Merge branch 'master' into more-revoker

.gitignore

@@ -34,6 +34,3 @@ _testmain.go
 *.test
 *.prof
 *.coverprofile
-
-boulder-start/boulder-start
-activity-monitor/activity-monitor

.travis.yml

@@ -1,7 +1,7 @@
 language: go
 
 go:
-  - 1.5.2
+  - 1.5.3
 
 addons:
   hosts:

Godeps/Godeps.json

@@ -144,6 +144,7 @@
 			"ImportPath": "golang.org/x/net/context",
 			"Rev": "ce84af2e5bf21582345e478b116afc7d4efaba3d"
 		},
+		{
 			"ImportPath": "gopkg.in/gorp.v1",
 			"Comment": "v1.7.1",
 			"Rev": "c87af80f3cc5036b55b83d77171e156791085e2e"

bdns/dns.go

@@ -118,7 +118,7 @@ var (
 
 // DNSResolver queries for DNS records
 type DNSResolver interface {
-	LookupTXT(context.Context, string) ([]string, error)
+	LookupTXT(context.Context, string) (txts []string, authorities []string, err error)
 	LookupHost(context.Context, string) ([]net.IP, error)
 	LookupCAA(context.Context, string) ([]*dns.CAA, error)
 	LookupMX(context.Context, string) ([]string, error)
@@ -242,30 +242,34 @@ type dnsResp struct {
 	err error
 }
 
-// LookupTXT sends a DNS query to find all TXT records associated with the
+// LookupTXT sends a DNS query to find all TXT records associated with
-// provided hostname. It will retry requests in the case of temporary network
+// the provided hostname which it returns along with the returned
-// errors. It can return net package, context.Canceled, and
+// DNS authority section.
-// context.DeadlineExceeded errors.
+func (dnsResolver *DNSResolverImpl) LookupTXT(ctx context.Context, hostname string) ([]string, []string, error) {
-func (dnsResolver *DNSResolverImpl) LookupTXT(ctx context.Context, hostname string) ([]string, error) {
 	var txt []string
-	r, err := dnsResolver.exchangeOne(ctx, hostname, dns.TypeTXT, dnsResolver.txtStats)
+	dnsType := dns.TypeTXT
+	r, err := dnsResolver.exchangeOne(ctx, hostname, dnsType, dnsResolver.txtStats)
 	if err != nil {
-		return nil, err
+		return nil, nil, &dnsError{dnsType, hostname, err, -1}
 	}
 	if r.Rcode != dns.RcodeSuccess {
-		err = fmt.Errorf("DNS failure: %d-%s for TXT query", r.Rcode, dns.RcodeToString[r.Rcode])
+		return nil, nil, &dnsError{dnsType, hostname, nil, r.Rcode}
-		return nil, err
 	}
 
 	for _, answer := range r.Answer {
-		if answer.Header().Rrtype == dns.TypeTXT {
+		if answer.Header().Rrtype == dnsType {
 			if txtRec, ok := answer.(*dns.TXT); ok {
 				txt = append(txt, strings.Join(txtRec.Txt, ""))
 			}
 		}
 	}
 
-	return txt, err
+	authorities := []string{}
+	for _, a := range r.Ns {
+		authorities = append(authorities, a.String())
+	}
+
+	return txt, authorities, err
 }
 
 func isPrivateV4(ip net.IP) bool {
@@ -284,18 +288,17 @@ func isPrivateV4(ip net.IP) bool {
 // context.Canceled, and context.DeadlineExceeded errors.
 func (dnsResolver *DNSResolverImpl) LookupHost(ctx context.Context, hostname string) ([]net.IP, error) {
 	var addrs []net.IP
-
+	dnsType := dns.TypeA
-	r, err := dnsResolver.exchangeOne(ctx, hostname, dns.TypeA, dnsResolver.aStats)
+	r, err := dnsResolver.exchangeOne(ctx, hostname, dnsType, dnsResolver.aStats)
 	if err != nil {
-		return addrs, err
+		return addrs, &dnsError{dnsType, hostname, err, -1}
 	}
 	if r.Rcode != dns.RcodeSuccess {
-		err = fmt.Errorf("DNS failure: %d-%s for A query", r.Rcode, dns.RcodeToString[r.Rcode])
+		return nil, &dnsError{dnsType, hostname, nil, r.Rcode}
-		return nil, err
 	}
 
 	for _, answer := range r.Answer {
-		if answer.Header().Rrtype == dns.TypeA {
+		if answer.Header().Rrtype == dnsType {
 			if a, ok := answer.(*dns.A); ok && a.A.To4() != nil && (!isPrivateV4(a.A) || dnsResolver.allowRestrictedAddresses) {
 				addrs = append(addrs, a.A)
 			}
@@ -305,15 +308,14 @@ func (dnsResolver *DNSResolverImpl) LookupHost(ctx context.Context, hostname str
 	return addrs, nil
 }
 
-// LookupCAA sends a DNS query to find all CAA records associated with the
+// LookupCAA sends a DNS query to find all CAA records associated with
-// provided hostname. If the response code from the resolver is SERVFAIL an
+// the provided hostname. If the response code from the resolver is
-// empty slice of CAA records is returned.  It will retry requests in the case
+// SERVFAIL an empty slice of CAA records is returned.
-// of temporary network errors. It can return net package, context.Canceled, and
-// context.DeadlineExceeded errors.
 func (dnsResolver *DNSResolverImpl) LookupCAA(ctx context.Context, hostname string) ([]*dns.CAA, error) {
-	r, err := dnsResolver.exchangeOne(ctx, hostname, dns.TypeCAA, dnsResolver.caaStats)
+	dnsType := dns.TypeCAA
+	r, err := dnsResolver.exchangeOne(ctx, hostname, dnsType, dnsResolver.caaStats)
 	if err != nil {
-		return nil, err
+		return nil, &dnsError{dnsType, hostname, err, -1}
 	}
 
 	// On resolver validation failure, or other server failures, return empty an
@@ -324,7 +326,7 @@ func (dnsResolver *DNSResolverImpl) LookupCAA(ctx context.Context, hostname stri
 	}
 
 	for _, answer := range r.Answer {
-		if answer.Header().Rrtype == dns.TypeCAA {
+		if answer.Header().Rrtype == dnsType {
 			if caaR, ok := answer.(*dns.CAA); ok {
 				CAAs = append(CAAs, caaR)
 			}
@@ -333,18 +335,16 @@ func (dnsResolver *DNSResolverImpl) LookupCAA(ctx context.Context, hostname stri
 	return CAAs, nil
 }
 
-// LookupMX sends a DNS query to find a MX record associated hostname and
+// LookupMX sends a DNS query to find a MX record associated hostname and returns the
-// returns the record target.  It will retry requests in the case of temporary
+// record target.
-// network errors. It can return net package, context.Canceled, and
-// context.DeadlineExceeded errors.
 func (dnsResolver *DNSResolverImpl) LookupMX(ctx context.Context, hostname string) ([]string, error) {
-	r, err := dnsResolver.exchangeOne(ctx, hostname, dns.TypeMX, dnsResolver.mxStats)
+	dnsType := dns.TypeMX
+	r, err := dnsResolver.exchangeOne(ctx, hostname, dnsType, dnsResolver.mxStats)
 	if err != nil {
-		return nil, err
+		return nil, &dnsError{dnsType, hostname, err, -1}
 	}
 	if r.Rcode != dns.RcodeSuccess {
-		err = fmt.Errorf("DNS failure: %d-%s for MX query", r.Rcode, dns.RcodeToString[r.Rcode])
+		return nil, &dnsError{dnsType, hostname, nil, r.Rcode}
-		return nil, err
 	}
 
 	var results []string

bdns/dns_test.go

@@ -66,6 +66,9 @@ func mockDNSQuery(w dns.ResponseWriter, r *dns.Msg) {
 				record.A = net.ParseIP("127.0.0.1")
 				appendAnswer(record)
 			}
+			if q.Name == "nxdomain.letsencrypt.org." {
+				m.SetRcode(r, dns.RcodeNameError)
+			}
 		case dns.TypeCNAME:
 			if q.Name == "cname.letsencrypt.org." {
 				record := new(dns.CNAME)
@@ -110,6 +113,20 @@ func mockDNSQuery(w dns.ResponseWriter, r *dns.Msg) {
 				record.Txt = []string{"a", "b", "c"}
 				appendAnswer(record)
 			}
+			if q.Name == "nxdomain.letsencrypt.org." {
+				m.SetRcode(r, dns.RcodeNameError)
+			}
+
+			auth := new(dns.SOA)
+			auth.Hdr = dns.RR_Header{Name: "letsencrypt.org.", Rrtype: dns.TypeSOA, Class: dns.ClassINET, Ttl: 0}
+			auth.Ns = "ns.letsencrypt.org."
+			auth.Mbox = "master.letsencrypt.org."
+			auth.Serial = 1
+			auth.Refresh = 1
+			auth.Retry = 1
+			auth.Expire = 1
+			auth.Minttl = 1
+			m.Ns = append(m.Ns, auth)
 		}
 	}
 
@@ -182,7 +199,7 @@ func TestDNSDuplicateServers(t *testing.T) {
 func TestDNSLookupsNoServer(t *testing.T) {
 	obj := NewTestDNSResolverImpl(time.Second*10, []string{}, testStats, clock.NewFake(), 1)
 
-	_, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
+	_, _, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
 	test.AssertError(t, err, "No servers")
 
 	_, err = obj.LookupHost(context.Background(), "letsencrypt.org")
@@ -196,7 +213,7 @@ func TestDNSServFail(t *testing.T) {
 	obj := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), 1)
 	bad := "servfail.com"
 
-	_, err := obj.LookupTXT(context.Background(), bad)
+	_, _, err := obj.LookupTXT(context.Background(), bad)
 	test.AssertError(t, err, "LookupTXT didn't return an error")
 
 	_, err = obj.LookupHost(context.Background(), bad)
@@ -212,11 +229,11 @@ func TestDNSServFail(t *testing.T) {
 func TestDNSLookupTXT(t *testing.T) {
 	obj := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), 1)
 
-	a, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
+	a, _, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
 	t.Logf("A: %v", a)
 	test.AssertNotError(t, err, "No message")
 
-	a, err = obj.LookupTXT(context.Background(), "split-txt.letsencrypt.org")
+	a, _, err = obj.LookupTXT(context.Background(), "split-txt.letsencrypt.org")
 	t.Logf("A: %v ", a)
 	test.AssertNotError(t, err, "No message")
 	test.AssertEquals(t, len(a), 1)
@@ -253,6 +270,23 @@ func TestDNSLookupHost(t *testing.T) {
 	test.Assert(t, len(ip) == 0, "Should not have IPs")
 }
 
+func TestDNSNXDOMAIN(t *testing.T) {
+	obj := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), 1)
+
+	hostname := "nxdomain.letsencrypt.org"
+	_, err := obj.LookupHost(context.Background(), hostname)
+	expected := dnsError{dns.TypeA, hostname, nil, dns.RcodeNameError}
+	if err, ok := err.(*dnsError); !ok || *err != expected {
+		t.Errorf("Looking up %s, got %#v, expected %#v", hostname, err, expected)
+	}
+
+	_, _, err = obj.LookupTXT(context.Background(), hostname)
+	expected.recordType = dns.TypeTXT
+	if err, ok := err.(*dnsError); !ok || *err != expected {
+		t.Errorf("Looking up %s, got %#v, expected %#v", hostname, err, expected)
+	}
+}
+
 func TestDNSLookupCAA(t *testing.T) {
 	obj := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), 1)
 
@@ -269,6 +303,15 @@ func TestDNSLookupCAA(t *testing.T) {
 	test.Assert(t, len(caas) > 0, "Should follow CNAME to find CAA")
 }
 
+func TestDNSTXTAuthorities(t *testing.T) {
+	obj := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), 1)
+
+	_, auths, err := obj.LookupTXT(context.Background(), "letsencrypt.org")
+	test.AssertNotError(t, err, "TXT lookup failed")
+	test.AssertEquals(t, len(auths), 1)
+	test.AssertEquals(t, auths[0], "letsencrypt.org.	0	IN	SOA	ns.letsencrypt.org. master.letsencrypt.org. 1 1 1 1 1")
+}
+
 type testExchanger struct {
 	sync.Mutex
 	count int
@@ -295,40 +338,45 @@ func (te *testExchanger) Exchange(m *dns.Msg, a string) (*dns.Msg, time.Duration
 func TestRetry(t *testing.T) {
 	isTempErr := &net.OpError{Op: "read", Err: tempError(true)}
 	nonTempErr := &net.OpError{Op: "read", Err: tempError(false)}
+	servFailError := errors.New("DNS problem: server failure at resolver looking up TXT for example.com")
+	netError := errors.New("DNS problem: networking error looking up TXT for example.com")
 	type testCase struct {
-		maxTries int
+		maxTries      int
-		expected int
+		te            *testExchanger
-		te       *testExchanger
+		expected      error
+		expectedCount int
 	}
 	tests := []*testCase{
 		// The success on first try case
 		{
 			maxTries: 3,
-			expected: 1,
 			te: &testExchanger{
 				errs: []error{nil},
 			},
+			expected:      nil,
+			expectedCount: 1,
 		},
 		// Immediate non-OpError, error returns immediately
 		{
 			maxTries: 3,
-			expected: 1,
 			te: &testExchanger{
 				errs: []error{errors.New("nope")},
 			},
+			expected:      servFailError,
+			expectedCount: 1,
 		},
 		// Temporary err, then non-OpError stops at two tries
 		{
 			maxTries: 3,
-			expected: 2,
 			te: &testExchanger{
 				errs: []error{isTempErr, errors.New("nope")},
 			},
+			expected:      servFailError,
+			expectedCount: 2,
 		},
 		// Temporary error given always
 		{
 			maxTries: 3,
-			expected: 3,
 			te: &testExchanger{
 				errs: []error{
 					isTempErr,
@@ -336,31 +384,34 @@ func TestRetry(t *testing.T) {
 					isTempErr,
 				},
 			},
+			expected:      netError,
+			expectedCount: 3,
 		},
 		// Even with maxTries at 0, we should still let a single request go
 		// through
 		{
 			maxTries: 0,
-			expected: 1,
 			te: &testExchanger{
 				errs: []error{nil},
 			},
+			expected:      nil,
+			expectedCount: 1,
 		},
 		// Temporary error given just once causes two tries
 		{
 			maxTries: 3,
-			expected: 2,
 			te: &testExchanger{
 				errs: []error{
 					isTempErr,
 					nil,
 				},
 			},
+			expected:      nil,
+			expectedCount: 2,
 		},
 		// Temporary error given twice causes three tries
 		{
 			maxTries: 3,
-			expected: 3,
 			te: &testExchanger{
 				errs: []error{
 					isTempErr,
@@ -368,11 +419,12 @@ func TestRetry(t *testing.T) {
 					nil,
 				},
 			},
+			expected:      nil,
+			expectedCount: 3,
 		},
 		// Temporary error given thrice causes three tries and fails
 		{
 			maxTries: 3,
-			expected: 3,
 			te: &testExchanger{
 				errs: []error{
 					isTempErr,
@@ -380,17 +432,20 @@ func TestRetry(t *testing.T) {
 					isTempErr,
 				},
 			},
+			expected:      netError,
+			expectedCount: 3,
 		},
 		// temporary then non-Temporary error causes two retries
 		{
 			maxTries: 3,
-			expected: 2,
 			te: &testExchanger{
 				errs: []error{
 					isTempErr,
 					nonTempErr,
 				},
 			},
+			expected:      netError,
+			expectedCount: 2,
 		},
 	}
 
