acme.js/acme.js

// Copyright 2018-present AJ ONeal. All rights reserved
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
'use strict';
/* globals Promise */

require('@root/encoding/bytes');
var Enc = require('@root/encoding/base64');
var ACME = module.exports;
var Keypairs = require('@root/keypairs');
var CSR = require('@root/csr');
var sha2 = require('@root/keypairs/lib/node/sha2.js');
var http = require('./lib/node/http.js');
var A = require('./account.js');
var U = require('./utils.js');
var E = require('./errors.js');
var M = require('./maintainers.js');

var native = require('./lib/native.js');

ACME.create = function create(me) {
	if (!me) {
		me = {};
	}

	// me.debug = true;
	me._nonces = [];
	me._canCheck = {};

	if (!/.+@.+\..+/.test(me.maintainerEmail)) {
		throw new Error(
			'you should supply `maintainerEmail` as a contact for security and critical bug notices'
		);
	}

	if (!/\w\/v?\d/.test(me.packageAgent) && false !== me.packageAgent) {
		console.error(
			"\nyou should supply `packageAgent` as an rfc7231-style User-Agent such as Foo/v1.1\n\n\t// your package agent should be this:\n\tvar pkg = require('./package.json');\n\tvar agent = pkg.name + '/' + pkg.version\n"
		);
		process.exit(1);
		return;
	}

	if (!me.dns01) {
		me.dns01 = function(ch) {
			return native._dns01(me, ch);
		};
	}

	if (!me.http01) {
		// for browser version only
		if (!me._baseUrl) {
			me._baseUrl = '';
		}
		me.http01 = function(ch) {
			return native._http01(me, ch);
		};
	}

	if (!me.__request) {
		me.__request = http.request;
	}
	// passed to dependencies
	me.request = function(opts) {
		return U._request(me, opts);
	};

	me.init = function(opts) {
		M.init(me);

		function fin(dir) {
			me._directoryUrls = dir;
			me._tos = dir.meta.termsOfService;
			return dir;
		}
		if (opts && opts.meta && opts.termsOfService) {
			return Promise.resolve(fin(opts));
		}
		if (!me.directoryUrl) {
			me.directoryUrl = opts;
		}
		if ('string' !== typeof me.directoryUrl) {
			throw new Error(
				'you must supply either the ACME directory url as a string or an object of the ACME urls'
			);
		}

		var p = Promise.resolve();
		if (!me.skipChallengeTest) {
			p = native._canCheck(me);
		}
		return p.then(function() {
			return ACME._directory(me).then(function(resp) {
				return fin(resp.body);
			});
		});
	};
	me.accounts = {
		create: function(options) {
			try {
				return A._registerAccount(me, options);
			} catch (e) {
				return Promise.reject(e);
			}
		}
	};
	/*
	me.authorizations = {
		// create + get challlenges
		get: function(options) {
			return A._getAccountKid(me, options).then(function(kid) {
				ACME._normalizePresenters(options, options.challenges);
				return ACME._orderCert(me, options, kid).then(function(order) {
					return order.claims;
				});
			});
		},
		// set challenges, check challenges, finalize order, return order
		present: function(options) {
			return A._getAccountKid(me, options).then(function(kid) {
				ACME._normalizePresenters(options, options.challenges);
				return ACME._finalizeOrder(me, options, kid, options.order);
			});
		}
	};
  */
	me.certificates = {
		create: function(options) {
			return A._getAccountKid(me, options).then(function(kid) {
				ACME._normalizePresenters(options, options.challenges);
				return ACME._getCertificate(me, options, kid);
			});
		}
	};
	return me;
};

// http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}}
// dns-01: TXT _acme-challenge.example.org. => "{{urlSafeBase64(sha256(keyAuth))}}"
ACME.challengePrefixes = {
	'http-01': '/.well-known/acme-challenge',
	'dns-01': '_acme-challenge'
};
ACME.challengeTests = {
	'http-01': function(me, auth) {
		var ch = auth.challenge;
		return me.http01(ch).then(function(keyAuth) {
			var err;

			// TODO limit the number of bytes that are allowed to be downloaded
			if (ch.keyAuthorization === (keyAuth || '').trim()) {
				return true;
			}

			err = new Error(
				'Error: Failed HTTP-01 Pre-Flight / Dry Run.\n' +
					"curl '" +
					ch.challengeUrl +
					"'\n" +
					"Expected: '" +
					ch.keyAuthorization +
					"'\n" +
					"Got: '" +
					keyAuth +
					"'\n" +
					'See https://git.rootprojects.org/root/acme.js/issues/4'
			);
			err.code = 'E_FAIL_DRY_CHALLENGE';
			throw err;
		});
	},
	'dns-01': function(me, auth) {
		// remove leading *. on wildcard domains
		var ch = auth.challenge;
		return me.dns01(ch).then(function(ans) {
			var err;

			if (
				ans.answer.some(function(txt) {
					return ch.dnsAuthorization === txt.data[0];
				})
			) {
				return true;
			}

			err = new Error(
				'Error: Failed DNS-01 Pre-Flight Dry Run.\n' +
					"dig TXT '" +
					ch.dnsHost +
					"' does not return '" +
					ch.dnsAuthorization +
					"'\n" +
					'See https://git.rootprojects.org/root/acme.js/issues/4'
			);
			err.code = 'E_FAIL_DRY_CHALLENGE';
			throw err;
		});
	}
};

