acme: implement new order-based issuance methods

The order based issuance flow is different from pre-authorization
in that users tell upfront which identifiers they want a future
certificate to contain and the CA responds with a set of authorizations
to satisfy.

Similar to pre-authorization where users start with Client's
Authorize method, fulfill challenges and then call GetAuthorization
or WaitAuthorization, the order based flow starts with AuthorizeOrder
and then GetOrder or WaitOrder.

Once all order authorizations are satisfied, users can call
CreateOrderCert, as opposed to the old CreateCert, and FetchCert as before.
The new method implementation and updates to the existing methods
is in

More on order based flow can be found in

Updates golang/go#21081

Change-Id: I37c37203b50785d7681f65f815d7b19d9c15b96d
Run-TryBot: Alex Vaghin <>
TryBot-Result: Gobot Gobot <>
Reviewed-by: Filippo Valsorda <>
5 files changed
tree: c849714fc223608cb5b6f99f3449d36aaa1e61dc
  1. .gitattributes
  2. .gitignore
  9. acme/
  10. argon2/
  11. bcrypt/
  12. blake2b/
  13. blake2s/
  14. blowfish/
  15. bn256/
  16. cast5/
  17. chacha20poly1305/
  18. codereview.cfg
  19. cryptobyte/
  20. curve25519/
  21. ed25519/
  22. go.mod
  23. go.sum
  24. hkdf/
  25. internal/
  26. md4/
  27. nacl/
  28. ocsp/
  29. openpgp/
  30. otr/
  31. pbkdf2/
  32. pkcs12/
  33. poly1305/
  34. ripemd160/
  35. salsa20/
  36. scrypt/
  37. sha3/
  38. ssh/
  39. tea/
  40. twofish/
  41. xtea/
  42. xts/

Go Cryptography

This repository holds supplementary Go cryptography libraries.


The easiest way to install is to run go get -u You can also manually git clone the repository to $GOPATH/src/

Report Issues / Send Patches

This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see

The main issue tracker for the crypto repository is located at Prefix your issue with “x/crypto:” in the subject line, so it is easy to find.

Note that contributions to the cryptography package receive additional scrutiny due to their sensitive nature. Patches may take longer than normal to receive feedback.