env    map[string]string
+}
+
+type LegoOutputResponse struct {
+	CSR               string `json:"csr"`
+	PrivateKey        string `json:"private_key"`
+	Certificate       string `json:"certificate"`
+	IssuerCertificate string `json:"issuer_certificate"`
+	Metadata          `json:"metadata"`
+}
+
+type Metadata struct {
+	StableURL string `json:"stable_url"`
+	URL       string `json:"url"`
+	Domain    string `json:"domain"`
+}
+
+//export RunLegoCommand
+func RunLegoCommand(message *C.char) *C.char {
+	CLIArgs, err := extractArguments(C.GoString(message))
+	if err != nil {
+		return C.CString(fmt.Sprint("error: couldn't extract arguments: ", err))
+	}
+	for k, v := range CLIArgs.Env {
+		if err := os.Setenv(k, v); err != nil {
+			return C.CString(fmt.Sprint("error: couldn't load environment variables: ", err))
+		}
+
+	}
+	certificate, err := requestCertificate(CLIArgs.Email, CLIArgs.Server, CLIArgs.CSR, CLIArgs.Plugin)
+	if err != nil {
+		return C.CString(fmt.Sprint("error: couldn't request certificate: ", err))
+	}
+	response_json, err := json.Marshal(certificate)
+	if err != nil {
+		return C.CString(fmt.Sprint("error: coudn't build response message: ", err))
+	}
+	return_message_ptr := C.CString(string(response_json))
+	return return_message_ptr
+}
+
+func requestCertificate(email, server, csr, plugin string) (*LegoOutputResponse, error) {
+	privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		return nil, fmt.Errorf("couldn't generate priv key: %s", err)
+	}
+	user := LetsEncryptUser{
+		Email: email,
+		key:   privateKey,
+	}
+	config := lego.NewConfig(&user)
+
+	config.CADirURL = server
+	config.Certificate.KeyType = certcrypto.RSA2048
+
+	client, err := lego.NewClient(config)
+	if err != nil {
+		return nil, fmt.Errorf("couldn't create lego client: %s", err)
+	}
+
+	err = configureClientChallenges(client, plugin)
+	if err != nil {
+		return nil, fmt.Errorf("couldn't configure client challenges: %s", err)
+	}
+
+	reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
+	if err != nil {
+		return nil, fmt.Errorf("couldn't register user: %s", err)
+	}
+	user.Registration = reg
+
+	block, _ := pem.Decode([]byte(csr))
+	if block == nil || block.Type != "CERTIFICATE REQUEST" {
+		return nil, errors.New("failed to decode PEM block containing certificate request")
+	}
+	csrObject, err := x509.ParseCertificateRequest(block.Bytes)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse certificate request: %s", err)
+	}
+	request := certificate.ObtainForCSRRequest{
+		CSR:    csrObject,
+		Bundle: true,
+	}
+	certificates, err := client.Certificate.ObtainForCSR(request)
+	if err != nil {
+		return nil, fmt.Errorf("coudn't obtain cert: %s", err)
+	}
+
+	return &LegoOutputResponse{
+		CSR:               string(certificates.CSR),
+		PrivateKey:        string(certificates.PrivateKey),
+		Certificate:       string(certificates.Certificate),
+		IssuerCertificate: string(certificates.IssuerCertificate),
+		Metadata: Metadata{
+			StableURL: certificates.CertStableURL,
+			URL:       certificates.CertURL,
+			Domain:    certificates.Domain,
+		},
+	}, nil
+}
+
+func configureClientChallenges(client *lego.Client, plugin string) error {
+	switch plugin {
+	case "":
+		err := client.Challenge.SetHTTP01Provider(http01.NewProviderServer(os.Getenv("HTTP01_IFACE"), os.Getenv("HTTP01_PORT")))
+		if err != nil {
+			return errors.Join(errors.New("couldn't set http01 provider server: "), err)
+		}
+		err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer(os.Getenv("TLSALPN01_IFACE"), os.Getenv("TLSALPN01_PORT")))
+		if err != nil {
+			return errors.Join(errors.New("couldn't set tlsalpn01 provider server: "), err)
+		}
+	default:
+		dnsProvider, err := dns.NewDNSChallengeProviderByName(plugin)
+		if err != nil {
+			return errors.Join(fmt.Errorf("couldn't create %s provider: ", plugin), err)
+		}
+		err = client.Challenge.SetDNS01Provider(dnsProvider)
+		if err != nil {
+			return errors.Join(fmt.Errorf("couldn't set %s DNS provider server: ", plugin), err)
+		}
+	}
+	return nil
+}
+
+type LetsEncryptUser struct {
+	Email        string
+	Registration *registration.Resource
+	key          crypto.PrivateKey
+}
+
+func (u *LetsEncryptUser) GetEmail() string {
+	return u.Email
+}
+func (u LetsEncryptUser) GetRegistration() *registration.Resource {
+	return u.Registration
+}
+func (u *LetsEncryptUser) GetPrivateKey() crypto.PrivateKey {
+	return u.key
+}
+
+func extractArguments(jsonMessage string) (LegoInputArgs, error) {
+	var CLIArgs LegoInputArgs
+	if err := json.Unmarshal([]byte(jsonMessage), &CLIArgs); err != nil {
+		return CLIArgs, errors.Join(errors.New("cli args failed validation: "), err)
+	}
+	return CLIArgs, nil
+}
+
+func main() {}