ACME._directory = function(me) {
	// TODO cache the directory URL

	// GET-as-GET ok
	return U._request(me, { method: 'GET', url: me.directoryUrl, json: true });
};

// registerAccount
// postChallenge
// finalizeOrder
// getCertificate
ACME._getCertificate = function(me, options, kid) {
	//#console.debug('[ACME.js] certificates.create');
	return ACME._orderCert(me, options, kid).then(function(order) {
		return ACME._finalizeOrder(me, options, kid, order);
	});
};
ACME._normalizePresenters = function(options, presenters) {
	// Prefer this order for efficiency:
	// * http-01 is the fasest
	// * tls-alpn-01 is for networks that don't allow plain traffic
	// * dns-01 is the slowest (due to DNS propagation),
	//   but is required for private networks and wildcards
	var presenterTypes = Object.keys(options.challenges || {});
	options._presenterTypes = ['http-01', 'tls-alpn-01', 'dns-01'].filter(
		function(typ) {
			return -1 !== presenterTypes.indexOf(typ);
		}
	);
	Object.keys(presenters || {}).forEach(function(k) {
		var ch = presenters[k];
		var warned = false;

		if (!ch.set || !ch.remove) {
			throw new Error('challenge plugin must have set() and remove()');
		}
		if (!ch.get) {
			if ('dns-01' === k) {
				console.warn('dns-01 challenge plugin should have get()');
			} else {
				throw new Error(
					'http-01 and tls-alpn-01 challenge plugins must have get()'
				);
			}
		}

		if ('dns-01' === k) {
			if (!ch.zones) {
				console.warn('dns-01 challenge plugin should have zones()');
			}
		}

		function warn() {
			if (warned) {
				return;
			}
			warned = true;
			console.warn(
				"'" +
					k +
					"' may have incorrect function signatures, or contains deprecated use of callbacks"
			);
		}

		function promisify(fn) {
			return function(opts) {
				new Promise(function(resolve, reject) {
					fn(opts, function(err, result) {
						if (err) {
							reject(err);
							return;
						}
						resolve(result);
					});
				});
			};
		}

		// init, zones, set, get, remove
		if (ch.init && 2 === ch.init.length) {
			warn();
			ch._thunk_init = ch.init;
			ch.init = promisify(ch._thunk_init);
		}
		if (ch.zones && 2 === ch.zones.length) {
			warn();
			ch._thunk_zones = ch.zones;
			ch.zones = promisify(ch._thunk_zones);
		}
		if (2 === ch.set.length) {
			warn();
			ch._thunk_set = ch.set;
			ch.set = promisify(ch._thunk_set);
		}
		if (2 === ch.remove.length) {
			warn();
			ch._thunk_remove = ch.remove;
			ch.remove = promisify(ch._thunk_remove);
		}
		if (ch.get && 2 === ch.get.length) {
			warn();
			ch._thunk_get = ch.get;
			ch.get = promisify(ch._thunk_get);
		}

		return ch;
	});
};

/*
 POST /acme/new-order HTTP/1.1
 Host: example.com
 Content-Type: application/jose+json

 {
   "protected": base64url({
     "alg": "ES256",
     "kid": "https://example.com/acme/acct/1",
     "nonce": "5XJ1L3lEkMG7tR6pA00clA",
     "url": "https://example.com/acme/new-order"
   }),
   "payload": base64url({
     "identifiers": [{"type:"dns","value":"example.com"}],
     "notBefore": "2016-01-01T00:00:00Z",
     "notAfter": "2016-01-08T00:00:00Z"
   }),
   "signature": "H6ZXtGjTZyUnPeKn...wEA4TklBdh3e454g"
 }
*/
ACME._getAuthorization = function(me, options, kid, zonenames, authUrl) {
	//#console.debug('\n[DEBUG] getAuthorization\n');

	return U._jwsRequest(me, {
		accountKey: options.accountKey,
		url: authUrl,
		protected: { kid: kid },
		payload: ''
	}).then(function(resp) {
		// Pre-emptive rather than lazy for interfaces that need to show the
		// challenges to the user first
		return ACME._computeAuths(
			me,
			options,
			'',
			resp.body,
			zonenames,
			false
		).then(function(auths) {
			resp.body._rawChallenges = resp.body.challenges;
			resp.body.challenges = auths;
			return resp.body;
		});
	});
};

