def generate(self, module):
"""Generate a keypair."""
if not os.path.exists(self.path) or self.force:
self.privatekey = crypto.PKey()
if self.type == 'RSA':
crypto_type = crypto.TYPE_RSA
else:
crypto_type = crypto.TYPE_DSA
try:
self.privatekey.generate_key(crypto_type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
try:
privatekey_file = os.open(self.path,
os.O_WRONLY | os.O_CREAT | os.O_TRUNC,
self.mode)
os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey))
os.close(privatekey_file)
except IOError as exc:
self.remove()
raise PrivateKeyError(exc)
else:
self.changed = False
self.fingerprint = get_fingerprint(self.path)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate the public key."""
if not os.path.exists(self.path) or self.force:
try:
privatekey_content = open(self.privatekey_path, 'r').read()
self.privatekey = crypto.load_privatekey(
crypto.FILETYPE_PEM, privatekey_content)
publickey_content = crypto.dump_publickey(
crypto.FILETYPE_PEM, self.privatekey)
publickey_file = open(self.path, 'w')
publickey_file.write(publickey_content)
publickey_file.close()
except (IOError, OSError) as exc:
raise PublicKeyError(exc)
except AttributeError as exc:
self.remove()
raise PublicKeyError(
'You need to have PyOpenSSL>=16.0.0 to generate public keys'
)
else:
self.changed = False
file_args = module.load_file_common_arguments(module.params)
self.fingerprint = get_fingerprint(self.privatekey_path)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate the public key."""
if not os.path.exists(self.privatekey_path):
raise PublicKeyError('The private key %s does not exist' %
self.privatekey_path)
if not self.check(module, perms_required=False) or self.force:
try:
publickey_content = self._create_publickey(module)
if self.backup:
self.backup_file = module.backup_local(self.path)
crypto_utils.write_file(module, publickey_content)
self.changed = True
except crypto_utils.OpenSSLBadPassphraseError as exc:
raise PublicKeyError(exc)
except (IOError, OSError) as exc:
raise PublicKeyError(exc)
self.fingerprint = crypto_utils.get_fingerprint(
self.privatekey_path, self.privatekey_passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate a keypair."""
if not self.check(module, perms_required=False) or self.force:
self.privatekey = crypto.PKey()
try:
self.privatekey.generate_key(self.type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
if self.cipher and self.passphrase:
privatekey_data = crypto.dump_privatekey(
crypto.FILETYPE_PEM, self.privatekey, self.cipher,
to_bytes(self.passphrase))
else:
privatekey_data = crypto.dump_privatekey(
crypto.FILETYPE_PEM, self.privatekey)
crypto_utils.write_file(module, privatekey_data, 0o600)
self.changed = True
self.fingerprint = crypto_utils.get_fingerprint(
self.path, self.passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate a keypair."""
if not self.check(module, perms_required=False) or self.force:
self.privatekey = crypto.PKey()
try:
self.privatekey.generate_key(self.type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
try:
privatekey_file = os.open(self.path,
os.O_WRONLY | os.O_CREAT | os.O_TRUNC,
self.mode)
if self.cipher and self.passphrase:
os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey,
self.cipher, to_bytes(self.passphrase)))
else:
os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey))
os.close(privatekey_file)
self.changed = True
except IOError as exc:
self.remove()
raise PrivateKeyError(exc)
self.fingerprint = crypto_utils.get_fingerprint(self.path, self.passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate a keypair."""
if not self.check(module, perms_required=False) or self.force:
self.privatekey = crypto.PKey()
try:
self.privatekey.generate_key(self.type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
try:
privatekey_file = os.open(
self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC)
os.close(privatekey_file)
if isinstance(self.mode, string_types):
try:
self.mode = int(self.mode, 8)
except ValueError as e:
try:
st = os.lstat(self.path)
self.mode = AnsibleModule._symbolic_mode_to_octal(
st, self.mode)
except ValueError as e:
module.fail_json(msg="%s" % to_native(e),
exception=traceback.format_exc())
os.chmod(self.path, self.mode)
privatekey_file = os.open(
self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC,
self.mode)
if self.cipher and self.passphrase:
os.write(
privatekey_file,
crypto.dump_privatekey(crypto.FILETYPE_PEM,
self.privatekey, self.cipher,
to_bytes(self.passphrase)))
else:
os.write(
privatekey_file,
crypto.dump_privatekey(crypto.FILETYPE_PEM,
self.privatekey))
os.close(privatekey_file)
self.changed = True
except IOError as exc:
self.remove()
raise PrivateKeyError(exc)
self.fingerprint = crypto_utils.get_fingerprint(
self.path, self.passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate the public key."""
