metacrypt

mc/metacrypt

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Isom	bbe382dc10	Migrate module path from kyle/ to mc/ org All import paths updated to git.wntrmute.dev/mc/. Bumps mcdsl to v1.2.0. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-27 02:05:59 -07:00
Kyle Isom	fbaf79a8a0	Fix gosec, govet, and errorlint linter errors Co-authored-by: Junie <junie@jetbrains.com>	2026-03-15 10:16:28 -07:00
Kyle Isom	167db48eb4	Add ACME (RFC 8555) server and Go client library Implements full ACME protocol support in Metacrypt: - internal/acme: core types, JWS verification (ES256/384/512 + RS256), nonce store, per-mount handler, all RFC 8555 protocol endpoints, HTTP-01 and DNS-01 challenge validation, EAB management - internal/server/acme.go: management REST routes (EAB create, config, list accounts/orders) + ACME protocol route dispatch - proto/metacrypt/v1/acme.proto: ACMEService (CreateEAB, SetConfig, ListAccounts, ListOrders) — protocol endpoints are HTTP-only per RFC - clients/go: new Go module with MCIAS-auth bootstrap, ACME account registration, certificate issuance/renewal, HTTP-01 and DNS-01 challenge providers - .claude/launch.json: dev server configuration EAB is required for all account creation; MCIAS-authenticated users obtain a single-use KID + HMAC-SHA256 key via POST /v1/acme/{mount}/eab.	2026-03-15 08:09:12 -07:00

Author

SHA1

Message

Date

Kyle Isom

bbe382dc10

Migrate module path from kyle/ to mc/ org

All import paths updated to git.wntrmute.dev/mc/. Bumps mcdsl to v1.2.0.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-27 02:05:59 -07:00

Kyle Isom

fbaf79a8a0

Fix gosec, govet, and errorlint linter errors

Co-authored-by: Junie <junie@jetbrains.com>

2026-03-15 10:16:28 -07:00

Kyle Isom

167db48eb4

Add ACME (RFC 8555) server and Go client library

Implements full ACME protocol support in Metacrypt:

- internal/acme: core types, JWS verification (ES256/384/512 + RS256),
  nonce store, per-mount handler, all RFC 8555 protocol endpoints,
  HTTP-01 and DNS-01 challenge validation, EAB management
- internal/server/acme.go: management REST routes (EAB create, config,
  list accounts/orders) + ACME protocol route dispatch
- proto/metacrypt/v1/acme.proto: ACMEService (CreateEAB, SetConfig,
  ListAccounts, ListOrders) — protocol endpoints are HTTP-only per RFC
- clients/go: new Go module with MCIAS-auth bootstrap, ACME account
  registration, certificate issuance/renewal, HTTP-01 and DNS-01
  challenge providers
- .claude/launch.json: dev server configuration

EAB is required for all account creation; MCIAS-authenticated users
obtain a single-use KID + HMAC-SHA256 key via POST /v1/acme/{mount}/eab.

2026-03-15 08:09:12 -07:00

3 Commits