ACME._testChallengeOptions = function() {
	// we want this to be the same for the whole group
	var chToken = ACME._prnd(16);
	return [
		{
			type: 'http-01',
			status: 'pending',
			url: 'https://acme-staging-v02.example.com/0',
			token: 'test-' + chToken + '-0'
		},
		{
			type: 'dns-01',
			status: 'pending',
			url: 'https://acme-staging-v02.example.com/1',
			token: 'test-' + chToken + '-1',
			_wildcard: true
		},
		{
			type: 'tls-alpn-01',
			status: 'pending',
			url: 'https://acme-staging-v02.example.com/3',
			token: 'test-' + chToken + '-3'
		}
	];
};

ACME._thumber = function(options, thumb) {
	var thumbPromise;
	return function(key) {
		if (thumb) {
			return Promise.resolve(thumb);
		}
		if (thumbPromise) {
			return thumbPromise;
		}
		if (!key) {
			key = options.accountKey || options.accountKeypair;
		}
		thumbPromise = U._importKeypair(key).then(function(pair) {
			return Keypairs.thumbprint({
				jwk: pair.public
			});
		});
		return thumbPromise;
	};
};

ACME._dryRun = function(me, realOptions, zonenames) {
	var noopts = {};
	Object.keys(realOptions).forEach(function(key) {
		noopts[key] = realOptions[key];
	});
	noopts.order = {};

	// memoized so that it doesn't run until it's first called
	var getThumbprint = ACME._thumber(noopts, '');

	return Promise.all(
		noopts.domains.map(function(identifierValue) {
			// TODO we really only need one to pass, not all to pass
			var challenges = ACME._testChallengeOptions();
			var wild = '*.' === identifierValue.slice(0, 2);
			if (wild) {
				challenges = challenges.filter(function(ch) {
					return ch._wildcard;
				});
			}
			challenges = challenges.filter(function(auth) {
				return me._canCheck[auth.type];
			});

			return getThumbprint().then(function(accountKeyThumb) {
				var resp = {
					body: {
						identifier: {
							type: 'dns',
							value: identifierValue.replace(/^\*\./, '')
						},
						challenges: challenges,
						expires: new Date(Date.now() + 60 * 1000).toISOString(),
						wildcard: identifierValue.includes('*.') || undefined
					}
				};

				// The dry-run comes first in the spirit of "fail fast"
				// (and protecting against challenge failure rate limits)
				var dryrun = true;
				return ACME._computeAuths(
					me,
					noopts,
					accountKeyThumb,
					resp.body,
					zonenames,
					dryrun
				).then(function(auths) {
					resp.body.challenges = auths;
					return resp.body;
				});
			});
		})
	).then(function(claims) {
		var selected = [];
		noopts.order._claims = claims.slice(0);
		noopts.notify = function(ev, params) {
			if ('challenge_select' === ev) {
				selected.push(params.challenge);
			}
		};

		function clear() {
			selected.forEach(function(ch) {
				ACME._notify(me, noopts, 'challenge_remove', {
					altname: ch.altname,
					type: ch.type
					//challenge: ch
				});
				noopts.challenges[ch.type]
					.remove({ challenge: ch })
					.catch(function(err) {
						err.action = 'challenge_remove';
						err.altname = ch.altname;
						err.type = ch.type;
						ACME._notify(me, noopts, 'error', err);
					});
			});
		}

		return ACME._setChallenges(me, noopts, noopts.order)
			.catch(function(err) {
				clear();
				throw err;
			})
			.then(clear);
	});
};

// Get the list of challenge types we can validate,
// which is already ordered by preference.
// Select the first matching offered challenge type
ACME._chooseChallenge = function(options, results) {
	// For each of the challenge types that we support
	var challenge;
	options._presenterTypes.some(function(chType) {
		// And for each of the challenge types that are allowed
		return results.challenges.some(function(ch) {
			// Check to see if there are any matches
			if (ch.type === chType) {
				challenge = ch;
				return true;
			}
		});
	});

	return challenge;
};

ACME._getZones = function(me, challenges, domains) {
	var presenter = challenges['dns-01'];
	if (!presenter) {
		return Promise.resolve([]);
	}
	if ('function' !== typeof presenter.zones) {
		return Promise.resolve([]);
	}

	// a little bit of random to ensure that getZones()
	// actually returns the zones and not the hosts as zones
	var dnsHosts = domains.map(function(d) {
		var rnd = ACME._prnd(2);
		return rnd + '.' + d;
	});

	var authChallenge = {
		type: 'dns-01',
		dnsHosts: dnsHosts
	};

	return presenter.zones({ challenge: authChallenge });
};

