ACME-PS

1.0.3

functions/AccountKey/New-AccountKey.ps1

                                function New-AccountKey {

    <#

        .SYNOPSIS

            Creates a new account key, that will be used to sign ACME operations.

            Provide a path where to save the key, since being able to restore it is crucial.

        .DESCRIPTION

            Creates and stores a new account key, that can be used for ACME operations.

            The key will be added to the state.

        .PARAMETER RSA

            Used to select RSA key type. (default)

        .PARAMETER RSAHashSize

            The hash size used for the RSA algorithm.

        .PARAMETER RSAKeySize

            The key size of the RSA algorithm.

        .PARAMETER ECDsa

            Used to select ECDsa key type.

        .PARAMETER ECDsaHashSize

            The hash size used for the ECDsa algorithm.

        .PARAMETER Path

            The path where the keys will be stored.

        .PARAMETER State

            The state object, that is used in this module, to provide easy access to the ACME service directory,

            your account key, the associated account and the replay nonce.

            The account key will be stored into the state, if present.

        .PARAMETER PassThru

            Forces the new account key to be returned to the pipeline, even if state is set.

        .PARAMETER Force

            If there's already a key present in the state, you need to provide the force switch to override the

            existing account key.

        .EXAMPLE

            PS> New-AccountKey -State $myState

        .EXAMPLE

            PS> New-AccountKey -State $myState -RSA -HashSize 512

        .EXAMPLE

            PS> New-AccountKey -ECDsa -HashSize 384

    #>

    [CmdletBinding(DefaultParameterSetName="RSA", SupportsShouldProcess=$true)]

    [OutputType("IAccountKey")]

    param(

        [Parameter(ParameterSetName="RSA")]

        [switch]

        $RSA,

        [Parameter(ParameterSetName="RSA")]

        [ValidateSet(256, 384, 512)]

        [int]

        $RSAHashSize = 256,

        [Parameter(ParameterSetName="RSA")]

        [ValidateSet(2048)]

        [int]

        $RSAKeySize = 2048,

        [Parameter(ParameterSetName="ECDsa")]

        [switch]

        $ECDsa,

        [Parameter(ParameterSetName="ECDsa")]

        [ValidateSet(256, 384, 512)]

        [int]

        $ECDsaHashSize = 256,

        [Parameter(Position = 0)]

        [ValidateNotNull()]

        [AcmeState]

        $State,

        [Parameter()]

        [switch]

        $PassThru,

        [Parameter()]

        [switch]

        $Force

    )

    if($PSCmdlet.ParameterSetName -eq "ECDsa") {

        $accountKey = [IAccountKey]([ECDsaAccountKey]::new($ECDsaHashSize));

        Write-Verbose "Created new ECDsa account key with hash size $ECDsaHashSize";

    } else {

        $accountKey = [IAccountKey]([RSAAccountKey]::new($RSAHashSize, $RSAKeySize));

        Write-Verbose "Created new RSA account key with hash size $RSAHashSize and key size $RSAKeySize";

    }

    if($State -and $PSCmdlet.ShouldProcess("AccountKey", "Add created account key to state.",

        "The created account key will now be added to the state object."))

    {

        if($null -eq $State.GetAccountKey() -or $Force -or

            $PSCmdlet.ShouldContinue("The existing account key will be overriden. Do you want to continue?", "Replace account key"))

        {

            $State.Set($accountKey);

        }

    }

    if($PassThru -or -not $State) {

        return $accountKey;

    }

}