@@ -398,16 +453,18 @@ func TestRetry(t *testing.T) {
 		dr := NewTestDNSResolverImpl(time.Second*10, []string{dnsLoopbackAddr}, testStats, clock.NewFake(), tc.maxTries)
 
 		dr.DNSClient = tc.te
-		_, err := dr.LookupTXT(context.Background(), "example.com")
+		_, _, err := dr.LookupTXT(context.Background(), "example.com")
 		if err == errTooManyRequests {
 			t.Errorf("#%d, sent more requests than the test case handles", i)
 		}
-		expectedErr := tc.te.errs[tc.expected-1]
+		expectedErr := tc.expected
-		if err != expectedErr {
+		if (expectedErr == nil && err != nil) ||
+			(expectedErr != nil && err == nil) ||
+			(expectedErr != nil && expectedErr.Error() != err.Error()) {
 			t.Errorf("#%d, error, expected %v, got %v", i, expectedErr, err)
 		}
-		if tc.expected != tc.te.count {
+		if tc.expectedCount != tc.te.count {
-			t.Errorf("#%d, count, expected %d, got %d", i, tc.expected, tc.te.count)
+			t.Errorf("#%d, error, expectedCount %v, got %v", i, tc.expectedCount, tc.te.count)
 		}
 	}
 
@@ -415,23 +472,26 @@ func TestRetry(t *testing.T) {
 	dr.DNSClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
 	ctx, cancel := context.WithCancel(context.Background())
 	cancel()
-	_, err := dr.LookupTXT(ctx, "example.com")
+	_, _, err := dr.LookupTXT(ctx, "example.com")
-	if err != context.Canceled {
+	if err == nil ||
+		err.Error() != "DNS problem: query timed out looking up TXT for example.com" {
 		t.Errorf("expected %s, got %s", context.Canceled, err)
 	}
 
 	dr.DNSClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
 	ctx, _ = context.WithTimeout(context.Background(), -10*time.Hour)
-	_, err = dr.LookupTXT(ctx, "example.com")
+	_, _, err = dr.LookupTXT(ctx, "example.com")
-	if err != context.DeadlineExceeded {
+	if err == nil ||
+		err.Error() != "DNS problem: query timed out looking up TXT for example.com" {
 		t.Errorf("expected %s, got %s", context.DeadlineExceeded, err)
 	}
 
 	dr.DNSClient = &testExchanger{errs: []error{isTempErr, isTempErr, nil}}
 	ctx, deadlineCancel := context.WithTimeout(context.Background(), -10*time.Hour)
 	deadlineCancel()
-	_, err = dr.LookupTXT(ctx, "example.com")
+	_, _, err = dr.LookupTXT(ctx, "example.com")
-	if err != context.DeadlineExceeded {
+	if err == nil ||
+		err.Error() != "DNS problem: query timed out looking up TXT for example.com" {
 		t.Errorf("expected %s, got %s", context.DeadlineExceeded, err)
 	}
 }

bdns/mocks.go

@@ -0,0 +1,117 @@
+package bdns
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"os"
+	"strings"
+
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/miekg/dns"
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
+)
+
+// MockDNSResolver is a mock
+type MockDNSResolver struct {
+}
+
+// LookupTXT is a mock
+func (mock *MockDNSResolver) LookupTXT(_ context.Context, hostname string) ([]string, []string, error) {
+	if hostname == "_acme-challenge.servfail.com" {
+		return nil, nil, fmt.Errorf("SERVFAIL")
+	}
+	if hostname == "_acme-challenge.good-dns01.com" {
+		// base64(sha256("LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowyjxAjEuX0"
+		//               + "." + "9jg46WB3rR_AHD-EBXdN7cBkH1WOu0tA3M9fm21mqTI"))
+		// expected token + test account jwk thumbprint
+		return []string{"LPsIwTo7o8BoG0-vjCyGQGBWSVIPxI-i_X336eUOQZo"}, []string{"respect my authority!"}, nil
+	}
+	return []string{"hostname"}, []string{"respect my authority!"}, nil
+}
+
+// MockTimeoutError returns a a net.OpError for which Timeout() returns true.
+func MockTimeoutError() *net.OpError {
+	return &net.OpError{
+		Err: os.NewSyscallError("ugh timeout", timeoutError{}),
+	}
+}
+
+type timeoutError struct{}
+
+func (t timeoutError) Error() string {
+	return "so sloooow"
+}
+func (t timeoutError) Timeout() bool {
+	return true
+}
+
+// LookupHost is a mock
+//
+// Note: see comments on LookupMX regarding email.only
+//
+func (mock *MockDNSResolver) LookupHost(_ context.Context, hostname string) ([]net.IP, error) {
+	if hostname == "always.invalid" ||
+		hostname == "invalid.invalid" ||
+		hostname == "email.only" {
+		return []net.IP{}, nil
+	}
+	if hostname == "always.timeout" {
+		return []net.IP{}, &dnsError{dns.TypeA, "always.timeout", MockTimeoutError(), -1}
+	}
+	if hostname == "always.error" {
+		return []net.IP{}, &dnsError{dns.TypeA, "always.error", &net.OpError{
+			Err: errors.New("some net error"),
+		}, -1}
+	}
+	ip := net.ParseIP("127.0.0.1")
+	return []net.IP{ip}, nil
+}
+
+// LookupCAA is a mock
+func (mock *MockDNSResolver) LookupCAA(_ context.Context, domain string) ([]*dns.CAA, error) {
+	var results []*dns.CAA
+	var record dns.CAA
+	switch strings.TrimRight(domain, ".") {
+	case "caa-timeout.com":
+		return nil, &dnsError{dns.TypeCAA, "always.timeout", MockTimeoutError(), -1}
+	case "reserved.com":
+		record.Tag = "issue"
+		record.Value = "symantec.com"
+		results = append(results, &record)
+	case "critical.com":
+		record.Flag = 1
+		record.Tag = "issue"
+		record.Value = "symantec.com"
+		results = append(results, &record)
+	case "present.com":
+		record.Tag = "issue"
+		record.Value = "letsencrypt.org"
+		results = append(results, &record)
+	case "com":
+		// Nothing should ever call this, since CAA checking should stop when it
+		// reaches a public suffix.
+		fallthrough
+	case "servfail.com":
+		return results, fmt.Errorf("SERVFAIL")
+	}
+	return results, nil
+}
+
+// LookupMX is a mock
+//
+// Note: the email.only domain must have an MX but no A or AAAA
+// records. The mock LookupHost returns an address of 127.0.0.1 for
+// all domains except for special cases, so MX-only domains must be
+// handled in both LookupHost and LookupMX.
+//
+func (mock *MockDNSResolver) LookupMX(_ context.Context, domain string) ([]string, error) {
+	switch strings.TrimRight(domain, ".") {
+	case "letsencrypt.org":
+		fallthrough
+	case "email.only":
+		fallthrough
+	case "email.com":
+		return []string{"mail.email.com"}, nil
+	}
+	return nil, nil
+}

bdns/problem.go

@@ -9,30 +9,60 @@ import (
 	"fmt"
 	"net"
 
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/miekg/dns"
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
 	"github.com/letsencrypt/boulder/probs"
 )
 
-const detailDNSTimeout = "DNS query timed out"
+type dnsError struct {
-const detailDNSNetFailure = "DNS networking error"
+	recordType uint16
-const detailServerFailure = "Server failure at resolver"
+	hostname   string
+	// Exactly one of rCode or underlying should be set.
+	underlying error
+	rCode      int
+}
+
+func (d dnsError) Error() string {
+	var detail string
+	if d.underlying != nil {
+		if netErr, ok := d.underlying.(*net.OpError); ok {
+			if netErr.Timeout() {
+				detail = detailDNSTimeout
+			} else {
+				detail = detailDNSNetFailure
+			}
+		} else if d.underlying == context.Canceled || d.underlying == context.DeadlineExceeded {
+			detail = detailDNSTimeout
+		} else {
+			detail = detailServerFailure
+		}
+	} else if d.rCode != dns.RcodeSuccess {
+		detail = dns.RcodeToString[d.rCode]
+	} else {
+		detail = detailServerFailure
+	}
+	return fmt.Sprintf("DNS problem: %s looking up %s for %s", detail,
+		dns.TypeToString[d.recordType], d.hostname)
+}
+
+const detailDNSTimeout = "query timed out"
+const detailDNSNetFailure = "networking error"
+const detailServerFailure = "server failure at resolver"
 
 // ProblemDetailsFromDNSError checks the error returned from Lookup...  methods
 // and tests if the error was an underlying net.OpError or an error caused by
 // resolver returning SERVFAIL or other invalid Rcodes and returns the relevant
 // core.ProblemDetails. The detail string will contain a mention of the DNS
 // record type and domain given.
-func ProblemDetailsFromDNSError(recordType, domain string, err error) *probs.ProblemDetails {
+func ProblemDetailsFromDNSError(err error) *probs.ProblemDetails {
-	detail := detailServerFailure
+	if dnsErr, ok := err.(*dnsError); ok {
-	if netErr, ok := err.(*net.OpError); ok {
+		return &probs.ProblemDetails{
-		if netErr.Timeout() {
+			Type:   probs.ConnectionProblem,
-			detail = detailDNSTimeout
+			Detail: dnsErr.Error(),
-		} else {
-			detail = detailDNSNetFailure
 		}
 	}
-	detail = fmt.Sprintf("%s during %s-record lookup of %s", detail, recordType, domain)
 	return &probs.ProblemDetails{
 		Type:   probs.ConnectionProblem,
-		Detail: detail,
+		Detail: detailServerFailure,
 	}
 }

bdns/problem_test.go

@@ -10,7 +10,9 @@ import (
 	"net"
 	"testing"
 
-	"github.com/letsencrypt/boulder/mocks"
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/miekg/dns"
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
+
 	"github.com/letsencrypt/boulder/probs"
 )
 
@@ -20,23 +22,31 @@ func TestProblemDetailsFromDNSError(t *testing.T) {
 		expected string
 	}{
 		{
-			mocks.TimeoutError(),
+			&dnsError{dns.TypeA, "hostname", MockTimeoutError(), -1},
-			detailDNSTimeout,
+			"DNS problem: query timed out looking up A for hostname",
 		}, {
 			errors.New("other failure"),
 			detailServerFailure,
 		}, {
-			&net.OpError{Err: errors.New("some net error")},
+			&dnsError{dns.TypeMX, "hostname", &net.OpError{Err: errors.New("some net error")}, -1},
-			detailDNSNetFailure,
+			"DNS problem: networking error looking up MX for hostname",
+		}, {
+			&dnsError{dns.TypeTXT, "hostname", nil, dns.RcodeNameError},
+			"DNS problem: NXDOMAIN looking up TXT for hostname",
+		}, {
+			&dnsError{dns.TypeTXT, "hostname", context.DeadlineExceeded, -1},
+			"DNS problem: query timed out looking up TXT for hostname",
+		}, {
+			&dnsError{dns.TypeTXT, "hostname", context.Canceled, -1},
+			"DNS problem: query timed out looking up TXT for hostname",
 		},
 	}
 	for _, tc := range testCases {
-		err := ProblemDetailsFromDNSError("TXT", "example.com", tc.err)
+		err := ProblemDetailsFromDNSError(tc.err)
 		if err.Type != probs.ConnectionProblem {
 			t.Errorf("ProblemDetailsFromDNSError(%q).Type = %q, expected %q", tc.err, err.Type, probs.ConnectionProblem)
 		}
-		exp := tc.expected + " during TXT-record lookup of example.com"
+		if err.Detail != tc.expected {
-		if err.Detail != exp {
 			t.Errorf("ProblemDetailsFromDNSError(%q).Detail = %q, expected %q", tc.err, err.Detail, tc.expected)
 		}
 	}

ca/certificate-authority.go

@@ -65,6 +65,7 @@ type CertificateAuthorityImpl struct {
 	SA             core.StorageAuthority
 	PA             core.PolicyAuthority
 	Publisher      core.Publisher
+	keyPolicy      core.KeyPolicy
 	clk            clock.Clock // TODO(jmhodges): should be private, like log
 	log            *blog.AuditLogger
 	stats          statsd.Statter
@@ -90,6 +91,7 @@ func NewCertificateAuthorityImpl(
 	stats statsd.Statter,
 	issuer *x509.Certificate,
 	privateKey crypto.Signer,
+	keyPolicy core.KeyPolicy,
 ) (*CertificateAuthorityImpl, error) {
 	var ca *CertificateAuthorityImpl
 	var err error
@@ -142,6 +144,7 @@ func NewCertificateAuthorityImpl(
 		stats:           stats,
 		notAfter:        issuer.NotAfter,
 		hsmFaultTimeout: config.HSMFaultTimeout.Duration,
+		keyPolicy:       keyPolicy,
 	}
 
 	if config.Expiry == "" {
@@ -218,12 +221,6 @@ func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest
 	return ocspResponse, err
 }
 
-// RevokeCertificate revokes the trust of the Cert referred to by the provided Serial.
-func (ca *CertificateAuthorityImpl) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
-	err = ca.SA.MarkCertificateRevoked(serial, reasonCode)
-	return err
-}
-
 // IssueCertificate attempts to convert a CSR into a signed Certificate, while
 // enforcing all policies. Names (domains) in the CertificateRequest will be
 // lowercased before storage.
@@ -242,7 +239,7 @@ func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest
 		ca.log.AuditErr(err)
 		return emptyCert, err
 	}
-	if err = core.GoodKey(key); err != nil {
+	if err = ca.keyPolicy.GoodKey(key); err != nil {
 		err = core.MalformedRequestError(fmt.Sprintf("Invalid public key in CSR: %s", err.Error()))
 		// AUDIT[ Certificate Requests ] 11917fa4-10ef-4e0d-9105-bacbe7836a3c
 		ca.log.AuditErr(err)

ca/certificate-authority_test.go

@@ -92,6 +92,10 @@ var (
 	// * DNSNames = moreCAPs.com, morecaps.com, evenMOREcaps.com, Capitalizedletters.COM
 	CapitalizedCSR = mustRead("./testdata/capitalized_cn_and_san.der.csr")
 
+	// CSR generated by OpenSSL:
+	// Edited signature to become invalid.
+	WrongSignatureCSR = mustRead("./testdata/invalid_signature.der.csr")
+
 	log = mocks.UseMockLog()
 )
 
@@ -109,13 +113,14 @@ func mustRead(path string) []byte {
 }
 
 type testCtx struct {
-	sa       core.StorageAuthority
+	sa        core.StorageAuthority
-	caConfig cmd.CAConfig
+	caConfig  cmd.CAConfig
-	reg      core.Registration
+	reg       core.Registration
-	pa       core.PolicyAuthority
+	pa        core.PolicyAuthority
-	fc       clock.FakeClock
+	keyPolicy core.KeyPolicy
-	stats    *mocks.Statter
+	fc        clock.FakeClock
-	cleanUp  func()
+	stats     *mocks.Statter
+	cleanUp   func()
 }
 
 var caKey crypto.Signer
@@ -207,11 +212,18 @@ func setup(t *testing.T) *testCtx {
 
 	stats := mocks.NewStatter()
 
+	keyPolicy := core.KeyPolicy{
+		AllowRSA:           true,
+		AllowECDSANISTP256: true,
+		AllowECDSANISTP384: true,
+	}
+
 	return &testCtx{
 		ssa,
 		caConfig,
 		reg,
 		pa,
+		keyPolicy,
 		fc,
 		&stats,
 		cleanUp,
@@ -223,14 +235,14 @@ func TestFailNoSerial(t *testing.T) {
 	defer ctx.cleanUp()
 
 	ctx.caConfig.SerialPrefix = 0
-	_, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	_, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertError(t, err, "CA should have failed with no SerialPrefix")
 }
 
 func TestIssueCertificate(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertNotError(t, err, "Failed to create CA")
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
@@ -307,7 +319,7 @@ func TestIssueCertificate(t *testing.T) {
 func TestRejectNoName(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertNotError(t, err, "Failed to create CA")
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
@@ -324,7 +336,7 @@ func TestRejectNoName(t *testing.T) {
 func TestRejectTooManyNames(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertNotError(t, err, "Failed to create CA")
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
@@ -341,7 +353,7 @@ func TestRejectTooManyNames(t *testing.T) {
 func TestDeduplication(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertNotError(t, err, "Failed to create CA")
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
@@ -365,7 +377,7 @@ func TestDeduplication(t *testing.T) {
 func TestRejectValidityTooLong(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	test.AssertNotError(t, err, "Failed to create CA")
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
@@ -383,7 +395,7 @@ func TestRejectValidityTooLong(t *testing.T) {
 func TestShortKey(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
 	ca.SA = ctx.sa
@@ -399,7 +411,7 @@ func TestShortKey(t *testing.T) {
 func TestRejectBadAlgorithm(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
 	ca.SA = ctx.sa
@@ -416,7 +428,7 @@ func TestCapitalizedLetters(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
 	ctx.caConfig.MaxNames = 3
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
 	ca.SA = ctx.sa
@@ -433,11 +445,29 @@ func TestCapitalizedLetters(t *testing.T) {
 	test.AssertDeepEquals(t, expected, parsedCert.DNSNames)
 }
 