{pylego-0.1.2.dist-info → pylego-0.1.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pylego
-Version: 0.1.2
+Version: 0.1.5
 Summary: A python wrapper package for the lego application written in Golang
 Author-email: Canonical <telco-engineers@lists.canonical.com>
 Project-URL: Homepage, https://github.com/canonical/pylego
@@ -12,8 +12,9 @@ Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Provides-Extra: test
-Requires-Dist: pytest ; extra == 'test'
-Requires-Dist: ruff ; extra == 'test'
+Requires-Dist: pytest; extra == "test"
+Requires-Dist: requests; extra == "test"
+Requires-Dist: ruff; extra == "test"
 
 # pylego
 

pylego-0.1.5.dist-info/RECORD

@@ -0,0 +1,11 @@
+pylego/__init__.py,sha256=7rcUcQcOWsOLxTOEXF2ASkwm_7eED1UIXzxdlgKPr5c,82
+pylego/go.mod,sha256=8WzL-rtbt5onJbzLCU6XAXfDAd_nhPFPg5D-gSyZj94,9471
+pylego/go.sum,sha256=h0v7-uaOYJBhVAOI8TImmCektYxMkf4mXQk2XZPgXrI,97959
+pylego/lego.go,sha256=52e3iR6uc70EszJDNYCpM_78Cb6zZuYj1kK9L5ZBz9Y,5281
+pylego/lego.so,sha256=rpi2KEj_rsKAXTjUnWFS2YHRxtKM5OUlkFMBcilMo1A,139818208
+pylego/pylego.py,sha256=bHsVzqMM2DZmhCAn-yqlxKQ4Pr5QRyOpBjP2dJSBKMU,1976
+pylego-0.1.5.dist-info/LICENSE,sha256=aklz9Y8CIpFsN61U4jHlJYp4W_8HoDpY-tINlDcdSZY,10934
+pylego-0.1.5.dist-info/METADATA,sha256=TztXvsE2sSN4Q5Yfp3LRVB50YQgJ8BVp7ELcG9a4vyU,5528
+pylego-0.1.5.dist-info/WHEEL,sha256=HiCZjzuy6Dw0hdX5R3LCFPDmFS4BWl8H-8W39XfmgX4,91
+pylego-0.1.5.dist-info/top_level.txt,sha256=pSOYv55_w90qy3xOvqz_ysSz-X-XRTb-jMpiOyLNnNs,7
+pylego-0.1.5.dist-info/RECORD,,

{pylego-0.1.2.dist-info → pylego-0.1.5.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (72.0.0)
+Generator: setuptools (72.2.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

pylego-0.1.2.dist-info/RECORD

@@ -1,8 +0,0 @@
-pylego/__init__.py,sha256=sYJobFIJ2iCzyicqTfQmqggMC-6-t9eO8fCtxG_6Q60,57
-pylego/lego.so,sha256=rpi2KEj_rsKAXTjUnWFS2YHRxtKM5OUlkFMBcilMo1A,139818208
-pylego/pylego.py,sha256=bHsVzqMM2DZmhCAn-yqlxKQ4Pr5QRyOpBjP2dJSBKMU,1976
-pylego-0.1.2.dist-info/LICENSE,sha256=aklz9Y8CIpFsN61U4jHlJYp4W_8HoDpY-tINlDcdSZY,10934
-pylego-0.1.2.dist-info/METADATA,sha256=Pv59fdUzVFSCycCXkV8dy5uk0FfOU8-n2C0u8B3lESE,5489
-pylego-0.1.2.dist-info/WHEEL,sha256=Rp8gFpivVLXx-k3U95ozHnQw8yDcPxmhOpn_Gx8d5nc,91
-pylego-0.1.2.dist-info/top_level.txt,sha256=pSOYv55_w90qy3xOvqz_ysSz-X-XRTb-jMpiOyLNnNs,7
-pylego-0.1.2.dist-info/RECORD,,