ACME._challengesMap = { 'http-01': 0, 'dns-01': 0, 'tls-alpn-01': 0 };
ACME._computeAuths = function(me, options, thumb, authz, zonenames, dryrun) {
	// we don't poison the dns cache with our dummy request
	var dnsPrefix = ACME.challengePrefixes['dns-01'];
	if (dryrun) {
		dnsPrefix = dnsPrefix.replace(
			'acme-challenge',
			'greenlock-dryrun-' + ACME._prnd(4)
		);
	}

	var getThumbprint = ACME._thumber(options, thumb);

	return Promise.all(
		authz.challenges.map(function(challenge) {
			// Don't do extra work for challenges that we can't satisfy
			var _types = options._presenterTypes;
			if (_types && !_types.includes(challenge.type)) {
				return null;
			}

			var auth = {};

			// straight copy from the new order response
			// { identifier, status, expires, challenges, wildcard }
			Object.keys(authz).forEach(function(key) {
				auth[key] = authz[key];
			});

			// copy from the challenge we've chosen
			// { type, status, url, token }
			// (note the duplicate status overwrites the one above, but they should be the same)
			Object.keys(challenge).forEach(function(key) {
				// don't confused devs with the id url
				auth[key] = challenge[key];
			});

			// batteries-included helpers
			auth.hostname = auth.identifier.value;
			// because I'm not 100% clear if the wildcard identifier does or doesn't
			// have the leading *. in all cases
			auth.altname = ACME._untame(auth.identifier.value, auth.wildcard);

			var zone = pluckZone(zonenames || [], auth.identifier.value);

			return ACME.computeChallenge({
				accountKey: options.accountKey,
				_getThumbprint: getThumbprint,
				challenge: auth,
				zone: zone,
				dnsPrefix: dnsPrefix
			}).then(function(resp) {
				Object.keys(resp).forEach(function(k) {
					auth[k] = resp[k];
				});
				return auth;
			});
		})
	).then(function(auths) {
		return auths.filter(Boolean);
	});
};

ACME.computeChallenge = function(opts) {
	var auth = opts.challenge;
	var hostname = auth.hostname || opts.hostname;
	var zone = opts.zone;
	var thumb = opts.thumbprint || '';
	var accountKey = opts.accountKey;
	var getThumbprint = opts._getThumbprint || ACME._thumber(opts, thumb);
	var dnsPrefix = opts.dnsPrefix || ACME.challengePrefixes['dns-01'];

	return getThumbprint(accountKey).then(function(thumb) {
		var resp = {};
		resp.thumbprint = thumb;
		//   keyAuthorization = token + '.' + base64url(JWK_Thumbprint(accountKey))
		resp.keyAuthorization = auth.token + '.' + thumb;

		if ('http-01' === auth.type) {
			// conflicts with ACME challenge id url is already in use,
			// so we call this challengeUrl instead
			// TODO auth.http01Url ?
			resp.challengeUrl =
				'http://' +
				// `hostname` is an alias of `auth.indentifier.value`
				hostname +
				ACME.challengePrefixes['http-01'] +
				'/' +
				auth.token;
		}

		if ('dns-01' !== auth.type) {
			return resp;
		}

		// Always calculate dnsAuthorization because we
		// may need to present to the user for confirmation / instruction
		// _as part of_ the decision making process
		return sha2
			.sum(256, resp.keyAuthorization)
			.then(function(hash) {
				return Enc.bufToUrlBase64(Uint8Array.from(hash));
			})
			.then(function(hash64) {
				resp.dnsHost = dnsPrefix + '.' + hostname; // .replace('*.', '');

				// deprecated
				resp.dnsAuthorization = hash64;
				// should use this instead
				resp.keyAuthorizationDigest = hash64;

				if (zone) {
					resp.dnsZone = zone;
					resp.dnsPrefix = resp.dnsHost
						.replace(newZoneRegExp(zone), '')
						.replace(/\.$/, '');
				}

				return resp;
			});
	});
};

ACME._untame = function(name, wild) {
	if (wild) {
		name = '*.' + name.replace('*.', '');
	}
	return name;
};

// https://tools.ietf.org/html/draft-ietf-acme-acme-10#section-7.5.1
ACME._postChallenge = function(me, options, kid, auth) {
	var RETRY_INTERVAL = me.retryInterval || 1000;
	var DEAUTH_INTERVAL = me.deauthWait || 10 * 1000;
	var MAX_POLL = me.retryPoll || 8;
	var MAX_PEND = me.retryPending || 4;
	var count = 0;

	var altname = ACME._untame(auth.identifier.value, auth.wildcard);

