def generate(self, module): """Generate a keypair.""" if not os.path.exists(self.path) or self.force: self.privatekey = crypto.PKey() if self.type == 'RSA': crypto_type = crypto.TYPE_RSA else: crypto_type = crypto.TYPE_DSA try: self.privatekey.generate_key(crypto_type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) try: privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode) os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey)) os.close(privatekey_file) except IOError as exc: self.remove() raise PrivateKeyError(exc) else: self.changed = False self.fingerprint = get_fingerprint(self.path) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate the public key.""" if not os.path.exists(self.path) or self.force: try: privatekey_content = open(self.privatekey_path, 'r').read() self.privatekey = crypto.load_privatekey( crypto.FILETYPE_PEM, privatekey_content) publickey_content = crypto.dump_publickey( crypto.FILETYPE_PEM, self.privatekey) publickey_file = open(self.path, 'w') publickey_file.write(publickey_content) publickey_file.close() except (IOError, OSError) as exc: raise PublicKeyError(exc) except AttributeError as exc: self.remove() raise PublicKeyError( 'You need to have PyOpenSSL>=16.0.0 to generate public keys' ) else: self.changed = False file_args = module.load_file_common_arguments(module.params) self.fingerprint = get_fingerprint(self.privatekey_path) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate the public key.""" if not os.path.exists(self.privatekey_path): raise PublicKeyError('The private key %s does not exist' % self.privatekey_path) if not self.check(module, perms_required=False) or self.force: try: publickey_content = self._create_publickey(module) if self.backup: self.backup_file = module.backup_local(self.path) crypto_utils.write_file(module, publickey_content) self.changed = True except crypto_utils.OpenSSLBadPassphraseError as exc: raise PublicKeyError(exc) except (IOError, OSError) as exc: raise PublicKeyError(exc) self.fingerprint = crypto_utils.get_fingerprint( self.privatekey_path, self.privatekey_passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate a keypair.""" if not self.check(module, perms_required=False) or self.force: self.privatekey = crypto.PKey() try: self.privatekey.generate_key(self.type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) if self.cipher and self.passphrase: privatekey_data = crypto.dump_privatekey( crypto.FILETYPE_PEM, self.privatekey, self.cipher, to_bytes(self.passphrase)) else: privatekey_data = crypto.dump_privatekey( crypto.FILETYPE_PEM, self.privatekey) crypto_utils.write_file(module, privatekey_data, 0o600) self.changed = True self.fingerprint = crypto_utils.get_fingerprint( self.path, self.passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate a keypair.""" if not self.check(module, perms_required=False) or self.force: self.privatekey = crypto.PKey() try: self.privatekey.generate_key(self.type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) try: privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode) if self.cipher and self.passphrase: os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey, self.cipher, to_bytes(self.passphrase))) else: os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey)) os.close(privatekey_file) self.changed = True except IOError as exc: self.remove() raise PrivateKeyError(exc) self.fingerprint = crypto_utils.get_fingerprint(self.path, self.passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate a keypair.""" if not self.check(module, perms_required=False) or self.force: self.privatekey = crypto.PKey() try: self.privatekey.generate_key(self.type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) try: privatekey_file = os.open( self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC) os.close(privatekey_file) if isinstance(self.mode, string_types): try: self.mode = int(self.mode, 8) except ValueError as e: try: st = os.lstat(self.path) self.mode = AnsibleModule._symbolic_mode_to_octal( st, self.mode) except ValueError as e: module.fail_json(msg="%s" % to_native(e), exception=traceback.format_exc()) os.chmod(self.path, self.mode) privatekey_file = os.open( self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode) if self.cipher and self.passphrase: os.write( privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey, self.cipher, to_bytes(self.passphrase))) else: os.write( privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey)) os.close(privatekey_file) self.changed = True except IOError as exc: self.remove() raise PrivateKeyError(exc) self.fingerprint = crypto_utils.get_fingerprint( self.path, self.passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate the public key.""" if not os.path.exists(self.privatekey_path): raise PublicKeyError( 'The private key %s does not exist' % self.privatekey_path ) if not self.check(module, perms_required=False) or self.force: try: if self.format == 'OpenSSH': with open(self.privatekey_path, 'rb') as private_key_fh: privatekey_content = private_key_fh.read() key = crypto_serialization.load_pem_private_key( privatekey_content, password=None if self.privatekey_passphrase is None else to_bytes(self.privatekey_passphrase), backend=default_backend() ) publickey_content = key.public_key().public_bytes( crypto_serialization.Encoding.OpenSSH, crypto_serialization.PublicFormat.OpenSSH ) else: self.privatekey = crypto_utils.load_privatekey( self.privatekey_path, self.privatekey_passphrase ) publickey_content = crypto.dump_publickey(crypto.FILETYPE_PEM, self.privatekey) with open(self.path, 'wb') as publickey_file: publickey_file.write(publickey_content) self.changed = True except crypto_utils.OpenSSLBadPassphraseError as exc: raise PublicKeyError(exc) except (IOError, OSError) as exc: raise PublicKeyError(exc) except AttributeError as exc: self.remove(module) raise PublicKeyError('You need to have PyOpenSSL>=16.0.0 to generate public keys') self.fingerprint = crypto_utils.get_fingerprint( self.privatekey_path, self.privatekey_passphrase ) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate the public key.""" if not os.path.exists(self.path) or self.force: try: privatekey_content = open(self.privatekey_path, 'r').read() if self.format == 'OpenSSH': key = crypto_serialization.load_pem_private_key( privatekey_content, password=self.privatekey_passphrase, backend=default_backend()) publickey_content = key.public_key().public_bytes( crypto_serialization.Encoding.OpenSSH, crypto_serialization.PublicFormat.OpenSSH) else: self.privatekey = crypto.load_privatekey( crypto.FILETYPE_PEM, privatekey_content) publickey_content = crypto.dump_publickey( crypto.FILETYPE_PEM, self.privatekey) publickey_file = open(self.path, 'w') publickey_file.write(publickey_content) publickey_file.close() file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True except (IOError, OSError) as exc: raise PublicKeyError(exc) except AttributeError as exc: self.remove() raise PublicKeyError( 'You need to have PyOpenSSL>=16.0.0 to generate public keys' ) else: self.changed = False file_args = module.load_file_common_arguments(module.params) self.fingerprint = get_fingerprint(self.privatekey_path, self.privatekey_passphrase) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate the public key.""" if not os.path.exists(self.privatekey_path): raise PublicKeyError( 'The private key %s does not exist' % self.privatekey_path ) if not self.check(module, perms_required=False) or self.force: try: if self.format == 'OpenSSH': privatekey_content = open(self.privatekey_path, 'rb').read() key = crypto_serialization.load_pem_private_key(privatekey_content, password=self.privatekey_passphrase, backend=default_backend()) publickey_content = key.public_key().public_bytes( crypto_serialization.Encoding.OpenSSH, crypto_serialization.PublicFormat.OpenSSH ) else: self.privatekey = crypto_utils.load_privatekey( self.privatekey_path, self.privatekey_passphrase ) publickey_content = crypto.dump_publickey(crypto.FILETYPE_PEM, self.privatekey) with open(self.path, 'wb') as publickey_file: publickey_file.write(publickey_content) self.changed = True except (IOError, OSError) as exc: raise PublicKeyError(exc) except AttributeError as exc: self.remove() raise PublicKeyError('You need to have PyOpenSSL>=16.0.0 to generate public keys') self.fingerprint = crypto_utils.get_fingerprint( self.privatekey_path, self.privatekey_passphrase ) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate a keypair.""" if not self.check(module, perms_required=False) or self.force: self.privatekey = crypto.PKey() try: self.privatekey.generate_key(self.type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) try: privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC) os.close(privatekey_file) if isinstance(self.mode, string_types): try: self.mode = int(self.mode, 8) except ValueError as e: try: st = os.lstat(self.path) self.mode = AnsibleModule._symbolic_mode_to_octal(st, self.mode) except ValueError as e: module.fail_json(msg="%s" % to_native(e), exception=traceback.format_exc()) os.chmod(self.path, self.mode) privatekey_file = os.open(self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode) if self.cipher and self.passphrase: os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey, self.cipher, to_bytes(self.passphrase))) else: os.write(privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey)) os.close(privatekey_file) self.changed = True except IOError as exc: self.remove() raise PrivateKeyError(exc) self.fingerprint = crypto_utils.get_fingerprint(self.path, self.passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def generate(self, module): """Generate a keypair.""" if not self.check(module, perms_required=False) or self.force: self.privatekey = crypto.PKey() try: self.privatekey.generate_key(self.type, self.size) except (TypeError, ValueError) as exc: raise PrivateKeyError(exc) try: privatekey_file = os.open( self.path, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, self.mode) if self.cipher and self.passphrase: os.write( privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey, self.cipher, to_bytes(self.passphrase))) else: os.write( privatekey_file, crypto.dump_privatekey(crypto.FILETYPE_PEM, self.privatekey)) os.close(privatekey_file) self.changed = True except IOError as exc: self.remove() raise PrivateKeyError(exc) self.fingerprint = crypto_utils.get_fingerprint( self.path, self.passphrase) file_args = module.load_file_common_arguments(module.params) if module.set_fs_attributes_if_different(file_args, False): self.changed = True
def _get_fingerprint(self): return crypto_utils.get_fingerprint(self.path, self.passphrase)