+func TestWrongSignature(t *testing.T) {
+	ctx := setup(t)
+	defer ctx.cleanUp()
+	ctx.caConfig.MaxNames = 3
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
+	ca.Publisher = &mocks.Publisher{}
+	ca.PA = ctx.pa
+	ca.SA = ctx.sa
+
+	// x509.ParseCertificateRequest() does not check for invalid signatures...
+	csr, _ := x509.ParseCertificateRequest(WrongSignatureCSR)
+
+	_, err = ca.IssueCertificate(*csr, ctx.reg.ID)
+	if err == nil {
+		t.Fatalf("Issued a certificate based on a CSR with an invalid signature.")
+	}
+}
+
 func TestHSMFaultTimeout(t *testing.T) {
 	ctx := setup(t)
 	defer ctx.cleanUp()
 
-	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey)
+	ca, err := NewCertificateAuthorityImpl(ctx.caConfig, ctx.fc, ctx.stats, caCert, caKey, ctx.keyPolicy)
 	ca.Publisher = &mocks.Publisher{}
 	ca.PA = ctx.pa
 	ca.SA = ctx.sa

cmd/boulder-ca/main.go

@@ -91,7 +91,8 @@ func main() {
 			clock.Default(),
 			stats,
 			issuer,
-			priv)
+			priv,
+			c.KeyPolicy())
 		cmd.FailOnError(err, "Failed to create CA impl")
 		cai.PA = pa
 

cmd/boulder-ra/main.go

@@ -59,7 +59,7 @@ func main() {
 		}
 
 		rai := ra.NewRegistrationAuthorityImpl(clock.Default(), auditlogger, stats,
-			dc, rateLimitPolicies, c.RA.MaxContactsPerRegistration)
+			dc, rateLimitPolicies, c.RA.MaxContactsPerRegistration, c.KeyPolicy())
 		rai.PA = pa
 		raDNSTimeout, err := time.ParseDuration(c.Common.DNSTimeout)
 		cmd.FailOnError(err, "Couldn't parse RA DNS timeout")

cmd/boulder-wfe/main.go

@@ -53,7 +53,7 @@ func main() {
 	app.Action = func(c cmd.Config, stats statsd.Statter, auditlogger *blog.AuditLogger) {
 		go cmd.DebugServer(c.WFE.DebugAddr)
 
-		wfe, err := wfe.NewWebFrontEndImpl(stats, clock.Default())
+		wfe, err := wfe.NewWebFrontEndImpl(stats, clock.Default(), c.KeyPolicy())
 		cmd.FailOnError(err, "Unable to create WFE")
 		rac, sac := setupWFE(c, auditlogger, stats)
 		wfe.RA = rac
@@ -79,6 +79,8 @@ func main() {
 		wfe.IssuerCert, err = cmd.LoadCert(c.Common.IssuerCert)
 		cmd.FailOnError(err, fmt.Sprintf("Couldn't read issuer cert [%s]", c.Common.IssuerCert))
 
+		auditlogger.Info(fmt.Sprintf("WFE using key policy: %#v", c.KeyPolicy()))
+
 		go cmd.ProfileCmd("WFE", stats)
 
 		// Set up paths

cmd/config.go

@@ -118,6 +118,8 @@ type Config struct {
 		Port     string
 		Username string
 		Password string
+		From     string
+		Subject  string
 
 		CertLimit int
 		NagTimes  []string
@@ -186,10 +188,35 @@ type Config struct {
 		Workers             int
 		ReportDirectoryPath string
 	}
+	AllowedSigningAlgos *AllowedSigningAlgos
 
 	SubscriberAgreementURL string
 }
 
+// AllowedSigningAlgos defines which algorithms be used for keys that we will
+// sign.
+type AllowedSigningAlgos struct {
+	RSA           bool
+	ECDSANISTP256 bool
+	ECDSANISTP384 bool
+	ECDSANISTP521 bool
+}
+
+// KeyPolicy returns a KeyPolicy reflecting the Boulder configuration.
+func (config *Config) KeyPolicy() core.KeyPolicy {
+	if config.AllowedSigningAlgos != nil {
+		return core.KeyPolicy{
+			AllowRSA:           config.AllowedSigningAlgos.RSA,
+			AllowECDSANISTP256: config.AllowedSigningAlgos.ECDSANISTP256,
+			AllowECDSANISTP384: config.AllowedSigningAlgos.ECDSANISTP384,
+			AllowECDSANISTP521: config.AllowedSigningAlgos.ECDSANISTP521,
+		}
+	}
+	return core.KeyPolicy{
+		AllowRSA: true,
+	}
+}
+
 // ServiceConfig contains config items that are common to all our services, to
 // be embedded in other config structs.
 type ServiceConfig struct {

cmd/expiration-mailer/main.go

@@ -10,6 +10,7 @@ import (
 	"crypto/x509"
 	"fmt"
 	"io/ioutil"
+	netmail "net/mail"
 	"sort"
 	"strings"
 	"text/template"
@@ -19,6 +20,7 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/codegangsta/cli"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
+
 	"github.com/letsencrypt/boulder/cmd"
 	"github.com/letsencrypt/boulder/core"
 	blog "github.com/letsencrypt/boulder/log"
@@ -46,6 +48,7 @@ type mailer struct {
 	rs            regStore
 	mailer        mail.Mailer
 	emailTemplate *template.Template
+	subject       string
 	nagTimes      []time.Duration
 	limit         int
 	clk           clock.Clock
@@ -72,7 +75,7 @@ func (m *mailer) sendNags(parsedCert *x509.Certificate, contacts []*core.AcmeURL
 			return err
 		}
 		startSending := m.clk.Now()
-		err = m.mailer.SendMail(emails, msgBuf.String())
+		err = m.mailer.SendMail(emails, m.subject, msgBuf.String())
 		if err != nil {
 			m.stats.Inc("Mailer.Expiration.Errors.SendingNag.SendFailure", 1, 1.0)
 			return err
@@ -246,7 +249,12 @@ func main() {
 		tmpl, err := template.New("expiry-email").Parse(string(emailTmpl))
 		cmd.FailOnError(err, "Could not parse email template")
 
-		mailClient := mail.New(c.Mailer.Server, c.Mailer.Port, c.Mailer.Username, c.Mailer.Password)
+		_, err = netmail.ParseAddress(c.Mailer.From)
+		cmd.FailOnError(err, fmt.Sprintf("Could not parse from address: %s", c.Mailer.From))
+
+		mailClient := mail.New(c.Mailer.Server, c.Mailer.Port, c.Mailer.Username, c.Mailer.Password, c.Mailer.From)
+		err = mailClient.Connect()
+		cmd.FailOnError(err, "Couldn't connect to mail server.")
 
 		nagCheckInterval := defaultNagCheckInterval
 		if s := c.Mailer.NagCheckInterval; s != "" {
@@ -269,8 +277,13 @@ func main() {
 		// Make sure durations are sorted in increasing order
 		sort.Sort(nags)
 
+		subject := "Certificate expiration notice"
+		if c.Mailer.Subject != "" {
+			subject = c.Mailer.Subject
+		}
 		m := mailer{
 			stats:         stats,
+			subject:       subject,
 			log:           auditlogger,
 			dbMap:         dbMap,
 			rs:            sac,

cmd/expiration-mailer/main_test.go

@@ -23,6 +23,7 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
+
 	"github.com/letsencrypt/boulder/core"
 	blog "github.com/letsencrypt/boulder/log"
 	"github.com/letsencrypt/boulder/mocks"
@@ -42,21 +43,6 @@ func intFromB64(b64 string) int {
 	return int(bigIntFromB64(b64).Int64())
 }
 
-type mockMail struct {
-	Messages []string
-}
-
-func (m *mockMail) Clear() {
-	m.Messages = []string{}
-}
-
-func (m *mockMail) SendMail(to []string, msg string) (err error) {
-	for range to {
-		m.Messages = append(m.Messages, msg)
-	}
-	return
-}
-
 type fakeRegStore struct {
 	RegByID map[int64]core.Registration
 }
@@ -104,7 +90,7 @@ var (
 
 func TestSendNags(t *testing.T) {
 	stats, _ := statsd.NewNoopClient(nil)
-	mc := mockMail{}
+	mc := mocks.Mailer{}
 	rs := newFakeRegStore()
 	fc := newFakeClock(t)
 
@@ -461,7 +447,7 @@ func TestDontFindRevokedCert(t *testing.T) {
 type testCtx struct {
 	dbMap   *gorp.DbMap
 	ssa     core.StorageAdder
-	mc      *mockMail
+	mc      *mocks.Mailer
 	fc      clock.FakeClock
 	m       *mailer
 	cleanUp func()
@@ -482,7 +468,7 @@ func setup(t *testing.T, nagTimes []time.Duration) *testCtx {
 	cleanUp := test.ResetSATestDatabase(t)
 
 	stats, _ := statsd.NewNoopClient(nil)
-	mc := &mockMail{}
+	mc := &mocks.Mailer{}
 
 	offsetNags := make([]time.Duration, len(nagTimes))
 	for i, t := range nagTimes {

cmd/ocsp-updater/main_test.go

@@ -29,10 +29,6 @@ func (ca *mockCA) GenerateOCSP(xferObj core.OCSPSigningRequest) (ocsp []byte, er
 	return
 }
 
-func (ca *mockCA) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
-	return
-}
-
 type mockPub struct {
 	sa core.StorageAuthority
 }

core/good_key.go

@@ -8,9 +8,9 @@ package core
 import (
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/elliptic"
 	"crypto/rsa"
 	"fmt"
-	blog "github.com/letsencrypt/boulder/log"
 	"math/big"
 	"reflect"
 	"sync"
@@ -38,53 +38,163 @@ var (
 	smallPrimes          []*big.Int
 )
 
+// KeyPolicy etermines which types of key may be used with various boulder
+// operations.
+type KeyPolicy struct {
+	AllowRSA           bool // Whether RSA keys should be allowed.
+	AllowECDSANISTP256 bool // Whether ECDSA NISTP256 keys should be allowed.
+	AllowECDSANISTP384 bool // Whether ECDSA NISTP384 keys should be allowed.
+	AllowECDSANISTP521 bool // Whether ECDSA NISTP521 keys should be allowed.
+}
+
 // GoodKey returns true iff the key is acceptable for both TLS use and account
 // key use (our requirements are the same for either one), according to basic
 // strength and algorithm checking.
 // TODO: Support JsonWebKeys once go-jose migration is done.
-func GoodKey(key crypto.PublicKey) error {
+func (policy *KeyPolicy) GoodKey(key crypto.PublicKey) error {
-	log := blog.GetAuditLogger()
 	switch t := key.(type) {
 	case rsa.PublicKey:
-		return GoodKeyRSA(t)
+		return policy.goodKeyRSA(t)
 	case *rsa.PublicKey:
-		return GoodKeyRSA(*t)
+		return policy.goodKeyRSA(*t)
 	case ecdsa.PublicKey:
-		return GoodKeyECDSA(t)
+		return policy.goodKeyECDSA(t)
 	case *ecdsa.PublicKey:
-		return GoodKeyECDSA(*t)
+		return policy.goodKeyECDSA(*t)
 	default:
-		err := MalformedRequestError(fmt.Sprintf("Unknown key type %s", reflect.TypeOf(key)))
+		return MalformedRequestError(fmt.Sprintf("Unknown key type %s", reflect.TypeOf(key)))
-		log.Debug(err.Error())
-		return err
 	}
 }
 
 // GoodKeyECDSA determines if an ECDSA pubkey meets our requirements
-func GoodKeyECDSA(key ecdsa.PublicKey) (err error) {
+func (policy *KeyPolicy) goodKeyECDSA(key ecdsa.PublicKey) (err error) {
-	log := blog.GetAuditLogger()
+	// Check the curve.
-	err = NotSupportedError("ECDSA keys not yet supported")
+	//
-	log.Debug(err.Error())
+	// The validity of the curve is an assumption for all following tests.
-	return
+	err = policy.goodCurve(key.Curve)
+	if err != nil {
+		return err
+	}
+
+	// Key validation routine adapted from NIST SP800-56A § 5.6.2.3.2.
+	// <http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf>
+	//
+	// Assuming a prime field since a) we are only allowing such curves and b)
+	// crypto/elliptic only supports prime curves. Where this assumption
+	// simplifies the code below, it is explicitly stated and explained. If ever
+	// adapting this code to support non-prime curves, refer to NIST SP800-56A §
+	// 5.6.2.3.2 and adapt this code appropriately.
+	params := key.Params()
+
+	// SP800-56A § 5.6.2.3.2 Step 1.
+	// Partial check of the public key for an invalid range in the EC group:
+	// Verify that key is not the point at infinity O.
+	// This code assumes that the point at infinity is (0,0), which is the
+	// case for all supported curves.
+	if isPointAtInfinityNISTP(key.X, key.Y) {
+		return MalformedRequestError("Key x, y must not be the point at infinity")
+	}
+
+	// SP800-56A § 5.6.2.3.2 Step 2.
+	//   "Verify that x_Q and y_Q are integers in the interval [0,p-1] in the
+	//    case that q is an odd prime p, or that x_Q and y_Q are bit strings
+	//    of length m bits in the case that q = 2**m."
+	//
+	// Prove prime field: ASSUMED.
+	// Prove q != 2: ASSUMED. (Curve parameter. No supported curve has q == 2.)
+	// Prime field && q != 2  => q is an odd prime p
+	// Therefore "verify that x, y are in [0, p-1]" satisfies step 2.
+	//
+	// Therefore verify that both x and y of the public key point have the unique
+	// correct representation of an element in the underlying field by verifying
+	// that x and y are integers in [0, p-1].
+	if key.X.Sign() < 0 || key.Y.Sign() < 0 {
+		return MalformedRequestError("Key x, y must not be negative")
+	}
+
+	if key.X.Cmp(params.P) >= 0 || key.Y.Cmp(params.P) >= 0 {
+		return MalformedRequestError("Key x, y must not exceed P-1")
+	}
+
+	// SP800-56A § 5.6.2.3.2 Step 3.
+	//   "If q is an odd prime p, verify that (y_Q)**2 === (x_Q)***3 + a*x_Q + b (mod p).
+	//    If q = 2**m, verify that (y_Q)**2 + (x_Q)*(y_Q) == (x_Q)**3 + a*(x_Q)*2 + b in
+	//    the finite field of size 2**m.
+	//    (Ensures that the public key is on the correct elliptic curve.)"
+	//
+	// q is an odd prime p: proven/assumed above.
+	// a = -3 for all supported curves.
+	//
+	// Therefore step 3 is satisfied simply by showing that
+	//   y**2 === x**3 - 3*x + B (mod P).
+	//
+	// This proves that the public key is on the correct elliptic curve.
+	// But in practice, this test is provided by crypto/elliptic, so use that.
+	if !key.Curve.IsOnCurve(key.X, key.Y) {
+		return MalformedRequestError("Key point is not on the curve")
+	}
+
+	// SP800-56A § 5.6.2.3.2 Step 4.
+	//   "Verify that n*Q == O.
+	//    (Ensures that the public key has the correct order. Along with check 1,
+	//     ensures that the public key is in the correct range in the correct EC
+	//     subgroup, that is, it is in the correct EC subgroup and is not the
+	//     identity element.)"
+	//
+	// Ensure that public key has the correct order:
+	// verify that n*Q = O.
+	//
+	// n*Q = O iff n*Q is the point at infinity (see step 1).
+	ox, oy := key.Curve.ScalarMult(key.X, key.Y, params.N.Bytes())
+	if !isPointAtInfinityNISTP(ox, oy) {
+		return MalformedRequestError("Public key does not have correct order")
+	}
+
+	// End of SP800-56A § 5.6.2.3.2 Public Key Validation Routine.
+	// Key is valid.
+	return nil
+}
+
+// Returns true iff the point (x,y) on NIST P-256, NIST P-384 or NIST P-521 is
+// the point at infinity. These curves all have the same point at infinity
+// (0,0). This function must ONLY be used on points on curves verified to have
+// (0,0) as their point at infinity.
+func isPointAtInfinityNISTP(x, y *big.Int) bool {
+	return x.Sign() == 0 && y.Sign() == 0
+}
+
+// GoodCurve determines if an elliptic curve meets our requirements.
+func (policy *KeyPolicy) goodCurve(c elliptic.Curve) (err error) {
+	// Simply use a whitelist for now.
+	params := c.Params()
+	switch {
+	case policy.AllowECDSANISTP256 && params == elliptic.P256().Params():
+		return nil
+	case policy.AllowECDSANISTP384 && params == elliptic.P384().Params():
+		return nil
+	case policy.AllowECDSANISTP521 && params == elliptic.P521().Params():
+		return nil
+	default:
+		return MalformedRequestError(fmt.Sprintf("ECDSA curve %v not allowed", params.Name))
+	}
 }
 
