/** * acme-client type definitions */ import { AxiosInstance } from 'axios'; import * as rfc8555 from './rfc8555'; export type PrivateKeyBuffer = Buffer; export type PublicKeyBuffer = Buffer; export type CertificateBuffer = Buffer; export type CsrBuffer = Buffer; export type PrivateKeyString = string; export type PublicKeyString = string; export type CertificateString = string; export type CsrString = string; /** * Augmented ACME interfaces */ export interface Order extends rfc8555.Order { url: string; } export interface Authorization extends rfc8555.Authorization { url: string; } /** * Client */ export interface ClientOptions { directoryUrl: string; accountKey: PrivateKeyBuffer | PrivateKeyString; accountUrl?: string; externalAccountBinding?: ClientExternalAccountBindingOptions; backoffAttempts?: number; backoffMin?: number; backoffMax?: number; } export interface ClientExternalAccountBindingOptions { kid: string; hmacKey: string; } export interface ClientAutoOptions { csr: CsrBuffer | CsrString; challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise; challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise; email?: string; termsOfServiceAgreed?: boolean; skipChallengeVerification?: boolean; challengePriority?: string[]; preferredChain?: string; } export class Client { constructor(opts: ClientOptions); getTermsOfServiceUrl(): Promise; getAccountUrl(): string; createAccount(data?: rfc8555.AccountCreateRequest): Promise; updateAccount(data?: rfc8555.AccountUpdateRequest): Promise; updateAccountKey(newAccountKey: PrivateKeyBuffer | PrivateKeyString, data?: object): Promise; createOrder(data: rfc8555.OrderCreateRequest): Promise; getOrder(order: Order): Promise; finalizeOrder(order: Order, csr: CsrBuffer | CsrString): Promise; getAuthorizations(order: Order): Promise; deactivateAuthorization(authz: Authorization): Promise; getChallengeKeyAuthorization(challenge: rfc8555.Challenge): Promise; verifyChallenge(authz: Authorization, challenge: rfc8555.Challenge): Promise; completeChallenge(challenge: rfc8555.Challenge): Promise; waitForValidStatus(item: T): Promise; getCertificate(order: Order, preferredChain?: string): Promise; revokeCertificate(cert: CertificateBuffer | CertificateString, data?: rfc8555.CertificateRevocationRequest): Promise; auto(opts: ClientAutoOptions): Promise; } /** * Directory URLs */ export const directory: { buypass: { staging: string, production: string }, google: { staging: string, production: string }, letsencrypt: { staging: string, production: string }, zerossl: { production: string } }; /** * Crypto */ export interface CertificateDomains { commonName: string; altNames: string[]; } export interface CertificateIssuer { commonName: string; } export interface CertificateInfo { issuer: CertificateIssuer; domains: CertificateDomains; notAfter: Date; notBefore: Date; } export interface CsrOptions { keySize?: number; commonName?: string; altNames?: string[]; country?: string; state?: string; locality?: string; organization?: string; organizationUnit?: string; emailAddress?: string; } export interface RsaPublicJwk { e: string; kty: string; n: string; } export interface EcdsaPublicJwk { crv: string; kty: string; x: string; y: string; } export interface CryptoInterface { createPrivateKey(keySize?: number): Promise; createPrivateRsaKey(keySize?: number): Promise; createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521'): Promise; getPublicKey(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): PublicKeyBuffer; getJwk(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): RsaPublicJwk | EcdsaPublicJwk; splitPemChain(chainPem: CertificateBuffer | CertificateString): string[]; getPemBodyAsB64u(pem: CertificateBuffer | CertificateString): string; readCsrDomains(csrPem: CsrBuffer | CsrString): CertificateDomains; readCertificateInfo(certPem: CertificateBuffer | CertificateString): CertificateInfo; createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>; createAlpnCertificate(authz: Authorization, keyAuthorization: string, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CertificateBuffer]>; isAlpnCertificateAuthorizationValid(certPem: CertificateBuffer | CertificateString, keyAuthorization: string): boolean; } export const crypto: CryptoInterface; /* TODO: LEGACY */ export interface CryptoLegacyInterface { createPrivateKey(size?: number): Promise; createPublicKey(key: PrivateKeyBuffer | PrivateKeyString): Promise; getPemBody(str: string): string; splitPemChain(str: string): string[]; getModulus(input: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString | CertificateBuffer | CertificateString | CsrBuffer | CsrString): Promise; getPublicExponent(input: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString | CertificateBuffer | CertificateString | CsrBuffer | CsrString): Promise; readCsrDomains(csr: CsrBuffer | CsrString): Promise; readCertificateInfo(cert: CertificateBuffer | CertificateString): Promise; createCsr(data: CsrOptions, key?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>; } export const forge: CryptoLegacyInterface; /** * Axios */ export const axios: AxiosInstance; /** * Logger */ export function setLogger(fn: (msg: string) => void): void;