	/*
   POST /acme/authz/1234 HTTP/1.1
   Host: example.com
   Content-Type: application/jose+json

   {
     "protected": base64url({
       "alg": "ES256",
       "kid": "https://example.com/acme/acct/1",
       "nonce": "xWCM9lGbIyCgue8di6ueWQ",
       "url": "https://example.com/acme/authz/1234"
     }),
     "payload": base64url({
       "status": "deactivated"
     }),
     "signature": "srX9Ji7Le9bjszhu...WTFdtujObzMtZcx4"
   }
   */
	function deactivate() {
		//#console.debug('[ACME.js] deactivate:');
		return U._jwsRequest(me, {
			accountKey: options.accountKey,
			url: auth.url,
			protected: { kid: kid },
			payload: Enc.strToBuf(JSON.stringify({ status: 'deactivated' }))
		}).then(function(/*#resp*/) {
			//#console.debug('deactivate challenge: resp.body:');
			//#console.debug(resp.body);
			return ACME._wait(DEAUTH_INTERVAL);
		});
	}

	function pollStatus() {
		if (count >= MAX_POLL) {
			var err = new Error(
				"[ACME.js] stuck in bad pending/processing state for '" +
					altname +
					"'"
			);
			err.context = 'present_challenge';
			return Promise.reject(err);
		}

		count += 1;

		//#console.debug('\n[DEBUG] statusChallenge\n');
		// POST-as-GET
		return U._jwsRequest(me, {
			accountKey: options.accountKey,
			url: auth.url,
			protected: { kid: kid },
			payload: Enc.binToBuf('')
		})
			.then(checkResult)
			.catch(transformError);
	}

	function checkResult(resp) {
		ACME._notify(me, options, 'challenge_status', {
			// API-locked
			status: resp.body.status,
			type: auth.type,
			altname: altname
		});

		if ('processing' === resp.body.status) {
			//#console.debug('poll: again', auth.url);
			return ACME._wait(RETRY_INTERVAL).then(pollStatus);
		}

		// This state should never occur
		if ('pending' === resp.body.status) {
			if (count >= MAX_PEND) {
				return ACME._wait(RETRY_INTERVAL)
					.then(deactivate)
					.then(respondToChallenge);
			}
			//#console.debug('poll: again', auth.url);
			return ACME._wait(RETRY_INTERVAL).then(respondToChallenge);
		}

		// REMOVE DNS records as soon as the state is non-processing
		// (valid or invalid or other)
		try {
			options.challenges[auth.type].remove({ challenge: auth });
		} catch (e) {}

		if ('valid' === resp.body.status) {
			if (me.debug) {
				console.debug('poll: valid');
			}

			return resp.body;
		}

		var errmsg;
		if (!resp.body.status) {
			errmsg =
				"[ACME.js] (E_STATE_EMPTY) empty challenge state for '" +
				altname +
				"':" +
				JSON.stringify(resp.body);
		} else if ('invalid' === resp.body.status) {
			errmsg =
				"[ACME.js] (E_STATE_INVALID) challenge state for '" +
				altname +
				"': '" +
				//resp.body.status +
				JSON.stringify(resp.body) +
				"'";
		} else {
			errmsg =
				"[ACME.js] (E_STATE_UKN) challenge state for '" +
				altname +
				"': '" +
				resp.body.status +
				"'";
		}

		return Promise.reject(new Error(errmsg));
	}

	function transformError(e) {
		var err = e;
		if (err.urn) {
			err = new Error(
				'[acme-v2] ' +
					auth.altname +
					' status:' +
					e.status +
					' ' +
					e.detail
			);
			err.auth = auth;
			err.altname = auth.altname;
			err.type = auth.type;
			err.code =
				'invalid' === e.status ? 'E_ACME_CHALLENGE' : 'E_ACME_UNKNOWN';
		}

		throw err;
	}

	function respondToChallenge() {
		//#console.debug('[ACME.js] responding to accept challenge:');
		// POST-as-POST (empty JSON object)
		return U._jwsRequest(me, {
			accountKey: options.accountKey,
			url: auth.url,
			protected: { kid: kid },
			payload: Enc.strToBuf(JSON.stringify({}))
		})
			.then(checkResult)
			.catch(transformError);
	}

	return respondToChallenge();
};

// options = { domains, claims, challenges }
ACME._setChallenges = function(me, options, order) {
	var claims = order._claims.slice(0);
	var valids = [];
	var auths = [];
	var placed = [];
	var USE_DNS = false;
	var DNS_DELAY = 0;