 // GoodKeyRSA determines if a RSA pubkey meets our requirements
-func GoodKeyRSA(key rsa.PublicKey) (err error) {
+func (policy *KeyPolicy) goodKeyRSA(key rsa.PublicKey) (err error) {
-	log := blog.GetAuditLogger()
+	if !policy.AllowRSA {
+		return MalformedRequestError("RSA keys are not allowed")
+	}
+
 	// Baseline Requirements Appendix A
 	// Modulus must be >= 2048 bits and <= 4096 bits
 	modulus := key.N
 	modulusBitLen := modulus.BitLen()
 	const maxKeySize = 4096
 	if modulusBitLen < 2048 {
-		err = MalformedRequestError(fmt.Sprintf("Key too small: %d", modulusBitLen))
+		return MalformedRequestError(fmt.Sprintf("Key too small: %d", modulusBitLen))
-		log.Debug(err.Error())
-		return err
 	}
 	if modulusBitLen > maxKeySize {
-		err = MalformedRequestError(fmt.Sprintf("Key too large: %d > %d", modulusBitLen, maxKeySize))
+		return MalformedRequestError(fmt.Sprintf("Key too large: %d > %d", modulusBitLen, maxKeySize))
-		log.Debug(err.Error())
-		return err
 	}
 	// The CA SHALL confirm that the value of the public exponent is an
 	// odd number equal to 3 or more. Additionally, the public exponent
@@ -93,26 +203,36 @@ func GoodKeyRSA(key rsa.PublicKey) (err error) {
 	// 2^32 - 1 or 2^64 - 1, because it stores E as an integer. So we
 	// don't need to check the upper bound.
 	if (key.E%2) == 0 || key.E < ((1<<16)+1) {
-		err = MalformedRequestError(fmt.Sprintf("Key exponent should be odd and >2^16: %d", key.E))
+		return MalformedRequestError(fmt.Sprintf("Key exponent should be odd and >2^16: %d", key.E))
-		log.Debug(err.Error())
-		return err
 	}
 	// The modulus SHOULD also have the following characteristics: an odd
 	// number, not the power of a prime, and have no factors smaller than 752.
 	// TODO: We don't yet check for "power of a prime."
+	if checkSmallPrimes(modulus) {
+		return MalformedRequestError("Key divisible by small prime")
+	}
+
+	return nil
+}
+
+// Returns true iff integer i is divisible by any of the primes in smallPrimes.
+//
+// Short circuits; execution time is dependent on i. Do not use this on secret
+// values.
+func checkSmallPrimes(i *big.Int) bool {
 	smallPrimesSingleton.Do(func() {
 		for _, prime := range smallPrimeInts {
 			smallPrimes = append(smallPrimes, big.NewInt(prime))
 		}
 	})
+
 	for _, prime := range smallPrimes {
 		var result big.Int
-		result.Mod(modulus, prime)
+		result.Mod(i, prime)
 		if result.Sign() == 0 {
-			err = MalformedRequestError(fmt.Sprintf("Key divisible by small prime: %d", prime))
+			return true
-			log.Debug(err.Error())
-			return err
 		}
 	}
-	return nil
+
+	return false
 }

core/good_key_test.go

@@ -7,6 +7,7 @@ package core
 
 import (
 	"crypto/ecdsa"
+	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
 	"math/big"
@@ -15,29 +16,29 @@ import (
 	"github.com/letsencrypt/boulder/test"
 )
 
-func TestUnknownKeyType(t *testing.T) {
+var testingPolicy = &KeyPolicy{
-	notAKey := struct{}{}
+	AllowRSA:           true,
-	test.AssertError(t, GoodKey(notAKey), "Should have rejected a key of unknown type")
+	AllowECDSANISTP256: true,
+	AllowECDSANISTP384: true,
 }
 
-func TestWrongKeyType(t *testing.T) {
+func TestUnknownKeyType(t *testing.T) {
-	ecdsaKey := ecdsa.PublicKey{}
+	notAKey := struct{}{}
-	test.AssertError(t, GoodKey(&ecdsaKey), "Should have rejected ECDSA key.")
+	test.AssertError(t, testingPolicy.GoodKey(notAKey), "Should have rejected a key of unknown type")
-	test.AssertError(t, GoodKey(ecdsaKey), "Should have rejected ECDSA key.")
 }
 
 func TestSmallModulus(t *testing.T) {
 	private, err := rsa.GenerateKey(rand.Reader, 2040)
 	test.AssertNotError(t, err, "Error generating key")
-	test.AssertError(t, GoodKey(&private.PublicKey), "Should have rejected too-short key.")
+	test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should have rejected too-short key.")
-	test.AssertError(t, GoodKey(private.PublicKey), "Should have rejected too-short key.")
+	test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should have rejected too-short key.")
 }
 
 func TestLargeModulus(t *testing.T) {
 	private, err := rsa.GenerateKey(rand.Reader, 4097)
 	test.AssertNotError(t, err, "Error generating key")
-	test.AssertError(t, GoodKey(&private.PublicKey), "Should have rejected too-long key.")
+	test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should have rejected too-long key.")
-	test.AssertError(t, GoodKey(private.PublicKey), "Should have rejected too-long key.")
+	test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should have rejected too-long key.")
 }
 
 func TestSmallExponent(t *testing.T) {
@@ -46,7 +47,7 @@ func TestSmallExponent(t *testing.T) {
 		N: bigOne.Lsh(bigOne, 2048),
 		E: 5,
 	}
-	test.AssertError(t, GoodKey(&key), "Should have rejected small exponent.")
+	test.AssertError(t, testingPolicy.GoodKey(&key), "Should have rejected small exponent.")
 }
 
 func TestEvenExponent(t *testing.T) {
@@ -55,7 +56,7 @@ func TestEvenExponent(t *testing.T) {
 		N: bigOne.Lsh(bigOne, 2048),
 		E: 1 << 17,
 	}
-	test.AssertError(t, GoodKey(&key), "Should have rejected even exponent.")
+	test.AssertError(t, testingPolicy.GoodKey(&key), "Should have rejected even exponent.")
 }
 
 func TestEvenModulus(t *testing.T) {
@@ -64,7 +65,7 @@ func TestEvenModulus(t *testing.T) {
 		N: bigOne.Lsh(bigOne, 2048),
 		E: (1 << 17) + 1,
 	}
-	test.AssertError(t, GoodKey(&key), "Should have rejected even modulus.")
+	test.AssertError(t, testingPolicy.GoodKey(&key), "Should have rejected even modulus.")
 }
 
 func TestModulusDivisibleBy752(t *testing.T) {
@@ -76,11 +77,120 @@ func TestModulusDivisibleBy752(t *testing.T) {
 		N: N,
 		E: (1 << 17) + 1,
 	}
-	test.AssertError(t, GoodKey(&key), "Should have rejected modulus divisible by 751.")
+	test.AssertError(t, testingPolicy.GoodKey(&key), "Should have rejected modulus divisible by 751.")
 }
 
 func TestGoodKey(t *testing.T) {
 	private, err := rsa.GenerateKey(rand.Reader, 2048)
 	test.AssertNotError(t, err, "Error generating key")
-	test.AssertNotError(t, GoodKey(&private.PublicKey), "Should have accepted good key.")
+	test.AssertNotError(t, testingPolicy.GoodKey(&private.PublicKey), "Should have accepted good key.")
+}
+
+func TestECDSABadCurve(t *testing.T) {
+	for _, curve := range invalidCurves {
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should have rejected key with unsupported curve.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should have rejected key with unsupported curve.")
+	}
+}
+
+var invalidCurves = []elliptic.Curve{
+	elliptic.P224(),
+	elliptic.P521(),
+}
+
+var validCurves = []elliptic.Curve{
+	elliptic.P256(),
+	elliptic.P384(),
+}
+
+func TestECDSAGoodKey(t *testing.T) {
+	for _, curve := range validCurves {
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+		test.AssertNotError(t, testingPolicy.GoodKey(&private.PublicKey), "Should have accepted good key.")
+		test.AssertNotError(t, testingPolicy.GoodKey(private.PublicKey), "Should have accepted good key.")
+	}
+}
+
+func TestECDSANotOnCurveX(t *testing.T) {
+	for _, curve := range validCurves {
+		// Change a public key so that it is no longer on the curve.
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+
+		private.X.Add(private.X, big.NewInt(1))
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key not on the curve.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key not on the curve.")
+	}
+}
+
+func TestECDSANotOnCurveY(t *testing.T) {
+	for _, curve := range validCurves {
+		// Again with Y.
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+
+		// Change the public key so that it is no longer on the curve.
+		private.Y.Add(private.Y, big.NewInt(1))
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key not on the curve.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key not on the curve.")
+	}
+}
+
+func TestECDSANegative(t *testing.T) {
+	for _, curve := range validCurves {
+		// Check that negative X is not accepted.
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+
+		private.X.Neg(private.X)
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key with negative X.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key with negative X.")
+
+		// Check that negative Y is not accepted.
+		private.X.Neg(private.X)
+		private.Y.Neg(private.Y)
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key with negative Y.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key with negative Y.")
+	}
+}
+
+func TestECDSANegativeUnmodulatedX(t *testing.T) {
+	for _, curve := range validCurves {
+		// Check that unmodulated X is not accepted.
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+
+		private.X.Mul(private.X, private.Curve.Params().P)
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key with unmodulated X.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key with unmodulated X.")
+	}
+}
+
+func TestECDSANegativeUnmodulatedY(t *testing.T) {
+	for _, curve := range validCurves {
+		// Check that unmodulated Y is not accepted.
+		private, err := ecdsa.GenerateKey(curve, rand.Reader)
+		test.AssertNotError(t, err, "Error generating key")
+
+		private.X.Mul(private.Y, private.Curve.Params().P)
+		test.AssertError(t, testingPolicy.GoodKey(&private.PublicKey), "Should not have accepted key with unmodulated Y.")
+		test.AssertError(t, testingPolicy.GoodKey(private.PublicKey), "Should not have accepted key with unmodulated Y.")
+	}
+}
+
+func TestECDSAIdentity(t *testing.T) {
+	for _, curve := range validCurves {
+		// The point at infinity is 0,0, it should not be accepted.
+		public := ecdsa.PublicKey{
+			Curve: curve,
+			X:     big.NewInt(0),
+			Y:     big.NewInt(0),
+		}
+
+		test.AssertError(t, testingPolicy.GoodKey(&public), "Should not have accepted key with point at infinity.")
+		test.AssertError(t, testingPolicy.GoodKey(public), "Should not have accepted key with point at infinity.")
+	}
 }

core/interfaces.go

@@ -12,7 +12,6 @@ import (
 	"time"
 
 	jose "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
-	gorp "github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
 )
 
 // A WebFrontEnd object supplies methods that can be hooked into
@@ -83,7 +82,6 @@ type RegistrationAuthority interface {
 type CertificateAuthority interface {
 	// [RegistrationAuthority]
 	IssueCertificate(x509.CertificateRequest, int64) (Certificate, error)
-	RevokeCertificate(string, RevocationCode) error
 	GenerateOCSP(OCSPSigningRequest) ([]byte, error)
 }
 
@@ -131,12 +129,6 @@ type StorageAuthority interface {
 	StorageAdder
 }
 
-// CertificateAuthorityDatabase represents an atomic sequence source
-type CertificateAuthorityDatabase interface {
-	IncrementAndGetSerial(*gorp.Transaction) (int64, error)
-	Begin() (*gorp.Transaction, error)
-}
-
 // Publisher defines the public interface for the Boulder Publisher
 type Publisher interface {
 	SubmitToCT([]byte) error

core/objects.go

@@ -178,6 +178,9 @@ func (r *Registration) MergeUpdate(input Registration) {
 // ValidationRecord represents a validation attempt against a specific URL/hostname
 // and the IP addresses that were resolved and used
 type ValidationRecord struct {
+	// DNS only
+	Authorities []string
+
 	// SimpleHTTP only
 	URL string `json:"url,omitempty"`
 
@@ -328,7 +331,7 @@ type Challenge struct {
 // RecordsSane checks the sanity of a ValidationRecord object before sending it
 // back to the RA to be stored.
 func (ch Challenge) RecordsSane() bool {
-	if ch.Type != ChallengeTypeDNS01 && (ch.ValidationRecord == nil || len(ch.ValidationRecord) == 0) {
+	if ch.ValidationRecord == nil || len(ch.ValidationRecord) == 0 {
 		return false
 	}
 
@@ -352,6 +355,12 @@ func (ch Challenge) RecordsSane() bool {
 			return false
 		}
 	case ChallengeTypeDNS01:
+		if len(ch.ValidationRecord) > 1 {
+			return false
+		}
+		if len(ch.ValidationRecord[0].Authorities) == 0 || ch.ValidationRecord[0].Hostname == "" {
+			return false
+		}
 		return true
 	default: // Unsupported challenge type
 		return false

mail/mailer.go

@@ -6,38 +6,178 @@
 package mail
 
 import (
+	"bytes"
+	"crypto/rand"
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"math"
+	"math/big"
+	"mime/quotedprintable"
 	"net"
 	"net/smtp"
+	"strconv"
+	"strings"
+	"time"
+	"unicode"
+
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 )
 
+type idGenerator interface {
+	generate() *big.Int
+}
+
+var maxBigInt = big.NewInt(math.MaxInt64)
+
+type realSource struct{}
+
+func (s realSource) generate() *big.Int {
+	randInt, err := rand.Int(rand.Reader, maxBigInt)
+	if err != nil {
+		panic(err)
+	}
+	return randInt
+}
+
 // Mailer provides the interface for a mailer
 type Mailer interface {
-	SendMail([]string, string) error
+	SendMail([]string, string, string) error
 }
 
 // MailerImpl defines a mail transfer agent to use for sending mail
 type MailerImpl struct {
-	Server string
+	server      string
-	Port   string
+	port        string
-	Auth   smtp.Auth
+	auth        smtp.Auth
-	From   string
+	from        string
+	client      *smtp.Client
+	clk         clock.Clock
+	csprgSource idGenerator
+}
+
+func isASCII(str string) bool {
+	for _, r := range str {
+		if r > unicode.MaxASCII {
+			return false
+		}
+	}
+	return true
 }
 
