Need Hep With
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}
Request
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "pSb37Nx2sCZFbC0uIsNn7USlYi0mhXuiDOUmv7CqhgdvBFiLG3aupF1BRD1y5J97Qw_dyFBOprFqoaYw7MIbxQbjTkCttZWiVdyzwj4A1DGydBI9vES7FabjjWjn4lkJhrxglemaq-6WTh6K5_WD4SF5_LcYBNqZwnrGGo1q_rhrREyhu9Q0agSXkVmO44Gu1UzahV0FtCc6pCY8zhM1MChRWzOrCRW25RxoxZWy9jfS1frUMbhRfGq8XbHE3e5Z8K5-h2aRg5HmRJWOsHffYmXunziO4lis5LvSyn7F10hlF149IZ6hVjP7JaincXf1GPrRptpVtm4O5KKWYQeZKw"
}
},
"protected": "ewogImFsZyI6ICJSUzI1NiIsCiAiandrIjogewogICJlIjogIkFRQUIiLAogICJrdHkiOiAiUlNBIiwKICAibiI6ICJwU2IzN054MnNDWkZiQzB1SXNObjdVU2xZaTBtaFh1aURPVW12N0NxaGdkdkJGaUxHM2F1cEYxQlJEMXk1Sjk3UXdfZHlGQk9wckZxb2FZdzdNSWJ4UWJqVGtDdHRaV2lWZHl6d2o0QTFER3lkQkk5dkVTN0ZhYmpqV2puNGxrSmhyeGdsZW1hcS02V1RoNks1X1dENFNGNV9MY1lCTnFad25yR0dvMXFfcmhyUkV5aHU5UTBhZ1NYa1ZtTzQ0R3UxVXphaFYwRnRDYzZwQ1k4emhNMU1DaFJXek9yQ1JXMjVSeG94Wld5OWpmUzFmclVNYmhSZkdxOFhiSEUzZTVaOEs1LWgyYVJnNUhtUkpXT3NIZmZZbVh1bnppTzRsaXM1THZTeW43RjEwaGxGMTQ5SVo2aFZqUDdKYWluY1hmMUdQclJwdHBWdG00TzVLS1dZUWVaS3ciCiB9LAogImtpZCI6ICIiLAogIm5vbmNlIjogIkcwN0pYS190NWI3amhWenNtS3ZaaGFZcDdqSzg1NzFZSUZzU2RFdkdndk0iLAogInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIKfQ",
"payload": "ewogInRlcm1zT2ZTZXJ2aWNlQWdyZWVkIjogdHJ1ZSwKICJjb250YWN0IjogWwogICJtYWlsdG86c2V0ZGNAZ21haWwuY29tIiwKICAibWFpbHRvOnNldGRjMUBnbWFpbC5jb20iCiBdCn0",
"signature": "X2eGFaT6pj4ENsmjbCqIaQJKF9KD9Kyu7SJz2ixFy6SJLLGab7uNanZtUUciw0jKtWKyn-Eul59mPNlwnWhWuO6d3AJJ_wAyO2YbdwJPJT0Gm5R2Ikvbr99kzc_zqNUp135AOY4TqNa56n01_y2r75cqWTNVSR6drvS0SAdphHjR2tgisX4fBuRLpViDVMowxSVSnIYDbOt7KUGwWg0RAjcrA_IDZftAVv66QdUxdz-KGIyCqmx1OBJxO9vZrNVv1rs4JCD4v0Gh-yYz1_eVIi5nmhziAsKAhEk1WAeNC5u1zjqXNcuTtOo1C_JmSc0UkIoi3FKxg1kqlyW9UgaiuA"
}
Response
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}
Code
package main
import (
"net/http"
"bytes"
"encoding/base64"
"crypto/rsa"
"log"
"crypto/rand"
"math/big"
"fmt"
"encoding/json""io/ioutil"
"crypto/sha256"
"crypto"
)type Jwk struct {
E stringjson:"e"
Kty stringjson:"kty"
N stringjson:"n"
}type Header struct {
Alg stringjson:"alg"
Jwk Jwkjson:"jwk"
}type Protected struct {
Alg stringjson:"alg"
Jwk Jwkjson:"jwk, omitempty"
Kid stringjson:"kid, omitempty"
Nonce stringjson:"nonce"
URL stringjson:"url"
}type Payload struct {
TermsOfServiceAgreed booljson:"termsOfServiceAgreed"
Contact stringjson:"contact"
}type AcmeRequest struct {
Header Headerjson:"header"
Protected Protectedjson:"protected"
Payload Payloadjson:"payload"
Signature stringjson:"signature"
}type Signature struct {
Protected string
Payload string
}func (signature Signature) join() string {
return fmt.Sprintf("%s.%s", signature.Protected, signature.Payload)
}type Account struct {
Status stringjson:"status"
Contact stringjson:"contact"
TermsOfServiceAgreed booljson:"termsOfServiceAgreed"
Orders stringjson:"orders"
}func Send(b byte) {
request, _ := http.NewRequest("POST", "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", bytes.NewBuffer(b))
request.Header.Set("Content-Type", "application/jose+json")
request.Header.Set("User-Agent", "Vighnesh-Go v2.0")
request.Header.Set("Accept-Language", "en")