	// Set any challenges, excpting ones that have already been validated
	function setNext() {
		var claim = claims.shift();
		// check false for testing
		if (!claim || false === options.challenges) {
			return Promise.resolve();
		}

		return Promise.resolve()
			.then(function() {
				// For any challenges that are already valid,
				// add to the list and skip any checks.
				if (
					claim.challenges.some(function(ch) {
						if ('valid' === ch.status) {
							valids.push(ch);
							return true;
						}
					})
				) {
					return;
				}

				var selected = ACME._chooseChallenge(options, claim);
				if (!selected) {
					throw E.NO_SUITABLE_CHALLENGE(
						claim.altname,
						claim.challenges,
						options._presenterTypes
					);
				}
				auths.push(selected);
				placed.push(selected);
				ACME._notify(me, options, 'challenge_select', {
					// API-locked
					altname: ACME._untame(
						claim.identifier.value,
						claim.wildcard
					),
					type: selected.type,
					challenge: selected
				});

				// Set a delay for nameservers a moment to propagate
				if ('dns-01' === selected.type) {
					if (options.challenges['dns-01'] && !USE_DNS) {
						USE_DNS = true;
						DNS_DELAY = parseInt(
							options.challenges['dns-01'].propagationDelay,
							10
						);
					}
				}

				var ch = options.challenges[selected.type] || {};
				if (!ch.set) {
					throw new Error('no handler for setting challenge');
				}
				return ch.set({ challenge: selected });
			})
			.then(setNext);
	}

	function waitAll() {
		//#console.debug('\n[DEBUG] waitChallengeDelay %s\n', DELAY);
		if (!DNS_DELAY || DNS_DELAY <= 0) {
			if (!ACME._propagationDelayWarning) {
				console.warn(
					'warn: the given dns-01 challenge did not specify `propagationDelay`'
				);
				console.warn('warn: the default of 5000ms will be used');
				ACME._propagationDelayWarning = true;
			}
			DNS_DELAY = 5000;
		}
		return ACME._wait(DNS_DELAY);
	}

	function checkNext() {
		var auth = auths.shift();
		if (!auth) {
			return Promise.resolve(valids);
		}

		// These are not as much "valids" as they are "not invalids"
		if (!me._canCheck[auth.type] || me.skipChallengeTest) {
			valids.push(auth);
			return checkNext();
		}

		return ACME.challengeTests[auth.type](me, { challenge: auth })
			.then(function() {
				valids.push(auth);
			})
			.then(checkNext);
	}

	function removeAll(ch) {
		options.challenges[ch.type]
			.remove({ challenge: ch })
			.catch(function(err) {
				err.action = 'challenge_remove';
				err.altname = ch.altname;
				err.type = ch.type;
				ACME._notify(me, options, 'error', err);
			});
	}

	// The reason we set every challenge in a batch first before checking any
	// is so that we don't poison our own DNS cache with misses.
	return setNext()
		.then(waitAll)
		.then(checkNext)
		.catch(function(err) {
			if (!options.debug) {
				placed.forEach(removeAll);
			}
			throw err;
		});
};

ACME._presentChallenges = function(me, options, kid, readyToPresent) {
	// Actually sets the challenge via ACME
	function challengeNext() {
		// First set, First presented
		var auth = readyToPresent.shift();
		if (!auth) {
			return Promise.resolve();
		}
		return ACME._postChallenge(me, options, kid, auth).then(challengeNext);
	}

	// BTW, these are done serially rather than parallel on purpose
	// (rate limits, propagation delays, etc)
	return challengeNext().then(function() {
		return readyToPresent;
	});
};

ACME._pollOrderStatus = function(me, options, kid, order, verifieds) {
	var csr64 = ACME._csrToUrlBase64(options.csr);
	var body = { csr: csr64 };
	var payload = JSON.stringify(body);

	function pollCert() {
		//#console.debug('[ACME.js] pollCert:', order._finalizeUrl);
		return U._jwsRequest(me, {
			accountKey: options.accountKey,
			url: order._finalizeUrl,
			protected: { kid: kid },
			payload: Enc.strToBuf(payload)
		}).then(function(resp) {
			ACME._notify(me, options, 'certificate_status', {
				subject: options.domains[0],
				status: resp.body.status
			});

			// https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.1.3
			// Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid"
			if ('valid' === resp.body.status) {
				var voucher = resp.body;
				voucher._certificateUrl = resp.body.certificate;

				return voucher;
			}

			if ('processing' === resp.body.status) {
				return ACME._wait().then(pollCert);
			}

			if (me.debug) {
				console.debug(
					'Error: bad status:\n' + JSON.stringify(resp.body, null, 2)
				);
			}

			if ('pending' === resp.body.status) {
				return Promise.reject(
					new Error(
						"Did not finalize order: status 'pending'." +
							' Best guess: You have not accepted at least one challenge for each domain:\n' +
							"Requested: '" +
							options.domains.join(', ') +
							"'\n" +
							"Validated: '" +
							verifieds.join(', ') +
							"'\n" +
							JSON.stringify(resp.body, null, 2)
					)
				);
			}

			if ('invalid' === resp.body.status) {
				return Promise.reject(
					E.ORDER_INVALID(options, verifieds, resp)
				);
			}

			if ('ready' === resp.body.status) {
				return Promise.reject(
					E.DOUBLE_READY_ORDER(options, verifieds, resp)
				);
			}

			return Promise.reject(
				E.UNHANDLED_ORDER_STATUS(options, verifieds, resp)
			);
		});
	}

	return pollCert();
};

