let's encrypt - wip

Cargo.toml

@@ -17,6 +17,7 @@ edition = "2018"
 members = [
   "actix-codec",
   "actix-connect",
+  "actix-lets-encrypt",
   "actix-rt",
   "actix-service",
   "actix-server",

actix-lets-encrypt/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "actix-lets-encrypt"
+version = "0.1.0"
+authors = ["Jordan Deitch <jd@rsa.pub>"]
+description = "Actix Let's Encrypt"
+keywords = ["network", "framework", "async", "futures"]
+homepage = "https://actix.rs"
+repository = "https://github.com/actix/actix-net.git"
+documentation = "https://docs.rs/actix-lets-encrypt/"
+categories = ["network-programming", "asynchronous"]
+license = "MIT/Apache-2.0"
+exclude = [".gitignore", ".travis.yml", ".cargo/config", "appveyor.yml"]
+edition = "2018"
+workspace = ".."
+
+[lib]
+name = "actix_lets_encrypt"
+path = "src/lib.rs"
+
+[dependencies]
+acme-client = {version = "0.5", default-features = false}

actix-lets-encrypt/src/certificate_signer.rs

@@ -0,0 +1,64 @@
+use acme_client::Directory;
+
+struct CertificateError {
+    message: String,
+}
+
+impl std::error::Error for CertificateError {
+    fn description(&self) -> &str { self.message.as_str() }
+    fn cause(&self) -> Option<&dyn std::error::Error> { None }
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> { None }
+}
+
+impl std::fmt::Display for CertificateError {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(f, "An Error Occurred, Please Try Again!")
+    }
+}
+
+impl std::fmt::Debug for CertificateError {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(f, "{{ file: {}, line: {} }}", file!(), line!())
+    }
+}
+
+impl CertificateError {
+    fn new(message: String) -> Self {
+        CertificateError { message }
+    }
+}
+
+impl std::convert::From<acme_client::error::Error> for CertificateError {
+    fn from(e: acme_client::error::Error) -> Self {
+        return CertificateError::new(e.to_string());
+    }
+}
+
+struct CertificateRequest<'a> {
+    domain: &'a str,
+    email: &'a str,
+}
+
+impl<'a> CertificateRequest<'a> {
+    fn new(email: &'a str, domain: &'a str) -> Self {
+        return CertificateRequest { domain, email };
+    }
+
+    fn sign(self: &Self) -> Result<(), CertificateError> {
+        let directory = Directory::lets_encrypt()?;
+        let account = directory.account_registration()
+            .email(self.email)
+            .register()?;
+        let authorization = account.authorization(self.domain)?;
+
+        let http_challenge = authorization.get_http_challenge().ok_or("HTTP challenge failed")?;
+        http_challenge.save_key_authorization("/var/www")?;
+        http_challenge.validate()?;
+
+        let cert = account.certificate_signer(&[self.domain]).sign_certificate()?;
+        cert.save_signed_certificate("certificate.pem")?;
+        cert.save_private_key("certificate.key")?;
+
+        Ok(())
+    }
+}

actix-lets-encrypt/src/lib.rs

@@ -0,0 +1,2 @@
+mod certificate_signer;
+mod authorization;