 // New constructs a Mailer to represent an account on a particular mail
 // transfer agent.
-func New(server, port, username, password string) MailerImpl {
+func New(server, port, username, password, from string) MailerImpl {
 	auth := smtp.PlainAuth("", username, password, server)
 	return MailerImpl{
-		Server: server,
+		server:      server,
-		Port:   port,
+		port:        port,
-		Auth:   auth,
+		auth:        auth,
-		From:   username,
+		from:        from,
+		clk:         clock.Default(),
+		csprgSource: realSource{},
 	}
 }
 
+func (m *MailerImpl) generateMessage(to []string, subject, body string) ([]byte, error) {
+	mid := m.csprgSource.generate()
+	now := m.clk.Now().UTC()
+	addrs := []string{}
+	for _, a := range to {
+		if !isASCII(a) {
+			return nil, fmt.Errorf("Non-ASCII email address")
+		}
+		addrs = append(addrs, strconv.Quote(a))
+	}
+	headers := []string{
+		fmt.Sprintf("To: %s", strings.Join(addrs, ", ")),
+		fmt.Sprintf("From: %s", m.from),
+		fmt.Sprintf("Subject: %s", subject),
+		fmt.Sprintf("Date: %s", now.Format(time.RFC822)),
+		fmt.Sprintf("Message-Id: <%s.%s.%s>", now.Format("20060102T150405"), mid.String(), m.from),
+		"MIME-Version: 1.0",
+		"Content-Type: text/plain; charset=UTF-8",
+		"Content-Transfer-Encoding: quoted-printable",
+	}
+	for i := range headers[1:] {
+		// strip LFs
+		headers[i] = strings.Replace(headers[i], "\n", "", -1)
+	}
+	bodyBuf := new(bytes.Buffer)
+	mimeWriter := quotedprintable.NewWriter(bodyBuf)
+	_, err := mimeWriter.Write([]byte(body))
+	if err != nil {
+		return nil, err
+	}
+	err = mimeWriter.Close()
+	if err != nil {
+		return nil, err
+	}
+	return []byte(fmt.Sprintf(
+		"%s\r\n\r\n%s\r\n",
+		strings.Join(headers, "\r\n"),
+		bodyBuf.String(),
+	)), nil
+}
+
+// Connect opens a connection to the specified mail server. It must be called
+// before SendMail.
+func (m *MailerImpl) Connect() error {
+	hostport := net.JoinHostPort(m.server, m.port)
+	var conn net.Conn
+	var err error
+	// By convention, port 465 is TLS-wrapped SMTP, while 587 is plaintext SMTP
+	// (with STARTTLS as best-effort).
+	if m.port == "465" {
+		conn, err = tls.Dial("tcp", hostport, nil)
+	} else {
+		conn, err = net.Dial("tcp", hostport)
+	}
+	if err != nil {
+		return err
+	}
+	client, err := smtp.NewClient(conn, m.server)
+	if err != nil {
+		return err
+	}
+	if err = client.Auth(m.auth); err != nil {
+		return err
+	}
+	m.client = client
+	return nil
+}
+
 // SendMail sends an email to the provided list of recipients. The email body
 // is simple text.
-func (m *MailerImpl) SendMail(to []string, msg string) (err error) {
+func (m *MailerImpl) SendMail(to []string, subject, msg string) error {
-	err = smtp.SendMail(net.JoinHostPort(m.Server, m.Port), m.Auth, m.From, to, []byte(msg))
+	if m.client == nil {
-	return
+		return errors.New("call Connect before SendMail")
+	}
+	body, err := m.generateMessage(to, subject, msg)
+	if err != nil {
+		return err
+	}
+	if m.client.Mail(m.from); err != nil {
+		return err
+	}
+	for _, t := range to {
+		if m.client.Rcpt(t); err != nil {
+			return err
+		}
+	}
+	w, err := m.client.Data()
+	if err != nil {
+		return err
+	}
+
+	_, err = w.Write(body)
+	if err != nil {
+		return err
+	}
+
+	err = w.Close()
+	if err != nil {
+		return err
+	}
+	return nil
 }

mail/mailer_test.go

@@ -4,3 +4,104 @@
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 package mail
+
+import (
+	"bufio"
+	"errors"
+	"fmt"
+	"math/big"
+	"net"
+	"strings"
+	"testing"
+
+	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
+
+	"github.com/letsencrypt/boulder/test"
+)
+
+type fakeSource struct{}
+
+func (f fakeSource) generate() *big.Int {
+	return big.NewInt(1991)
+}
+
+func TestGenerateMessage(t *testing.T) {
+	fc := clock.NewFake()
+	m := New("", "", "", "", "send@email.com")
+	m.clk = fc
+	m.csprgSource = fakeSource{}
+	messageBytes, err := m.generateMessage([]string{"recv@email.com"}, "test subject", "this is the body\n")
+	test.AssertNotError(t, err, "Failed to generate email body")
+	message := string(messageBytes)
+	fields := strings.Split(message, "\r\n")
+	test.AssertEquals(t, len(fields), 12)
+	fmt.Println(message)
+	test.AssertEquals(t, fields[0], "To: \"recv@email.com\"")
+	test.AssertEquals(t, fields[1], "From: send@email.com")
+	test.AssertEquals(t, fields[2], "Subject: test subject")
+	test.AssertEquals(t, fields[3], "Date: 01 Jan 70 00:00 UTC")
+	test.AssertEquals(t, fields[4], "Message-Id: <19700101T000000.1991.send@email.com>")
+	test.AssertEquals(t, fields[5], "MIME-Version: 1.0")
+	test.AssertEquals(t, fields[6], "Content-Type: text/plain; charset=UTF-8")
+	test.AssertEquals(t, fields[7], "Content-Transfer-Encoding: quoted-printable")
+	test.AssertEquals(t, fields[8], "")
+	test.AssertEquals(t, fields[9], "this is the body")
+}
+
+func TestFailNonASCIIAddress(t *testing.T) {
+	m := New("", "", "", "", "send@email.com")
+	_, err := m.generateMessage([]string{"遗憾@email.com"}, "test subject", "this is the body\n")
+	test.AssertError(t, err, "Allowed a non-ASCII to address incorrectly")
+}
+
+func expect(t *testing.T, buf *bufio.Reader, expected string) error {
+	line, _, err := buf.ReadLine()
+	if err != nil {
+		t.Errorf("readline: %s\n", err)
+		return err
+	}
+	if string(line) != expected {
+		t.Errorf("Expected %s, got %s", expected, line)
+		return errors.New("")
+	}
+	return nil
+}
+
+func TestConnect(t *testing.T) {
+	port := "16632"
+	l, err := net.Listen("tcp", ":"+port)
+	if err != nil {
+		t.Errorf("listen: %s", err)
+	}
+	go func() {
+		defer l.Close()
+		for {
+			conn, err := l.Accept()
+			if err != nil {
+				return
+			}
+			go func() {
+				defer conn.Close()
+				buf := bufio.NewReader(conn)
+				conn.Write([]byte("220 smtp.example.com ESMTP\n"))
+				if err := expect(t, buf, "EHLO localhost"); err != nil {
+					return
+				}
+
+				conn.Write([]byte("250-PIPELINING\n"))
+				conn.Write([]byte("250-AUTH PLAIN LOGIN\n"))
+				conn.Write([]byte("250 8BITMIME\n"))
+				// Base64 encoding of "user@example.com\0paswd"
+				if err := expect(t, buf, "AUTH PLAIN AHVzZXJAZXhhbXBsZS5jb20AcGFzd2Q="); err != nil {
+					return
+				}
+				conn.Write([]byte("235 2.7.0 Authentication successful\n"))
+			}()
+		}
+	}()
+	m := New("localhost", port, "user@example.com", "paswd", "send@email.com")
+	err = m.Connect()
+	if err != nil {
+		t.Errorf("Failed to connect: %s", err)
+	}
+}

mocks/mocks.go

@@ -12,8 +12,6 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net"
-	"os"
-	"strings"
 	"time"
 
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/cactus/go-statsd-client/statsd"
@@ -23,117 +21,9 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/cloudflare/cfssl/signer"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
-	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/miekg/dns"
-	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
-
 	"github.com/letsencrypt/boulder/core"
 )
 
-// DNSResolver is a mock
-type DNSResolver struct {
-}
-
-// LookupTXT is a mock
-func (mock *DNSResolver) LookupTXT(ctx context.Context, hostname string) ([]string, error) {
-	if hostname == "_acme-challenge.servfail.com" {
-		return nil, fmt.Errorf("SERVFAIL")
-	}
-	if hostname == "_acme-challenge.good-dns01.com" {
-		// base64(sha256("LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowyjxAjEuX0"
-		//               + "." + "9jg46WB3rR_AHD-EBXdN7cBkH1WOu0tA3M9fm21mqTI"))
-		// expected token + test account jwk thumbprint
-		return []string{"LPsIwTo7o8BoG0-vjCyGQGBWSVIPxI-i_X336eUOQZo"}, nil
-	}
-	return []string{"hostname"}, nil
-}
-
-// TimeoutError returns a net.OpError for which Timeout() returns true.
-func TimeoutError() *net.OpError {
-	return &net.OpError{
-		Err: os.NewSyscallError("ugh timeout", timeoutError{}),
-	}
-}
-
-type timeoutError struct{}
-
-func (t timeoutError) Error() string {
-	return "so sloooow"
-}
-func (t timeoutError) Timeout() bool {
-	return true
-}
-
-// LookupHost is a mock
-//
-// Note: see comments on LookupMX regarding email.only
-//
-func (mock *DNSResolver) LookupHost(ctx context.Context, hostname string) ([]net.IP, error) {
-	if hostname == "always.invalid" ||
-		hostname == "invalid.invalid" ||
-		hostname == "email.only" {
-		return []net.IP{}, nil
-	}
-	if hostname == "always.timeout" {
-		return []net.IP{}, TimeoutError()
-	}
-	if hostname == "always.error" {
-		return []net.IP{}, &net.OpError{
-			Err: errors.New("some net error"),
-		}
-	}
-	ip := net.ParseIP("127.0.0.1")
-	return []net.IP{ip}, nil
-}
-
-// LookupCAA is a mock
-func (mock *DNSResolver) LookupCAA(ctx context.Context, domain string) ([]*dns.CAA, error) {
-	var results []*dns.CAA
-	var record dns.CAA
-	switch strings.TrimRight(domain, ".") {
-	case "caa-timeout.com":
-		return nil, TimeoutError()
-	case "reserved.com":
-		record.Tag = "issue"
-		record.Value = "symantec.com"
-		results = append(results, &record)
-	case "critical.com":
-		record.Flag = 1
-		record.Tag = "issue"
-		record.Value = "symantec.com"
-		results = append(results, &record)
-	case "present.com":
-		record.Tag = "issue"
-		record.Value = "letsencrypt.org"
-		results = append(results, &record)
-	case "com":
-		// Nothing should ever call this, since CAA checking should stop when it
-		// reaches a public suffix.
-		fallthrough
-	case "servfail.com":
-		return results, fmt.Errorf("SERVFAIL")
-	}
-	return results, nil
-}
-
-// LookupMX is a mock
-//
-// Note: the email.only domain must have an MX but no A or AAAA
-// records. The mock LookupHost returns an address of 127.0.0.1 for
-// all domains except for special cases, so MX-only domains must be
-// handled in both LookupHost and LookupMX.
-//
-func (mock *DNSResolver) LookupMX(ctx context.Context, domain string) ([]string, error) {
-	switch strings.TrimRight(domain, ".") {
-	case "letsencrypt.org":
-		fallthrough
-	case "email.only":
-		fallthrough
-	case "email.com":
-		return []string{"mail.email.com"}, nil
-	}
-	return nil, nil
-}
-
 // StorageAuthority is a mock
 type StorageAuthority struct {
 	clk               clock.Clock
@@ -158,6 +48,20 @@ const (
 		"n":"qnARLrT7Xz4gRcKyLdydmCr-ey9OuPImX4X40thk3on26FkMznR3fRjs66eLK7mmPcBZ6uOJseURU6wAaZNmemoYx1dMvqvWWIyiQleHSD7Q8vBrhR6uIoO4jAzJZR-ChzZuSDt7iHN-3xUVspu5XGwXU_MVJZshTwp4TaFx5elHIT_ObnTvTOU3Xhish07AbgZKmWsVbXh5s-CrIicU4OexJPgunWZ_YJJueOKmTvnLlTV4MzKR2oZlBKZ27S0-SfdV_QDx_ydle5oMAyKVtlAV35cyPMIsYNwgUGBCdY_2Uzi5eX0lTc7MPRwz6qR1kip-i59VcGcUQgqHV6Fyqw",
 		"e":"AAEAAQ"
 	}`
+
+	testE1KeyPublicJSON = `{
+     "kty":"EC",
+     "crv":"P-256",
+     "x":"FwvSZpu06i3frSk_mz9HcD9nETn4wf3mQ-zDtG21Gao",
+     "y":"S8rR-0dWa8nAcw1fbunF_ajS3PQZ-QwLps-2adgLgPk"
+   }`
+	testE2KeyPublicJSON = `{
+     "kty":"EC",
+     "crv":"P-256",
+     "x":"S8FOmrZ3ywj4yyFqt0etAD90U-EnkNaOBSLfQmf7pNg",
+     "y":"vMvpDyqFDRHjGfZ1siDOm5LS6xNdR5xTpyoQGLDOX2Q"
+   }`
+
 	agreementURL = "http://example.invalid/terms"
 )
 
@@ -189,8 +93,12 @@ func (sa *StorageAuthority) GetRegistration(id int64) (core.Registration, error)
 func (sa *StorageAuthority) GetRegistrationByKey(jwk jose.JsonWebKey) (core.Registration, error) {
 	var test1KeyPublic jose.JsonWebKey
 	var test2KeyPublic jose.JsonWebKey
+	var testE1KeyPublic jose.JsonWebKey
+	var testE2KeyPublic jose.JsonWebKey
 	test1KeyPublic.UnmarshalJSON([]byte(test1KeyPublicJSON))
 	test2KeyPublic.UnmarshalJSON([]byte(test2KeyPublicJSON))
+	testE1KeyPublic.UnmarshalJSON([]byte(testE1KeyPublicJSON))
+	testE2KeyPublic.UnmarshalJSON([]byte(testE2KeyPublicJSON))
 
 	if core.KeyDigestEquals(jwk, test1KeyPublic) {
 		return core.Registration{ID: 1, Key: jwk, Agreement: agreementURL}, nil
@@ -201,6 +109,14 @@ func (sa *StorageAuthority) GetRegistrationByKey(jwk jose.JsonWebKey) (core.Regi
 		return core.Registration{ID: 2}, core.NoSuchRegistrationError("reg not found")
 	}
 
+	if core.KeyDigestEquals(jwk, testE1KeyPublic) {
+		return core.Registration{ID: 3, Key: jwk, Agreement: agreementURL}, nil
+	}
+
+	if core.KeyDigestEquals(jwk, testE2KeyPublic) {
+		return core.Registration{ID: 4}, core.NoSuchRegistrationError("reg not found")
+	}
+
 	// Return a fake registration. Make sure to fill the key field to avoid marshaling errors.
 	return core.Registration{ID: 1, Key: test1KeyPublic, Agreement: agreementURL}, nil
 }
@@ -439,3 +355,21 @@ func (s *Statter) Inc(metric string, value int64, rate float32) error {
 func NewStatter() Statter {
 	return Statter{statsd.NoopClient{}, map[string]int64{}}
 }
+
+// Mailer is a mock
+type Mailer struct {
+	Messages []string
+}
+
+// Clear removes any previously recorded messages
+func (m *Mailer) Clear() {
+	m.Messages = []string{}
+}
+
+// SendMail is a mock
+func (m *Mailer) SendMail(to []string, subject, msg string) (err error) {
+	for range to {
+		m.Messages = append(m.Messages, msg)
+	}
+	return
+}

ra/registration-authority.go

@@ -21,6 +21,7 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/net/publicsuffix"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
+	"github.com/letsencrypt/boulder/metrics"
 	"github.com/letsencrypt/boulder/probs"
 