ACME._redeemCert = function(me, options, kid, voucher) {
	//#console.debug('ACME.js: order was finalized');

	// POST-as-GET
	return U._jwsRequest(me, {
		accountKey: options.accountKey,
		url: voucher._certificateUrl,
		protected: { kid: kid },
		payload: Enc.binToBuf(''),
		json: true
	}).then(function(resp) {
		//#console.debug('ACME.js: csr submitted and cert received:');

		// https://github.com/certbot/certbot/issues/5721
		var certsarr = ACME.splitPemChain(ACME.formatPemChain(resp.body || ''));
		//  cert, chain, fullchain, privkey, /*TODO, subject, altnames, issuedAt, expiresAt */
		var certs = {
			expires: voucher.expires,
			identifiers: voucher.identifiers,
			//, authorizations: order.authorizations
			cert: certsarr.shift(),
			//, privkey: privkeyPem
			chain: certsarr.join('\n')
		};
		//#console.debug(certs);
		return certs;
	});
};

ACME._finalizeOrder = function(me, options, kid, order) {
	//#console.debug('[ACME.js] finalizeOrder:');
	var readyToPresent;
	return A._getAccountKid(me, options).then(function(kid) {
		return ACME._setChallenges(me, options, order)
			.then(function(_readyToPresent) {
				readyToPresent = _readyToPresent;
				return ACME._presentChallenges(
					me,
					options,
					kid,
					readyToPresent
				);
			})
			.then(function() {
				return ACME._pollOrderStatus(
					me,
					options,
					kid,
					order,
					readyToPresent.map(function(ch) {
						return ACME._untame(ch.identifier.value, ch.wildcard);
					})
				);
			})
			.then(function(voucher) {
				return ACME._redeemCert(me, options, kid, voucher);
			});
	});
};

// Order a certificate request with all domains
ACME._orderCert = function(me, options, kid) {
	var certificateRequest = {
		// raw wildcard syntax MUST be used here
		identifiers: options.domains.map(function(hostname) {
			return { type: 'dns', value: hostname };
		})
		//, "notBefore": "2016-01-01T00:00:00Z"
		//, "notAfter": "2016-01-08T00:00:00Z"
	};

	return ACME._prepRequest(me, options)
		.then(function() {
			return ACME._getZones(me, options.challenges, options.domains);
		})
		.then(function(zonenames) {
			var p;
			// Do a little dry-run / self-test
			if (!me.skipDryRun && !options.skipDryRun) {
				p = ACME._dryRun(me, options, zonenames);
			} else {
				p = Promise.resolve(null);
			}

			return p.then(function() {
				return A._getAccountKid(me, options)
					.then(function(kid) {
						ACME._notify(me, options, 'certificate_order', {
							// API-locked
							account: { key: { kid: kid } },
							subject: options.domains[0],
							altnames: options.domains,
							challengeTypes: options._presenterTypes
						});

						var payload = JSON.stringify(certificateRequest);
						//#console.debug('\n[DEBUG] newOrder\n');
						return U._jwsRequest(me, {
							accountKey: options.accountKey,
							url: me._directoryUrls.newOrder,
							protected: { kid: kid },
							payload: Enc.binToBuf(payload)
						});
					})
					.then(function(resp) {
						var order = resp.body;
						order._orderUrl = resp.headers.location;
						order._finalizeUrl = resp.body.finalize;
						order._identifiers = certificateRequest.identifiers;
						//#console.debug('[ordered]', location); // the account id url
						//#console.debug(resp);

						if (!order.authorizations) {
							return Promise.reject(
								E.NO_AUTHORIZATIONS(options, resp)
							);
						}

						return order;
					})
					.then(function(order) {
						return ACME._getAllChallenges(
							me,
							options,
							kid,
							zonenames,
							order
						).then(function(claims) {
							order._claims = claims;
							return order;
						});
					});
			});
		});
};

