def generate_minion_keys(self):
#XXX TODO: Replace M2Crypto with PyCrypto
# see: https://github.com/saltstack/salt/pull/1112/files
# generate keys
keyname = self.get_keyname()
if not keyname:
LOG.error("Must specify salt_id or hostname")
return False
gen = RSA.gen_key(2048, 1, callback=lambda x, y, z: None)
pubpath = os.path.join(self.pki_dir, '{0}.pub'.format(keyname))
gen.save_pub_key(pubpath)
LOG.info("public key {0}".format(pubpath))
if self.config.get('save_keys'):
cumask = os.umask(191)
gen.save_key(os.path.join(self.pki_dir, '{0}.pem'.format(keyname)),
None)
os.umask(cumask)
# public key
_pub = TemporaryFile()
bio_pub = BIO.File(_pub)
m2.rsa_write_pub_key(gen.rsa, bio_pub._ptr())
_pub.seek(0)
self.config['public_key'] = self.public_key = _pub.read()
self.config['formatted_public_key'] = '\n'.join(
" {0}".format(k) for k in self.public_key.split('\n'))
# private key
_pem = TemporaryFile()
bio_pem = BIO.File(_pem)
gen.save_key_bio(bio_pem, None)
_pem.seek(0)
self.config['private_key'] = self.private_key = _pem.read()
self.config['formatted_private_key'] = '\n'.join(
" {0}".format(k) for k in self.private_key.split('\n'))
return True
def generate_minion_keys(self):
# XXX TODO: Replace M2Crypto with PyCrypto
# see: https://github.com/saltstack/salt/pull/1112/files
# generate keys
keyname = self.get_keyname()
if not keyname:
LOG.error("Must specify salt_id or hostname")
return False
gen = RSA.gen_key(2048, 1, callback=lambda x, y, z: None)
pubpath = os.path.join(self.pki_dir, "{0}.pub".format(keyname))
gen.save_pub_key(pubpath)
LOG.info("public key {0}".format(pubpath))
if self.config.get("save_keys"):
cumask = os.umask(191)
gen.save_key(os.path.join(self.pki_dir, "{0}.pem".format(keyname)), None)
os.umask(cumask)
# public key
_pub = TemporaryFile()
bio_pub = BIO.File(_pub)
m2.rsa_write_pub_key(gen.rsa, bio_pub._ptr())
_pub.seek(0)
self.config["public_key"] = self.public_key = _pub.read()
self.config["formatted_public_key"] = "\n".join(" {0}".format(k) for k in self.public_key.split("\n"))
# private key
_pem = TemporaryFile()
bio_pem = BIO.File(_pem)
gen.save_key_bio(bio_pem, None)
_pem.seek(0)
self.config["private_key"] = self.private_key = _pem.read()
self.config["formatted_private_key"] = "\n".join(" {0}".format(k) for k in self.private_key.split("\n"))
return True
def save_pub_key_bio(self, bio):
# type: (BIO.BIO) -> int
"""
Save the public key to an M2Crypto.BIO.BIO object in PEM format.
:param bio: M2Crypto.BIO.BIO object to save key to.
"""
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_pub_key_bio(self, bio):
"""
Save the public key to an M2Crypto.BIO.BIO object in PEM format.
@type bio: M2Crypto.BIO.BIO
@param bio: M2Crypto.BIO.BIO object to save key to.
"""
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_pub_key(self, file):
# type: (AnyStr) -> int
"""
Save the public key to a file in PEM format.
:param file: Name of file to save key to.
"""
with BIO.openfile(file, 'wb') as bio:
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_pub_key(self, file):
"""
Save the public key to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
"""
bio = BIO.openfile(file, 'wb')
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_pub_key(self, file):
"""
Save the public key to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
"""
bio = BIO.openfile(file, 'wb')
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_pub_key(self, file):
# type: (AnyStr) -> int
"""
Save the public key to a file in PEM format.
:param file: Name of file to save key to.
"""
with BIO.openfile(file, 'wb') as bio:
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