 	"github.com/letsencrypt/boulder/bdns"
@@ -54,6 +55,7 @@ type RegistrationAuthorityImpl struct {
 	clk         clock.Clock
 	log         *blog.AuditLogger
 	dc          *DomainCheck
+	keyPolicy   core.KeyPolicy
 	// How long before a newly created authorization expires.
 	authorizationLifetime        time.Duration
 	pendingAuthorizationLifetime time.Duration
@@ -62,10 +64,17 @@ type RegistrationAuthorityImpl struct {
 	totalIssuedCache             int
 	lastIssuedCount              *time.Time
 	maxContactsPerReg            int
+
+	regByIPStats         metrics.Scope
+	pendAuthByRegIDStats metrics.Scope
+	certsForDomainStats  metrics.Scope
+	totalCertsStats      metrics.Scope
 }
 
 // NewRegistrationAuthorityImpl constructs a new RA object.
-func NewRegistrationAuthorityImpl(clk clock.Clock, logger *blog.AuditLogger, stats statsd.Statter, dc *DomainCheck, policies cmd.RateLimitConfig, maxContactsPerReg int) *RegistrationAuthorityImpl {
+func NewRegistrationAuthorityImpl(clk clock.Clock, logger *blog.AuditLogger, stats statsd.Statter, dc *DomainCheck, policies cmd.RateLimitConfig, maxContactsPerReg int, keyPolicy core.KeyPolicy) *RegistrationAuthorityImpl {
+	// TODO(jmhodges): making RA take a "RA" stats.Scope, not Statter
+	scope := metrics.NewStatsdScope(stats, "RA")
 	ra := &RegistrationAuthorityImpl{
 		stats: stats,
 		clk:   clk,
@@ -76,6 +85,12 @@ func NewRegistrationAuthorityImpl(clk clock.Clock, logger *blog.AuditLogger, sta
 		rlPolicies:                   policies,
 		tiMu:                         new(sync.RWMutex),
 		maxContactsPerReg:            maxContactsPerReg,
+		keyPolicy:                    keyPolicy,
+
+		regByIPStats:         scope.NewScope("RA", "RateLimit", "RegistrationsByIP"),
+		pendAuthByRegIDStats: scope.NewScope("RA", "RateLimit", "PendingAuthorizationsByRegID"),
+		certsForDomainStats:  scope.NewScope("RA", "RateLimit", "CertificatesForDomain"),
+		totalCertsStats:      scope.NewScope("RA", "RateLimit", "TotalCertificates"),
 	}
 	return ra
 }
@@ -98,10 +113,8 @@ func validateEmail(ctx context.Context, address string, resolver bdns.DNSResolve
 	var resultMX []string
 	var resultA []net.IP
 	resultMX, err = resolver.LookupMX(ctx, domain)
-	recQ := "MX"
 	if err == nil && len(resultMX) == 0 {
 		resultA, err = resolver.LookupHost(ctx, domain)
-		recQ = "A"
 		if err == nil && len(resultA) == 0 {
 			return &probs.ProblemDetails{
 				Type:   probs.InvalidEmailProblem,
@@ -110,7 +123,7 @@ func validateEmail(ctx context.Context, address string, resolver bdns.DNSResolve
 		}
 	}
 	if err != nil {
-		prob := bdns.ProblemDetailsFromDNSError(recQ, domain, err)
+		prob := bdns.ProblemDetailsFromDNSError(err)
 		prob.Type = probs.InvalidEmailProblem
 		return prob
 	}
@@ -186,15 +199,18 @@ func (ra *RegistrationAuthorityImpl) checkRegistrationLimit(ip net.IP) error {
 			return err
 		}
 		if count >= limit.GetThreshold(ip.String(), noRegistrationID) {
+			ra.regByIPStats.Inc("Exceeded", 1)
+			ra.log.Info(fmt.Sprintf("Rate limit exceeded, RegistrationsByIP, IP: %s", ip))
 			return core.RateLimitedError("Too many registrations from this IP")
 		}
+		ra.regByIPStats.Inc("Pass", 1)
 	}
 	return nil
 }
 
 // NewRegistration constructs a new Registration from a request.
 func (ra *RegistrationAuthorityImpl) NewRegistration(init core.Registration) (reg core.Registration, err error) {
-	if err = core.GoodKey(init.Key.Key); err != nil {
+	if err = ra.keyPolicy.GoodKey(init.Key.Key); err != nil {
 		return core.Registration{}, core.MalformedRequestError(fmt.Sprintf("Invalid public key: %s", err.Error()))
 	}
 	if err = ra.checkRegistrationLimit(init.InitialIP); err != nil {
@@ -260,9 +276,10 @@ func (ra *RegistrationAuthorityImpl) validateContacts(ctx context.Context, conta
 	return
 }
 
-func checkPendingAuthorizationLimit(sa core.StorageGetter, limit *cmd.RateLimitPolicy, regID int64) error {
+func (ra *RegistrationAuthorityImpl) checkPendingAuthorizationLimit(regID int64) error {
+	limit := ra.rlPolicies.PendingAuthorizationsPerAccount
 	if limit.Enabled() {
-		count, err := sa.CountPendingAuthorizations(regID)
+		count, err := ra.SA.CountPendingAuthorizations(regID)
 		if err != nil {
 			return err
 		}
@@ -270,8 +287,11 @@ func checkPendingAuthorizationLimit(sa core.StorageGetter, limit *cmd.RateLimitP
 		// here.
 		noKey := ""
 		if count >= limit.GetThreshold(noKey, regID) {
+			ra.pendAuthByRegIDStats.Inc("Exceeded", 1)
+			ra.log.Info(fmt.Sprintf("Rate limit exceeded, PendingAuthorizationsByRegID, regID: %d", regID))
 			return core.RateLimitedError("Too many currently pending authorizations.")
 		}
+		ra.pendAuthByRegIDStats.Inc("Pass", 1)
 	}
 	return nil
 }
@@ -293,8 +313,7 @@ func (ra *RegistrationAuthorityImpl) NewAuthorization(request core.Authorization
 		return authz, err
 	}
 
-	limit := &ra.rlPolicies.PendingAuthorizationsPerAccount
+	if err = ra.checkPendingAuthorizationLimit(regID); err != nil {
-	if err = checkPendingAuthorizationLimit(ra.SA, limit, regID); err != nil {
 		return authz, err
 	}
 
@@ -609,10 +628,15 @@ func (ra *RegistrationAuthorityImpl) checkCertificatesPerNameLimit(names []strin
 		}
 	}
 	if len(badNames) > 0 {
+		domains := strings.Join(badNames, ", ")
+		ra.certsForDomainStats.Inc("Exceeded", 1)
+		ra.log.Info(fmt.Sprintf("Rate limit exceeded, CertificatesForDomain, regID: %d, domains: %s", regID, domains))
 		return core.RateLimitedError(fmt.Sprintf(
-			"Too many certificates already issued for: %s",
+			"Too many certificates already issued for: %s", domains))
-			strings.Join(badNames, ", ")))
+
 	}
+	ra.certsForDomainStats.Inc("Pass", 1)
+
 	return nil
 }
 
@@ -624,8 +648,12 @@ func (ra *RegistrationAuthorityImpl) checkLimits(names []string, regID int64) er
 			return err
 		}
 		if totalIssued >= ra.rlPolicies.TotalCertificates.Threshold {
+			domains := strings.Join(names, ",")
+			ra.totalCertsStats.Inc("Exceeded", 1)
+			ra.log.Info(fmt.Sprintf("Rate limit exceeded, TotalCertificates, regID: %d, domains: %s, totalIssued: %d", regID, domains, totalIssued))
 			return core.RateLimitedError("Certificate issuance limit reached")
 		}
+		ra.totalCertsStats.Inc("Pass", 1)
 	}
 	if limits.CertificatesPerName.Enabled() {
 		err := ra.checkCertificatesPerNameLimit(names, limits.CertificatesPerName, regID)

ra/registration-authority_test.go

@@ -23,6 +23,7 @@ import (
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/jmhodges/clock"
 	jose "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/letsencrypt/go-jose"
 	"github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/net/context"
+	"github.com/letsencrypt/boulder/bdns"
 	"github.com/letsencrypt/boulder/ca"
 	"github.com/letsencrypt/boulder/cmd"
 	"github.com/letsencrypt/boulder/core"
@@ -146,6 +147,12 @@ func makeResponse(ch core.Challenge) (out core.Challenge, err error) {
 	return
 }
 
+var testKeyPolicy = core.KeyPolicy{
+	AllowRSA:           true,
+	AllowECDSANISTP256: true,
+	AllowECDSANISTP384: true,
+}
+
 func initAuthorities(t *testing.T) (*DummyValidationAuthority, *sa.SQLStorageAuthority, *RegistrationAuthorityImpl, clock.FakeClock, func()) {
 	err := json.Unmarshal(AccountKeyJSONA, &AccountKeyA)
 	test.AssertNotError(t, err, "Failed to unmarshal public JWK")
@@ -215,7 +222,8 @@ func initAuthorities(t *testing.T) (*DummyValidationAuthority, *sa.SQLStorageAut
 		fc,
 		stats,
 		caCert,
-		caKey)
+		caKey,
+		testKeyPolicy)
 	test.AssertNotError(t, err, "Couldn't create CA")
 	ca.SA = ssa
 	ca.PA = pa
@@ -242,12 +250,12 @@ func initAuthorities(t *testing.T) (*DummyValidationAuthority, *sa.SQLStorageAut
 				Threshold: 100,
 				Window:    cmd.ConfigDuration{Duration: 24 * 90 * time.Hour},
 			},
-		}, 1)
+		}, 1, testKeyPolicy)
 	ra.SA = ssa
 	ra.VA = va
 	ra.CA = ca
 	ra.PA = pa
-	ra.DNSResolver = &mocks.DNSResolver{}
+	ra.DNSResolver = &bdns.MockDNSResolver{}
 
 	AuthzInitial.RegistrationID = Registration.ID
 
@@ -318,8 +326,8 @@ func TestValidateEmail(t *testing.T) {
 	}{
 		{"an email`", unparseableEmailDetail},
 		{"a@always.invalid", emptyDNSResponseDetail},
-		{"a@always.timeout", "DNS query timed out during A-record lookup of always.timeout"},
+		{"a@always.timeout", "DNS problem: query timed out looking up A for always.timeout"},
-		{"a@always.error", "DNS networking error during A-record lookup of always.error"},
+		{"a@always.error", "DNS problem: networking error looking up A for always.error"},
 	}
 	testSuccesses := []string{
 		"a@email.com",
@@ -327,7 +335,7 @@ func TestValidateEmail(t *testing.T) {
 	}
 
 	for _, tc := range testFailures {
-		problem := validateEmail(context.Background(), tc.input, &mocks.DNSResolver{})
+		problem := validateEmail(context.Background(), tc.input, &bdns.MockDNSResolver{})
 		if problem.Type != probs.InvalidEmailProblem {
 			t.Errorf("validateEmail(%q): got problem type %#v, expected %#v", tc.input, problem.Type, probs.InvalidEmailProblem)
 		}
@@ -338,7 +346,7 @@ func TestValidateEmail(t *testing.T) {
 	}
 
 	for _, addr := range testSuccesses {
-		if prob := validateEmail(context.Background(), addr, &mocks.DNSResolver{}); prob != nil {
+		if prob := validateEmail(context.Background(), addr, &bdns.MockDNSResolver{}); prob != nil {
 			t.Errorf("validateEmail(%q): expected success, but it failed: %s",
 				addr, prob)
 		}

rpc/rpc-wrappers.go

@@ -42,7 +42,6 @@ const (
 	MethodNewCertificate                    = "NewCertificate"                    // RA
 	MethodUpdateRegistration                = "UpdateRegistration"                // RA, SA
 	MethodUpdateAuthorization               = "UpdateAuthorization"               // RA
-	MethodRevokeCertificate                 = "RevokeCertificate"                 // CA
 	MethodRevokeCertificateWithReg          = "RevokeCertificateWithReg"          // RA
 	MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA
 	MethodOnValidationUpdate                = "OnValidationUpdate"                // RA
@@ -705,19 +704,6 @@ func NewCertificateAuthorityServer(rpc Server, impl core.CertificateAuthority) (
 		return
 	})
 
-	rpc.Handle(MethodRevokeCertificate, func(req []byte) (response []byte, err error) {
-		var revokeReq revokeCertificateRequest
-		err = json.Unmarshal(req, &revokeReq)
-		if err != nil {
-			// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
-			errorCondition(MethodRevokeCertificate, err, req)
-			return
-		}
-
-		err = impl.RevokeCertificate(revokeReq.Serial, revokeReq.ReasonCode)
-		return
-	})
-
 	rpc.Handle(MethodGenerateOCSP, func(req []byte) (response []byte, err error) {
 		var xferObj core.OCSPSigningRequest
 		err = json.Unmarshal(req, &xferObj)
@@ -768,23 +754,6 @@ func (cac CertificateAuthorityClient) IssueCertificate(csr x509.CertificateReque
 	return
 }
 
-// RevokeCertificate sends a request to revoke a certificate
-func (cac CertificateAuthorityClient) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error) {
-	var revokeReq revokeCertificateRequest
-	revokeReq.Serial = serial
-	revokeReq.ReasonCode = reasonCode
-
-	data, err := json.Marshal(revokeReq)
-	if err != nil {
-		// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
-		errorCondition(MethodRevokeCertificate, err, revokeReq)
-		return
-	}
-
-	_, err = cac.rpc.DispatchSync(MethodRevokeCertificate, data)
-	return
-}
-
 // GenerateOCSP sends a request to generate an OCSP response
 func (cac CertificateAuthorityClient) GenerateOCSP(signRequest core.OCSPSigningRequest) (resp []byte, err error) {
 	data, err := json.Marshal(signRequest)

test/boulder-config.json

@@ -254,6 +254,7 @@
     "server": "mail.example.com",
     "port": "25",
     "username": "cert-master@example.com",
+    "from": "Expiry bot <test@example.com>",
     "password": "password",
     "dbConnectFile": "test/secrets/mailer_dburl",
     "messageLimit": 0,
@@ -306,5 +307,12 @@
     "dbConnectFile": "test/secrets/cert_checker_dburl"
   },
 
-  "subscriberAgreementURL": "http://127.0.0.1:4001/terms/v1"
+  "subscriberAgreementURL": "http://127.0.0.1:4001/terms/v1",
+
+  "allowedSigningAlgos": {
+    "rsa": true,
+    "ecdsanistp256": true,
+    "ecdsanistp384": true,
+    "ecdsanistp521": false
+  }
 }

test/ct-test-srv/main.go

@@ -9,20 +9,77 @@
 package main
 
 import (
+	"crypto/ecdsa"
+	"crypto/rand"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/asn1"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"log"
+	"math/big"
 	"net/http"
+	"os"
 	"sync/atomic"
+
+	ct "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/google/certificate-transparency/go"
 )
 