ACME._prepRequest = function(me, options) {
	return Promise.resolve().then(function() {
		// TODO check that all presenterTypes are represented in challenges
		if (!options._presenterTypes.length) {
			return Promise.reject(
				new Error('options.challenges must be specified')
			);
		}

		if (!options.csr) {
			throw new Error(
				'no `csr` option given (should be in DER or PEM format)'
			);
		}
		// TODO validate csr signature?
		var _csr = CSR._info(options.csr);
		options.domains = options.domains || _csr.altnames;
		_csr.altnames = _csr.altnames || [];
		if (
			options.domains
				.slice(0)
				.sort()
				.join(' ') !==
			_csr.altnames
				.slice(0)
				.sort()
				.join(' ')
		) {
			return Promise.reject(
				new Error('certificate altnames do not match requested domains')
			);
		}
		if (_csr.subject !== options.domains[0]) {
			return Promise.reject(
				new Error(
					'certificate subject (commonName) does not match first altname (SAN)'
				)
			);
		}
		if (!(options.domains && options.domains.length)) {
			return Promise.reject(
				new Error(
					'options.domains must be a list of string domain names,' +
						' with the first being the subject of the certificate'
				)
			);
		}

		// a cheap check to see if there are non-ascii characters in any of the domains
		var nonAsciiDomains = options.domains.some(function(d) {
			// IDN / unicode / utf-8 / punycode
			return Enc.strToBin(d) !== d;
		});
		if (nonAsciiDomains) {
			throw new Error(
				"please use the 'punycode' module to convert unicode domain names to punycode"
			);
		}

		// TODO Promise.all()?
		(options._presenterTypes || []).forEach(function(key) {
			var presenter = options.challenges[key];
			if (
				'function' === typeof presenter.init &&
				!presenter._acme_initialized
			) {
				presenter._acme_initialized = true;
				return presenter.init({ type: '*', request: me.request });
			}
		});
	});
};

// Request a challenge for each authorization in the order
ACME._getAllChallenges = function(me, options, kid, zonenames, order) {
	var claims = [];
	//#console.debug("[acme-v2] POST newOrder has authorizations");
	var challengeAuths = order.authorizations.slice(0);

	function getNext() {
		var authUrl = challengeAuths.shift();
		if (!authUrl) {
			return claims;
		}

		return ACME._getAuthorization(
			me,
			options,
			kid,
			zonenames,
			authUrl
		).then(function(claim) {
			// var domain = options.domains[i]; // claim.identifier.value
			claims.push(claim);
			return getNext();
		});
	}

	return getNext().then(function() {
		return claims;
	});
};

ACME.formatPemChain = function formatPemChain(str) {
	return (
		str
			.trim()
			.replace(/[\r\n]+/g, '\n')
			.replace(/\-\n\-/g, '-\n\n-') + '\n'
	);
};

ACME.splitPemChain = function splitPemChain(str) {
	return str
		.trim()
		.split(/[\r\n]{2,}/g)
		.map(function(str) {
			return str + '\n';
		});
};

ACME._csrToUrlBase64 = function(csr) {
	// if der, convert to base64
	if ('string' !== typeof csr) {
		csr = Enc.bufToUrlBase64(csr);
	}

	// TODO use PEM.parseBlock()
	// nix PEM headers, if any
	if ('-' === csr[0]) {
		csr = csr
			.split(/\n+/)
			.slice(1, -1)
			.join('');
	}
	return Enc.base64ToUrlBase64(csr.trim().replace(/\s+/g, ''));
};

// In v8 this is crypto random, but we're just using it for pseudorandom
ACME._prnd = function(n) {
	var rnd = '';
	while (rnd.length / 2 < n) {
		var i = Math.random()
			.toString()
			.substr(2);
		var h = parseInt(i, 10).toString(16);
		if (h.length % 2) {
			h = '0' + h;
		}
		rnd += h;
	}
	return rnd.substr(0, n * 2);
};

ACME._notify = function(me, options, ev, params) {
	if (!options.notify && !me.notify) {
		//console.info(ev, params);
		return;
	}
	try {
		(options.notify || me.notify)(ev, params);
	} catch (e) {
		console.error('`acme.notify(ev, params)` Error:');
		console.error(e);
	}
};

ACME._wait = function wait(ms) {
	return new Promise(function(resolve) {
		setTimeout(resolve, ms || 1100);
	});
};

function newZoneRegExp(zonename) {
	// (^|\.)example\.com$
	// which matches:
	//  foo.example.com
	//  example.com
	// but not:
	//  fooexample.com
	return new RegExp('(^|\\.)' + zonename.replace(/\./g, '\\.') + '$');
}

function pluckZone(zonenames, dnsHost) {
	return zonenames
		.filter(function(zonename) {
			// the only character that needs to be escaped for regex
			// and is allowed in a domain name is '.'
			return newZoneRegExp(zonename).test(dnsHost);
		})
		.sort(function(a, b) {
			// longest match first
			return b.length - a.length;
		})[0];
}