Spaces:
Running
Running
File size: 6,332 Bytes
a21cd42 f74c8dc a21cd42 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 |
import re
import sys
import time
from genPVTCSR import gen_pvt_csr
from tools import get_domains, get_ca_server, get_kid_hmac, extract_subdomains
from acme_tools import pg_client, new_account
from getTokenCert import get_tokens, verify_tokens
from gen_records import txt_recs
from dns_cf import add_txt, del_txt
from verify_txt import verify_txt
def cf_non_wildcard(verification_tokens, email, exchange):
tokens = verification_tokens
for key, value in tokens.items():
txt_rec = txt_recs(key, exchange)
txt_value = value[0].strip()
try:
del_txt(txt_rec)
except Exception as e:
print(f"Error deleting TXT records or no TXT records exists: {e}")
add_txt(txt_rec, txt_value, ssl_email=email)
def cf_wildcard(verification_tokens, email, exchange):
tokens = verification_tokens
for key, value in tokens.items():
txt_rec = txt_recs(key, exchange)
try:
del_txt(txt_rec)
except Exception as e:
print(f"Error deleting TXT records or no TXT records exists: {e}")
for txt_value in value:
add_txt(txt_rec, txt_value, ssl_email=email)
def verify_email(email):
pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
return re.match(pattern, email)
def validate_domains(i_domains):
domains = []
try:
domains = get_domains(i_domains)
except:
domains = i_domains
pattern = r'^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$'
for domain in domains:
if re.match(pattern, domain):
continue
else:
return False
return True
def verify_txt_records(verification_tokens, exchange):
tokens = verification_tokens
for key, value in tokens.items():
txt_rec = key
txt_value = value[0].strip()
if not verify_txt(txt_rec, txt_value):
return False
else:
continue
return True
def handle_error(message):
err = f"Error: {message}"
return err, err, err
def main(i_domains, wildcard, email, ca_server, key_type, key_size=None, key_curve=None, kid=None, hmac=None):
if i_domains == "":
print("domain", i_domains)
return handle_error("No domain provided")
elif not validate_domains(i_domains):
print("domain", i_domains)
return handle_error("Invalid domains provided")
else:
print("domain", i_domains)
if email == "":
print("email", email)
return handle_error("No email provided")
elif not verify_email(email):
print("email", email)
return handle_error("Invalid email provided")
else:
print("email", email)
if ca_server == "":
print("ca", ca_server)
return handle_error("No CA server provided")
else:
print("ca", ca_server)
if key_type == "":
print("key type", key_type)
return handle_error("No key type provided")
else:
print("key type", key_type)
if key_curve == "":
print("size", key_size)
print("curve", key_curve)
return handle_error("No key size or curve provided")
else:
print("size", key_size)
print("curve", key_curve)
print("All data filled")
domains = get_domains(i_domains)
exchange = extract_subdomains(domains=domains)
if wildcard:
domains = [exchange, f'*.{exchange}']
ca_server_url = get_ca_server(ca_server, key_type)
pgk_client = pg_client(ca_server_url, key_type=key_type, key_size=key_size, key_curve=key_curve)
if pgk_client is None:
return handle_error("Cannot create client access")
nkid, nhmac = get_kid_hmac(ca_server)
if nkid == 'Error' or nhmac == 'Error':
return handle_error("Try with another provider or contact us")
kid = nkid
hmac = nhmac
account = new_account(pgk_client, email, kid=kid, hmac=hmac)
if not account:
return handle_error("Cannot generate your SSL. Too many requests for this domain.")
private_key, csr = gen_pvt_csr(domains=domains, email=email, key_type=key_type, key_curve=key_curve, key_size=key_size)
verification_tokens, challs, order = get_tokens(pgk_client, csr, ca_server_url)
try:
if wildcard:
cf_wildcard(verification_tokens, email, exchange)
else:
cf_non_wildcard(verification_tokens, email, exchange)
except Exception as e:
print(f"Error adding TXT records: {e}")
# verify TXT
'''
for i in range(60):
print(f"Waiting for {60-i} seconds", end="\r")
time.sleep(1)
'''
while not verify_txt_records(verification_tokens, exchange):
print("TXT records not verified yet")
time.sleep(5)
cert = verify_tokens(pgk_client, challs, order)
for key in verification_tokens:
txt_rec = txt_recs(key, exchange)
try:
del_txt(txt_rec)
print("TXT records deleted successfully")
except Exception as e:
print(f"Error deleting TXT records or no TXT records exist: {e}")
private_key = private_key.decode("utf-8")
csr = csr.decode("utf-8")
cert = cert.decode("utf-8")
return private_key, csr, cert
if __name__ == "__main__":
DOMAINS = 'raannakasturi.eu.org'
ca_server = "Google" #Let's Encrypt (Testing), Let's Encrypt, Google (Testing), Google, Buypass (Testing), Buypass, ZeroSSL, SSL.com
EMAIL = "[email protected]"
key_type = "ecc"
key_curve = "ec384"
key_size = None
KID = None
HMAC = None
private_key, csr, cert = main(i_domains=DOMAINS, wildcard=True, email=EMAIL, ca_server=ca_server, key_type=key_type, key_size=key_size,key_curve=key_curve, kid=KID, hmac=HMAC)
print("Private Key:")
print(private_key)
print()
print("CSR:")
print(csr)
print()
print("Certificate:")
print(cert)
|