+func createSignedSCT(leaf []byte, k *ecdsa.PrivateKey) []byte {
+	rawKey, _ := x509.MarshalPKIXPublicKey(&k.PublicKey)
+	pkHash := sha256.Sum256(rawKey)
+	sct := ct.SignedCertificateTimestamp{
+		SCTVersion: ct.V1,
+		LogID:      pkHash,
+		Timestamp:  1337,
+	}
+	serialized, _ := ct.SerializeSCTSignatureInput(sct, ct.LogEntry{
+		Leaf: ct.MerkleTreeLeaf{
+			LeafType: ct.TimestampedEntryLeafType,
+			TimestampedEntry: ct.TimestampedEntry{
+				X509Entry: ct.ASN1Cert(leaf),
+				EntryType: ct.X509LogEntryType,
+			},
+		},
+	})
+	hashed := sha256.Sum256(serialized)
+	var ecdsaSig struct {
+		R, S *big.Int
+	}
+	ecdsaSig.R, ecdsaSig.S, _ = ecdsa.Sign(rand.Reader, k, hashed[:])
+	sig, _ := asn1.Marshal(ecdsaSig)
+
+	ds := ct.DigitallySigned{
+		HashAlgorithm:      ct.SHA256,
+		SignatureAlgorithm: ct.ECDSA,
+		Signature:          sig,
+	}
+
+	var jsonSCTObj struct {
+		SCTVersion ct.Version `json:"sct_version"`
+		ID         string     `json:"id"`
+		Timestamp  uint64     `json:"timestamp"`
+		Extensions string     `json:"extensions"`
+		Signature  string     `json:"signature"`
+	}
+	jsonSCTObj.SCTVersion = ct.V1
+	jsonSCTObj.ID = base64.StdEncoding.EncodeToString(pkHash[:])
+	jsonSCTObj.Timestamp = 1337
+	jsonSCTObj.Signature, _ = ds.Base64String()
+
+	jsonSCT, _ := json.Marshal(jsonSCTObj)
+	return jsonSCT
+}
+
 type ctSubmissionRequest struct {
 	Chain []string `json:"chain"`
 }
 
 type integrationSrv struct {
 	submissions int64
+	key         *ecdsa.PrivateKey
 }
 
 func (is *integrationSrv) handler(w http.ResponseWriter, r *http.Request) {
@@ -47,14 +104,16 @@ func (is *integrationSrv) handler(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
+		leaf, err := base64.StdEncoding.DecodeString(addChainReq.Chain[0])
+		if err != nil {
+			w.WriteHeader(400)
+			return
+		}
+
 		w.WriteHeader(http.StatusOK)
-		w.Write([]byte(`{
+		// id is a sha256 of a random EC key. Generate your own with:
-      "sct_version":0,
+		// openssl ecparam -name prime256v1 -genkey -outform der | openssl sha256 -binary | base64
-      "id":"KHYaGJAn++880NYaAY12sFBXKcenQRvMvfYE9F1CYVM=",
+		w.Write(createSignedSCT(leaf, is.key))
-      "timestamp":1337,
-      "extensions":"",
-      "signature":"BAMARjBEAiAka/W0eYq23Iaih2wB2CGrAqlo92KyQuuY6WWumi1eNwIgBirYV/wsJvmZfGP5NrNYoWGIx1VV6NaNBIaSXh9hiYA="
-    }`))
 		atomic.AddInt64(&is.submissions, 1)
 	case "/submissions":
 		if r.Method != "GET" {
@@ -72,7 +131,16 @@ func (is *integrationSrv) handler(w http.ResponseWriter, r *http.Request) {
 }
 
 func main() {
-	is := integrationSrv{}
+	signingKey := "MHcCAQEEIOCtGlGt/WT7471dOHdfBg43uJWJoZDkZAQjWfTitcVNoAoGCCqGSM49AwEHoUQDQgAEYggOxPnPkzKBIhTacSYoIfnSL2jPugcbUKx83vFMvk5gKAz/AGe87w20riuPwEGn229hKVbEKHFB61NIqNHC3Q=="
+	decodedKey, _ := base64.StdEncoding.DecodeString(signingKey)
+
+	key, err := x509.ParseECPrivateKey(decodedKey)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "failed to parse signing key: %s\n", err)
+		return
+	}
+
+	is := integrationSrv{key: key}
 	s := &http.Server{
 		Addr:    "localhost:4500",
 		Handler: http.HandlerFunc(is.handler),

test/dns-test-srv/main.go

@@ -134,6 +134,17 @@ func (ts *testSrv) dnsHandler(w dns.ResponseWriter, r *dns.Msg) {
 		}
 	}
 
+	auth := new(dns.SOA)
+	auth.Hdr = dns.RR_Header{Name: "boulder.invalid.", Rrtype: dns.TypeSOA, Class: dns.ClassINET, Ttl: 0}
+	auth.Ns = "ns.boulder.invalid."
+	auth.Mbox = "master.boulder.invalid."
+	auth.Serial = 1
+	auth.Refresh = 1
+	auth.Retry = 1
+	auth.Expire = 1
+	auth.Minttl = 1
+	m.Ns = append(m.Ns, auth)
+
 	w.WriteMsg(m)
 	return
 }

test/entrypoint.sh

@@ -12,10 +12,19 @@ while ! exec 6<>/dev/tcp/0.0.0.0/3306; do
     sleep 1
 done
 
+# make sure we can reach the rabbitmq
+while ! exec 6<>/dev/tcp/0.0.0.0/5672; do
+    echo "$(date) - still trying to connect to rabbitmq at 0.0.0.0:5672"
+    sleep 1
+done
+
 exec 6>&-
 exec 6<&-
 
 # create the database
 source $DIR/create_db.sh
 
+# Set up rabbitmq exchange and activity monitor queue
+go run cmd/rabbitmq-setup/main.go -server amqp://localhost
+
 $@

test/integration-test.py

@@ -201,12 +201,6 @@ def run_client_tests():
     if subprocess.Popen(cmd, shell=True, cwd=root, executable='/bin/bash').wait() != 0:
         die(ExitStatus.PythonFailure)
 
-def check_activity_monitor():
-    """Ensure that the activity monitor is running and received some messages."""
-    resp = urllib2.urlopen("http://localhost:8007/debug/vars")
-    debug_vars = json.loads(resp.read())
-    assert debug_vars['messages'] > 0, "Activity Monitor received zero messages."
-
 @atexit.register
 def cleanup():
     import shutil
@@ -271,8 +265,6 @@ def main():
     if args.run_all or args.run_letsencrypt:
         run_client_tests()
 
-    check_activity_monitor()
-
     if not startservers.check():
         die(ExitStatus.Error)
     exit_status = ExitStatus.OK

test/policy_db_users.sql

@@ -19,8 +19,8 @@
 -- and the CA and RA (for reads). So right now we have the one user that has
 -- both read and write permission, even though it would be better to give only
 -- read permission to CA and RA.
-GRANT SELECT,INSERT,DELETE ON blacklist TO 'policy'@'127.0.0.1';
+GRANT SELECT,INSERT,DELETE ON blacklist TO 'policy'@'localhost';
-GRANT SELECT,INSERT,DELETE ON whitelist TO 'policy'@'127.0.0.1';
+GRANT SELECT,INSERT,DELETE ON whitelist TO 'policy'@'localhost';
 
 -- Test setup and teardown
-GRANT ALL PRIVILEGES ON * to 'test_setup'@'127.0.0.1';
+GRANT ALL PRIVILEGES ON * to 'test_setup'@'localhost';

test/rate-limit-policies.yml

@@ -13,6 +13,8 @@ certificatesPerName:
     le2.wtf: 10000
     le3.wtf: 10000
     nginx.wtf: 10000
+    good-caa-reserved.com: 10000
+    bad-caa-reserved.com: 10000
   registrationOverrides:
     101: 1000
 registrationsPerIP:

test/sa_db_users.sql

@@ -15,43 +15,43 @@
 -- the user exists and then drop the user.
 
 -- Storage Authority
-GRANT SELECT,INSERT,UPDATE ON authz TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE ON authz TO 'sa'@'localhost';
-GRANT SELECT,INSERT,UPDATE,DELETE ON pendingAuthorizations TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE,DELETE ON pendingAuthorizations TO 'sa'@'localhost';
-GRANT SELECT(id,Lockcol) ON pendingAuthorizations TO 'sa'@'127.0.0.1';
+GRANT SELECT(id,Lockcol) ON pendingAuthorizations TO 'sa'@'localhost';
-GRANT SELECT,INSERT ON certificates TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT ON certificates TO 'sa'@'localhost';
-GRANT SELECT,INSERT,UPDATE ON certificateStatus TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE ON certificateStatus TO 'sa'@'localhost';
-GRANT SELECT,INSERT ON issuedNames TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT ON issuedNames TO 'sa'@'localhost';
-GRANT SELECT,INSERT ON sctReceipts TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT ON sctReceipts TO 'sa'@'localhost';
-GRANT SELECT,INSERT ON deniedCSRs TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT ON deniedCSRs TO 'sa'@'localhost';
-GRANT INSERT ON ocspResponses TO 'sa'@'127.0.0.1';
+GRANT INSERT ON ocspResponses TO 'sa'@'localhost';
-GRANT SELECT,INSERT,UPDATE ON registrations TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE ON registrations TO 'sa'@'localhost';
-GRANT SELECT,INSERT,UPDATE ON challenges TO 'sa'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE ON challenges TO 'sa'@'localhost';
 
 -- OCSP Responder
-GRANT SELECT ON certificateStatus TO 'ocsp_resp'@'127.0.0.1';
+GRANT SELECT ON certificateStatus TO 'ocsp_resp'@'localhost';
-GRANT SELECT ON ocspResponses TO 'ocsp_resp'@'127.0.0.1';
+GRANT SELECT ON ocspResponses TO 'ocsp_resp'@'localhost';
 
 -- OCSP Generator Tool (Updater)
-GRANT INSERT ON ocspResponses TO 'ocsp_update'@'127.0.0.1';
+GRANT INSERT ON ocspResponses TO 'ocsp_update'@'localhost';
-GRANT SELECT ON certificates TO 'ocsp_update'@'127.0.0.1';
+GRANT SELECT ON certificates TO 'ocsp_update'@'localhost';
-GRANT SELECT,UPDATE ON certificateStatus TO 'ocsp_update'@'127.0.0.1';
+GRANT SELECT,UPDATE ON certificateStatus TO 'ocsp_update'@'localhost';
-GRANT SELECT ON sctReceipts TO 'ocsp_update'@'127.0.0.1';
+GRANT SELECT ON sctReceipts TO 'ocsp_update'@'localhost';
 
 -- Revoker Tool
-GRANT SELECT ON registrations TO 'revoker'@'127.0.0.1';
+GRANT SELECT ON registrations TO 'revoker'@'localhost';
-GRANT SELECT ON certificates TO 'revoker'@'127.0.0.1';
+GRANT SELECT ON certificates TO 'revoker'@'localhost';
-GRANT SELECT,INSERT ON deniedCSRs TO 'revoker'@'127.0.0.1';
+GRANT SELECT,INSERT ON deniedCSRs TO 'revoker'@'localhost';
 
 -- External Cert Importer
-GRANT SELECT,INSERT,UPDATE,DELETE ON identifierData TO 'importer'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE,DELETE ON identifierData TO 'importer'@'localhost';
-GRANT SELECT,INSERT,UPDATE,DELETE ON externalCerts TO 'importer'@'127.0.0.1';
+GRANT SELECT,INSERT,UPDATE,DELETE ON externalCerts TO 'importer'@'localhost';
 
 -- Expiration mailer
-GRANT SELECT ON certificates TO 'mailer'@'127.0.0.1';
+GRANT SELECT ON certificates TO 'mailer'@'localhost';
-GRANT SELECT,UPDATE ON certificateStatus TO 'mailer'@'127.0.0.1';
+GRANT SELECT,UPDATE ON certificateStatus TO 'mailer'@'localhost';
 
 -- Cert checker
-GRANT SELECT ON certificates TO 'cert_checker'@'127.0.0.1';
+GRANT SELECT ON certificates TO 'cert_checker'@'localhost';
 
 -- Test setup and teardown
-GRANT ALL PRIVILEGES ON * to 'test_setup'@'127.0.0.1';
+GRANT ALL PRIVILEGES ON * to 'test_setup'@'localhost';

test/secrets/mailer_dburl

@@ -0,0 +1 @@
+mysql+tcp://mailer@localhost:3306/boulder_sa_integration

test/startservers.py

@@ -63,7 +63,6 @@ def start(race_detection):
     t.daemon = True
     t.start()
     progs = [
-        'activity-monitor',
         'boulder-wfe',
         'boulder-ra',
         'boulder-sa',

va/validation-authority.go

@@ -94,7 +94,7 @@ func (va ValidationAuthorityImpl) getAddr(ctx context.Context, hostname string)
 	addrs, err := va.DNSResolver.LookupHost(ctx, hostname)
 	if err != nil {
 		va.log.Debug(fmt.Sprintf("%s DNS failure: %s", hostname, err))
-		problem := bdns.ProblemDetailsFromDNSError("A", hostname, err)
+		problem := bdns.ProblemDetailsFromDNSError(err)
 		return net.IP{}, nil, problem
 	}
 
@@ -431,18 +431,21 @@ func (va *ValidationAuthorityImpl) validateDNS01(ctx context.Context, identifier
 
 	// Look for the required record in the DNS
 	challengeSubdomain := fmt.Sprintf("%s.%s", core.DNSPrefix, identifier.Value)
-	txts, err := va.DNSResolver.LookupTXT(ctx, challengeSubdomain)
+	txts, authorities, err := va.DNSResolver.LookupTXT(ctx, challengeSubdomain)
 
 	if err != nil {
 		va.log.Debug(fmt.Sprintf("%s [%s] DNS failure: %s", challenge.Type, identifier, err))
 
-		return nil, bdns.ProblemDetailsFromDNSError("TXT", challengeSubdomain, err)
+		return nil, bdns.ProblemDetailsFromDNSError(err)
 	}
 
 	for _, element := range txts {
 		if subtle.ConstantTimeCompare([]byte(element), []byte(authorizedKeysDigest)) == 1 {
 			// Successful challenge validation
-			return nil, nil
+			return []core.ValidationRecord{{
+				Authorities: authorities,
+				Hostname:    identifier.Value,
+			}}, nil
 		}
 	}
 
@@ -457,7 +460,7 @@ func (va *ValidationAuthorityImpl) checkCAA(ctx context.Context, identifier core
 	present, valid, err := va.checkCAARecords(ctx, identifier)
 	if err != nil {
 		va.log.Warning(fmt.Sprintf("Problem checking CAA: %s", err))
-		return bdns.ProblemDetailsFromDNSError("CAA", identifier.Value, err)
+		return bdns.ProblemDetailsFromDNSError(err)
 	}
 	// AUDIT[ Certificate Requests ] 11917fa4-10ef-4e0d-9105-bacbe7836a3c
 	va.log.Audit(fmt.Sprintf("Checked CAA records for %s, registration ID %d [Present: %t, Valid for issuance: %t]", identifier.Value, regID, present, valid))

va/validation-authority_test.go

@@ -222,7 +222,7 @@ func TestHTTP(t *testing.T) {
 	}
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: badPort}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	_, prob := va.validateHTTP01(context.Background(), ident, chall)
 	if prob == nil {
@@ -231,7 +231,7 @@ func TestHTTP(t *testing.T) {
 	test.AssertEquals(t, prob.Type, probs.ConnectionProblem)
 
 	va = NewValidationAuthorityImpl(&PortConfig{HTTPPort: goodPort}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	log.Clear()
 	t.Logf("Trying to validate: %+v\n", chall)
@@ -315,7 +315,7 @@ func TestHTTPRedirectLookup(t *testing.T) {
 	test.AssertNotError(t, err, "failed to get test server port")
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	log.Clear()
 	setChallengeToken(&chall, pathMoved)
@@ -373,7 +373,7 @@ func TestHTTPRedirectLoop(t *testing.T) {
 	test.AssertNotError(t, err, "failed to get test server port")
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	log.Clear()
 	_, prob := va.validateHTTP01(context.Background(), ident, chall)
@@ -393,7 +393,7 @@ func TestHTTPRedirectUserAgent(t *testing.T) {
 	test.AssertNotError(t, err, "failed to get test server port")
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	va.UserAgent = rejectUserAgent
 
 	setChallengeToken(&chall, pathMoved)
@@ -435,7 +435,7 @@ func TestTLSSNI(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{TLSPort: port}, nil, stats, clock.Default())
 
