diff options
| author | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-20 15:30:18 -0400 |
|---|---|---|
| committer | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-20 15:30:18 -0400 |
| commit | d671ca62682dc989f9ef8381b08f676aa2983a6f (patch) | |
| tree | e8c9df2d99fb3e1dc85b2db27212b0e399d1350b /func | |
| parent | d96d4b72aebee6dc1089dd260705c23cb1b9cd27 (diff) | |
| download | third_party-func-d671ca62682dc989f9ef8381b08f676aa2983a6f.tar.gz third_party-func-d671ca62682dc989f9ef8381b08f676aa2983a6f.tar.xz third_party-func-d671ca62682dc989f9ef8381b08f676aa2983a6f.zip | |
slave-key creation script
Diffstat (limited to 'func')
| -rw-r--r-- | func/slave-keys.py | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/func/slave-keys.py b/func/slave-keys.py new file mode 100644 index 0000000..dee0fd5 --- /dev/null +++ b/func/slave-keys.py @@ -0,0 +1,80 @@ +#!/usr/bin/python -tt + +import sys +import os +import os.path +from OpenSSL import crypto +import socket + + +def_country = 'UN' +def_state = 'FC' +def_local = 'Func-ytown' +def_org = 'func' +def_ou = 'slave-key' + +cert_dir = '/home/skvidal/tmp/t' +key_file = '%s/slave.pem' % cert_dir +csr_file = '%s/slave.csr' % cert_dir + + +def make_cert(dest=None): + pkey = crypto.PKey() + pkey.generate_key(crypto.TYPE_RSA, 2048) + if dest: + destfo = open(dest, 'w') + destfo.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)) + destfo.close() + + return pkey + +def make_csr(pkey, dest=None, cn=None): + req = crypto.X509Req() + req.get_subject() + subj = req.get_subject() + subj.C = def_country + subj.ST = def_state + subj.L = def_local + subj.O = def_org + subj.OU = def_ou + if cn: + subj.CN = cn + else: + subj.CN = socket.getfqdn() + subj.emailAddress = 'root@%s' % subj.CN + + req.set_pubkey(pkey) + req.sign(pkey, 'md5') + if dest: + destfo = open(dest, 'w') + destfo.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)) + destfo.close() + + return req + +def retrieve_key_from_file(keyfile): + fo = open(keyfile, 'r') + buf = fo.read() + keypair = crypto.load_privatekey(crypto.FILETYPE_PEM, buf) + return keypair + +def main(): + keypair = None + try: + if not os.path.exists(cert_dir): + os.makedirs(cert_dir) + if not os.path.exists(key_file): + keypair = make_cert(dest=key_file) + if not os.path.exists(csr_file): + if not keypair: + keypair = retrieve_key_from_file(key_file) + csr = make_csr(keypair, dest=csr_file) + except: + return 1 + + return 0 + + +if __name__ == "__main__": + sys.exit(main()) +
\ No newline at end of file |