request.Header.Set("Access-Control-Allow-Origin", "*")client := &http.Client{}
resp, err := client.Do(request)
if err != nil {
panic(err)
}
defer resp.Body.Close()body, _ := ioutil.ReadAll(resp.Body)
fmt.Println("response Body:", string(body))
}func GetNonce() (string, error) {
response, err := http.Get("https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce")
return response.Header["Replay-Nonce"][0], err
}func main() {
nonce, _ := GetNonce()
fmt.Println(nonce)
acmeRequest := AcmeRequest{}privkey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
log.Printf("failed to generate private key: %s", err)
return
}pubKey := &privkey.PublicKey
e := base64URLEncode(big.NewInt(int64(pubKey.E)).Bytes())
n := base64URLEncode(pubKey.N.Bytes())
kty := "RSA"acmeRequest.Header.Alg = "RS256"
acmeRequest.Header.Jwk.E = e
acmeRequest.Header.Jwk.Kty = kty
acmeRequest.Header.Jwk.N = nacmeRequest.Protected.Alg = "RS256"
acmeRequest.Protected.URL = "https://acme-v02.api.letsencrypt.org/acme/new-acct"acmeRequest.Protected.Jwk.E = e
acmeRequest.Protected.Jwk.Kty = kty
acmeRequest.Protected.Jwk.N = nacmeRequest.Protected.Nonce = nonce
contact := string{"mailto:setdc@gmail.com", "mailto:setdc1@gmail.com"}
acmeRequest.Payload.Contact = contact
acmeRequest.Payload.TermsOfServiceAgreed = trueprotectedJson, _ := json.MarshalIndent(acmeRequest.Protected, "", " ")
//fmt.Println("protected:", string(protectedJson))payloadJson, _ := json.MarshalIndent(acmeRequest.Payload, "", " ")
//fmt.Println("payload:", string(payloadJson))urlEncodedProtected := base64URLEncode(protectedJson)
urlEncodedPayload := base64URLEncode(payloadJson)acmeRequest.Signature = Signature{urlEncodedProtected, urlEncodedPayload}.join()
type EncodedAcmeRequest struct {
Header Headerjson:"header"
Protected stringjson:"protected"
Payload stringjson:"payload"
Signature stringjson:"signature"
}encodedACMERequest := EncodedAcmeRequest{}
signed, signError := Sign(privkey, byte(acmeRequest.Signature))
if signError != nil {
fmt.Println("Could not sign", signError)
}
//fmt.Println("signed", string(signed))
signature := base64URLEncode(signed)
fmt.Println(signature)encodedACMERequest.Protected = urlEncodedProtected
encodedACMERequest.Header = acmeRequest.Header
encodedACMERequest.Payload = urlEncodedPayload
encodedACMERequest.Signature = signatureb, err := json.MarshalIndent(encodedACMERequest, "", " ")
unsigned := Unsign(pubKey, byte(acmeRequest.Signature), signed)
fmt.Println("unsigned", unsigned)
fmt.Println(string(b))
Send(signed)}
func Sign(privateKey *rsa.PrivateKey, data byte) (byte, error) {
sha := sha256.New()
sha.Write(data)
sha256Hash := sha.Sum(nil)
return rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, sha256Hash)
}// Unsign verifies the message using a rsa-sha256 signature
func Unsign(publicKey *rsa.PublicKey, message byte, signed byte) error {
sha := sha256.New()
sha.Write(message)
sha256Hash := sha.Sum(nil)
return rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, sha256Hash, signed)
}func base64URLEncode(data byte) string {
return base64.RawURLEncoding.EncodeToString(data)
}func base64URLDecode(data string) (byte, error) {
return base64.RawURLEncoding.DecodeString(data)
}