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	log.Clear()
 	_, prob := va.validateTLSSNI01(context.Background(), ident, chall)
@@ -507,7 +507,7 @@ func TestTLSError(t *testing.T) {
 	test.AssertNotError(t, err, "failed to get test server port")
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{TLSPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 
 	_, prob := va.validateTLSSNI01(context.Background(), ident, chall)
 	if prob == nil {
@@ -526,7 +526,7 @@ func TestValidateHTTP(t *testing.T) {
 	test.AssertNotError(t, err, "failed to get test server port")
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{HTTPPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -583,7 +583,7 @@ func TestValidateTLSSNI01(t *testing.T) {
 
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{TLSPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -601,7 +601,7 @@ func TestValidateTLSSNI01(t *testing.T) {
 func TestValidateTLSSNINotSane(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default()) // no calls made
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -623,7 +623,7 @@ func TestValidateTLSSNINotSane(t *testing.T) {
 func TestUpdateValidations(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -650,13 +650,13 @@ func TestUpdateValidations(t *testing.T) {
 func TestCAATimeout(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	va.IssuerDomain = "letsencrypt.org"
 	err := va.checkCAA(context.Background(), core.AcmeIdentifier{Type: core.IdentifierDNS, Value: "caa-timeout.com"}, 101)
 	if err.Type != probs.ConnectionProblem {
 		t.Errorf("Expected timeout error type %s, got %s", probs.ConnectionProblem, err.Type)
 	}
-	expected := "DNS query timed out during CAA-record lookup of caa-timeout.com"
+	expected := "DNS problem: query timed out looking up CAA for always.timeout"
 	if err.Detail != expected {
 		t.Errorf("checkCAA: got %#v, expected %#v", err.Detail, expected)
 	}
@@ -683,7 +683,7 @@ func TestCAAChecking(t *testing.T) {
 
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	va.IssuerDomain = "letsencrypt.org"
 	for _, caaTest := range tests {
 		present, valid, err := va.CheckCAARecords(core.AcmeIdentifier{Type: "dns", Value: caaTest.Domain})
@@ -713,7 +713,7 @@ func TestCAAChecking(t *testing.T) {
 func TestDNSValidationFailure(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -750,7 +750,7 @@ func TestDNSValidationInvalid(t *testing.T) {
 
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -764,7 +764,7 @@ func TestDNSValidationInvalid(t *testing.T) {
 func TestDNSValidationNotSane(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -791,7 +791,7 @@ func TestDNSValidationNotSane(t *testing.T) {
 func TestDNSValidationServFail(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -840,7 +840,7 @@ func TestDNSValidationNoServer(t *testing.T) {
 func TestDNSValidationOK(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -874,7 +874,7 @@ func TestDNSValidationOK(t *testing.T) {
 func TestDNSValidationLive(t *testing.T) {
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 
@@ -933,7 +933,7 @@ func TestCAAFailure(t *testing.T) {
 
 	stats, _ := statsd.NewNoopClient()
 	va := NewValidationAuthorityImpl(&PortConfig{TLSPort: port}, nil, stats, clock.Default())
-	va.DNSResolver = &mocks.DNSResolver{}
+	va.DNSResolver = &bdns.MockDNSResolver{}
 	mockRA := &MockRegistrationAuthority{}
 	va.RA = mockRA
 

wfe/jose.go

@@ -1,6 +1,7 @@
 package wfe
 
 import (
+	"crypto/ecdsa"
 	"crypto/rsa"
 	"fmt"
 
@@ -9,10 +10,18 @@ import (
 )
 
 func algorithmForKey(key *jose.JsonWebKey) (string, error) {
-	// TODO(https://github.com/letsencrypt/boulder/issues/792): Support EC.
+	switch k := key.Key.(type) {
-	switch key.Key.(type) {
 	case *rsa.PublicKey:
 		return string(jose.RS256), nil
+	case *ecdsa.PublicKey:
+		switch k.Params().Name {
+		case "P-256":
+			return string(jose.ES256), nil
+		case "P-384":
+			return string(jose.ES384), nil
+		case "P-521":
+			return string(jose.ES512), nil
+		}
 	}
 	return "", core.SignatureValidationError("no signature algorithms suitable for given key type")
 }

wfe/jose_test.go

@@ -2,6 +2,7 @@ package wfe
 
 import (
 	"crypto/ecdsa"
+	"crypto/elliptic"
 	"crypto/rsa"
 	"testing"
 
@@ -64,15 +65,6 @@ func TestCheckAlgorithm(t *testing.T) {
 		expectedErr  string
 		expectedStat string
 	}{
-		{
-			jose.JsonWebKey{
-				Algorithm: "ES256",
-				Key:       &ecdsa.PublicKey{},
-			},
-			jose.JsonWebSignature{},
-			"no signature algorithms suitable for given key type",
-			"WFE.Errors.NoAlgorithmForKey",
-		},
 		{
 			jose.JsonWebKey{
 				Algorithm: "HS256",
@@ -173,4 +165,39 @@ func TestCheckAlgorithmSuccess(t *testing.T) {
 	if err != nil {
 		t.Errorf("RS256 key: Expected nil error, got '%s'", err)
 	}
+
+	_, err = checkAlgorithm(&jose.JsonWebKey{
+		Algorithm: "ES256",
+		Key: &ecdsa.PublicKey{
+			Curve: elliptic.P256(),
+		},
+	}, &jose.JsonWebSignature{
+		Signatures: []jose.Signature{
+			jose.Signature{
+				Header: jose.JoseHeader{
+					Algorithm: "ES256",
+				},
+			},
+		},
+	})
+	if err != nil {
+		t.Errorf("ES256 key: Expected nil error, got '%s'", err)
+	}
+
+	_, err = checkAlgorithm(&jose.JsonWebKey{
+		Key: &ecdsa.PublicKey{
+			Curve: elliptic.P256(),
+		},
+	}, &jose.JsonWebSignature{
+		Signatures: []jose.Signature{
+			jose.Signature{
+				Header: jose.JoseHeader{
+					Algorithm: "ES256",
+				},
+			},
+		},
+	})
+	if err != nil {
+		t.Errorf("ES256 key: Expected nil error, got '%s'", err)
+	}
 }

wfe/web-front-end.go

@@ -75,6 +75,9 @@ type WebFrontEndImpl struct {
 	// Register of anti-replay nonces
 	nonceService *core.NonceService
 
+	// Key policy.
+	keyPolicy core.KeyPolicy
+
 	// Cache settings
 	CertCacheDuration           time.Duration
 	CertNoCacheExpirationWindow time.Duration
@@ -90,7 +93,7 @@ type WebFrontEndImpl struct {
 }
 
 // NewWebFrontEndImpl constructs a web service for Boulder
-func NewWebFrontEndImpl(stats statsd.Statter, clk clock.Clock) (WebFrontEndImpl, error) {
+func NewWebFrontEndImpl(stats statsd.Statter, clk clock.Clock, keyPolicy core.KeyPolicy) (WebFrontEndImpl, error) {
 	logger := blog.GetAuditLogger()
 	logger.Notice("Web Front End Starting")
 
@@ -104,6 +107,7 @@ func NewWebFrontEndImpl(stats statsd.Statter, clk clock.Clock) (WebFrontEndImpl,
 		clk:          clk,
 		nonceService: nonceService,
 		stats:        stats,
+		keyPolicy:    keyPolicy,
 	}, nil
 }
 
@@ -147,7 +151,7 @@ func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h wfe
 
 			switch request.Method {
 			case "HEAD":
-				// Go's net/http (and httptest) servers will strip our the body
+				// Go's net/http (and httptest) servers will strip out the body
 				// of responses for us. This keeps the Content-Length for HEAD
 				// requests as the same as GET requests per the spec.
 			case "OPTIONS":
@@ -355,7 +359,7 @@ func (wfe *WebFrontEndImpl) verifyPOST(logEvent *requestEvent, request *http.Req
 		// When looking up keys from the registrations DB, we can be confident they
 		// are "good". But when we are verifying against any submitted key, we want
 		// to check its quality before doing the verify.
-		if err = core.GoodKey(submittedKey.Key); err != nil {
+		if err = wfe.keyPolicy.GoodKey(submittedKey.Key); err != nil {
 			wfe.stats.Inc("WFE.Errors.JWKRejectedByGoodKey", 1, 1.0)
 			logEvent.AddError("JWK in request was rejected by GoodKey: %s", err)
 			return nil, nil, reg, probs.Malformed(err.Error())
@@ -719,7 +723,7 @@ func (wfe *WebFrontEndImpl) NewCertificate(logEvent *requestEvent, response http
 	// bytes on the wire, and (b) the CA logs all rejections as audit events, but
 	// a bad key from the client is just a malformed request and doesn't need to
 	// be audited.
-	if err := core.GoodKey(certificateRequest.CSR.PublicKey); err != nil {
+	if err := wfe.keyPolicy.GoodKey(certificateRequest.CSR.PublicKey); err != nil {
 		logEvent.AddError("CSR public key failed GoodKey: %s", err)
 		wfe.sendError(response, logEvent, probs.Malformed("Invalid key in certificate request :: %s", err), err)
 		return

wfe/web-front-end_test.go

@@ -7,6 +7,7 @@ package wfe
 
 import (
 	"bytes"
+	"crypto/ecdsa"
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/json"
@@ -111,6 +112,32 @@ TkLlEeVOuQfxTadw05gzKX0jKkMC4igGxvEeilYc6NR6a4nvRulG84Q8VV9Sy9Ie
 wk6Oiadty3eQqSBJv0HnpmiEdQVffIK5Pg4M8Dd+aOBnEkbopAJOuA==
 -----END RSA PRIVATE KEY-----
 `
+	testE1KeyPublicJSON = `{
+    "kty":"EC",
+    "crv":"P-256",
+    "x":"FwvSZpu06i3frSk_mz9HcD9nETn4wf3mQ-zDtG21Gao",
+    "y":"S8rR-0dWa8nAcw1fbunF_ajS3PQZ-QwLps-2adgLgPk"
+  }`
+	testE1KeyPrivatePEM = `
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIH+p32RUnqT/iICBEGKrLIWFcyButv0S0lU/BLPOyHn2oAoGCCqGSM49
+AwEHoUQDQgAEFwvSZpu06i3frSk/mz9HcD9nETn4wf3mQ+zDtG21GapLytH7R1Zr
+ycBzDV9u6cX9qNLc9Bn5DAumz7Zp2AuA+Q==
+-----END EC PRIVATE KEY-----
+`
+
+	testE2KeyPublicJSON = `{
+    "kty":"EC",
+    "crv":"P-256",
+    "x":"S8FOmrZ3ywj4yyFqt0etAD90U-EnkNaOBSLfQmf7pNg",
+    "y":"vMvpDyqFDRHjGfZ1siDOm5LS6xNdR5xTpyoQGLDOX2Q"
+  }`
+	testE2KeyPrivatePEM = `
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIFRcPxQ989AY6se2RyIoF1ll9O6gHev4oY15SWJ+Jf5eoAoGCCqGSM49
+AwEHoUQDQgAES8FOmrZ3ywj4yyFqt0etAD90U+EnkNaOBSLfQmf7pNi8y+kPKoUN
+EeMZ9nWyIM6bktLrE11HnFOnKhAYsM5fZA==
+-----END EC PRIVATE KEY-----`
 )
 
 type MockRegistrationAuthority struct{}
@@ -197,10 +224,17 @@ func signRequest(t *testing.T, req string, nonceService *core.NonceService) stri
 	return ret
 }
 
+var testKeyPolicy = core.KeyPolicy{
+	AllowRSA:           true,
+	AllowECDSANISTP256: true,
+	AllowECDSANISTP384: true,
+}
+
 func setupWFE(t *testing.T) (WebFrontEndImpl, clock.FakeClock) {
 	fc := clock.NewFake()
 	stats, _ := statsd.NewNoopClient()
-	wfe, err := NewWebFrontEndImpl(stats, fc)
+
+	wfe, err := NewWebFrontEndImpl(stats, fc, testKeyPolicy)
 	test.AssertNotError(t, err, "Unable to create WFE")
 
 	wfe.NewReg = wfe.BaseURL + NewRegPath
@@ -546,7 +580,7 @@ func TestIssueCertificate(t *testing.T) {
 	// TODO: Use a mock RA so we can test various conditions of authorized, not
 	// authorized, etc.
 	stats, _ := statsd.NewNoopClient(nil)
-	ra := ra.NewRegistrationAuthorityImpl(fc, wfe.log, stats, nil, cmd.RateLimitConfig{}, 0)
+	ra := ra.NewRegistrationAuthorityImpl(fc, wfe.log, stats, nil, cmd.RateLimitConfig{}, 0, testKeyPolicy)
 	ra.SA = mocks.NewStorageAuthority(fc)
 	ra.CA = &MockCA{}
 	ra.PA = &MockPA{}
@@ -759,6 +793,52 @@ func TestBadNonce(t *testing.T) {
 	test.AssertEquals(t, responseWriter.Body.String(), `{"type":"urn:acme:error:badNonce","detail":"JWS has no anti-replay nonce","status":400}`)
 }
 
+func TestNewECDSARegistration(t *testing.T) {
+	wfe, _ := setupWFE(t)
+
+	// E1 always exists; E2 never exists
+	key, err := jose.LoadPrivateKey([]byte(testE2KeyPrivatePEM))
+	test.AssertNotError(t, err, "Failed to load key")
+	ecdsaKey, ok := key.(*ecdsa.PrivateKey)
+	test.Assert(t, ok, "Couldn't load ECDSA key")
+	signer, err := jose.NewSigner("ES256", ecdsaKey)
+	test.AssertNotError(t, err, "Failed to make signer")
+	signer.SetNonceSource(wfe.nonceService)
+
+	responseWriter := httptest.NewRecorder()
+	result, err := signer.Sign([]byte(`{"resource":"new-reg","contact":["tel:123456789"],"agreement":"` + agreementURL + `"}`))
+	test.AssertNotError(t, err, "Failed to sign")
+	wfe.NewRegistration(newRequestEvent(), responseWriter, makePostRequest(result.FullSerialize()))
+
+	var reg core.Registration
+	err = json.Unmarshal([]byte(responseWriter.Body.String()), &reg)
+	test.AssertNotError(t, err, "Couldn't unmarshal returned registration object")
+	test.Assert(t, len(reg.Contact) >= 1, "No contact field in registration")
+	test.AssertEquals(t, reg.Contact[0].String(), "tel:123456789")
+	test.AssertEquals(t, reg.Agreement, "http://example.invalid/terms")
+	test.AssertEquals(t, reg.InitialIP.String(), "1.1.1.1")
+
+	test.AssertEquals(t, responseWriter.Header().Get("Location"), "/acme/reg/0")
+
+	key, err = jose.LoadPrivateKey([]byte(testE1KeyPrivatePEM))
+	test.AssertNotError(t, err, "Failed to load key")
+	ecdsaKey, ok = key.(*ecdsa.PrivateKey)
+	test.Assert(t, ok, "Couldn't load ECDSA key")
+	signer, err = jose.NewSigner("ES256", ecdsaKey)
+	test.AssertNotError(t, err, "Failed to make signer")
+	signer.SetNonceSource(wfe.nonceService)
+
+	// Reset the body and status code
+	responseWriter = httptest.NewRecorder()
+	// POST, Valid JSON, Key already in use
+	result, err = signer.Sign([]byte(`{"resource":"new-reg","contact":["tel:123456789"],"agreement":"` + agreementURL + `"}`))
+
+	wfe.NewRegistration(newRequestEvent(), responseWriter, makePostRequest(result.FullSerialize()))
+	test.AssertEquals(t, responseWriter.Body.String(), `{"type":"urn:acme:error:malformed","detail":"Registration key is already in use","status":409}`)
+	test.AssertEquals(t, responseWriter.Header().Get("Location"), "/acme/reg/3")
+	test.AssertEquals(t, responseWriter.Code, 409)
+}
+
 func TestNewRegistration(t *testing.T) {
 	wfe, _ := setupWFE(t)
 	mux, err := wfe.Handler()