if not os.path.exists(self.privatekey_path):
raise PublicKeyError(
'The private key %s does not exist' % self.privatekey_path
)
if not self.check(module, perms_required=False) or self.force:
try:
if self.format == 'OpenSSH':
with open(self.privatekey_path, 'rb') as private_key_fh:
privatekey_content = private_key_fh.read()
key = crypto_serialization.load_pem_private_key(
privatekey_content,
password=None if self.privatekey_passphrase is None else to_bytes(self.privatekey_passphrase),
backend=default_backend()
)
publickey_content = key.public_key().public_bytes(
crypto_serialization.Encoding.OpenSSH,
crypto_serialization.PublicFormat.OpenSSH
)
else:
self.privatekey = crypto_utils.load_privatekey(
self.privatekey_path, self.privatekey_passphrase
)
publickey_content = crypto.dump_publickey(crypto.FILETYPE_PEM, self.privatekey)
with open(self.path, 'wb') as publickey_file:
publickey_file.write(publickey_content)
self.changed = True
except crypto_utils.OpenSSLBadPassphraseError as exc:
raise PublicKeyError(exc)
except (IOError, OSError) as exc:
raise PublicKeyError(exc)
except AttributeError as exc:
self.remove(module)
raise PublicKeyError('You need to have PyOpenSSL>=16.0.0 to generate public keys')
self.fingerprint = crypto_utils.get_fingerprint(
self.privatekey_path,
self.privatekey_passphrase
)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate the public key."""
if not os.path.exists(self.path) or self.force:
try:
privatekey_content = open(self.privatekey_path, 'r').read()
if self.format == 'OpenSSH':
key = crypto_serialization.load_pem_private_key(
privatekey_content,
password=self.privatekey_passphrase,
backend=default_backend())
publickey_content = key.public_key().public_bytes(
crypto_serialization.Encoding.OpenSSH,
crypto_serialization.PublicFormat.OpenSSH)
else:
self.privatekey = crypto.load_privatekey(
crypto.FILETYPE_PEM, privatekey_content)
publickey_content = crypto.dump_publickey(
crypto.FILETYPE_PEM, self.privatekey)
publickey_file = open(self.path, 'w')
publickey_file.write(publickey_content)
publickey_file.close()
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
except (IOError, OSError) as exc:
raise PublicKeyError(exc)
except AttributeError as exc:
self.remove()
raise PublicKeyError(
'You need to have PyOpenSSL>=16.0.0 to generate public keys'
)
else:
self.changed = False
file_args = module.load_file_common_arguments(module.params)
self.fingerprint = get_fingerprint(self.privatekey_path,
self.privatekey_passphrase)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate the public key."""
if not os.path.exists(self.privatekey_path):
raise PublicKeyError(
'The private key %s does not exist' % self.privatekey_path
)
if not self.check(module, perms_required=False) or self.force:
try:
if self.format == 'OpenSSH':
privatekey_content = open(self.privatekey_path, 'rb').read()
key = crypto_serialization.load_pem_private_key(privatekey_content,
password=self.privatekey_passphrase,
backend=default_backend())
publickey_content = key.public_key().public_bytes(
crypto_serialization.Encoding.OpenSSH,
crypto_serialization.PublicFormat.OpenSSH
)
else:
self.privatekey = crypto_utils.load_privatekey(
self.privatekey_path, self.privatekey_passphrase
)
publickey_content = crypto.dump_publickey(crypto.FILETYPE_PEM, self.privatekey)
with open(self.path, 'wb') as publickey_file:
publickey_file.write(publickey_content)
self.changed = True
except (IOError, OSError) as exc:
raise PublicKeyError(exc)
except AttributeError as exc:
self.remove()
raise PublicKeyError('You need to have PyOpenSSL>=16.0.0 to generate public keys')
self.fingerprint = crypto_utils.get_fingerprint(
self.privatekey_path,
self.privatekey_passphrase
)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate a keypair."""
if not self.check(module, perms_required=False) or self.force:
self.privatekey = crypto.PKey()
try:
self.privatekey.generate_key(self.type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
try:
privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC)
os.close(privatekey_file)
if isinstance(self.mode, string_types):
try:
self.mode = int(self.mode, 8)
except ValueError as e:
try:
st = os.lstat(self.path)
self.mode = AnsibleModule._symbolic_mode_to_octal(st, self.mode)
except ValueError as e:
module.fail_json(msg="%s" % to_native(e), exception=traceback.format_exc())
os.chmod(self.path, self.mode)
privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode)
if self.cipher and self.passphrase:
os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey,
self.cipher, to_bytes(self.passphrase)))
else:
os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey))
os.close(privatekey_file)
self.changed = True
except IOError as exc:
self.remove()
raise PrivateKeyError(exc)
self.fingerprint = crypto_utils.get_fingerprint(self.path, self.passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def generate(self, module):
"""Generate a keypair."""
if not self.check(module, perms_required=False) or self.force:
self.privatekey = crypto.PKey()
try:
self.privatekey.generate_key(self.type, self.size)
except (TypeError, ValueError) as exc:
raise PrivateKeyError(exc)
try:
privatekey_file = os.open(
self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC,
self.mode)
if self.cipher and self.passphrase:
os.write(
privatekey_file,
crypto.dump_privatekey(crypto.FILETYPE_PEM,
self.privatekey, self.cipher,
to_bytes(self.passphrase)))
else:
os.write(
privatekey_file,
crypto.dump_privatekey(crypto.FILETYPE_PEM,
self.privatekey))
os.close(privatekey_file)
self.changed = True
except IOError as exc:
self.remove()
raise PrivateKeyError(exc)
self.fingerprint = crypto_utils.get_fingerprint(
self.path, self.passphrase)
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
def _get_fingerprint(self):
return crypto_utils.get_fingerprint(self.path, self.passphrase)
