1 files changed, 5 insertions, 60 deletions

diff --git a/certs/slave-keys.py b/certs/slave-keys.py
index 5ac3227..e1f6a45 100644
--- a/certs/slave-keys.py
+++ b/certs/slave-keys.py
@@ -18,67 +18,12 @@
 import sys
 import os
 import os.path
-from OpenSSL import crypto
-import socket
-
-
-def_country = 'UN'
-def_state = 'FC'
-def_local = 'Func-ytown'
-def_org = 'func'
-def_ou = 'slave-key'
+import func.certs
 
 cert_dir = '/etc/pki/func'
 key_file = '%s/slave.pem' % cert_dir
 csr_file = '%s/slave.csr' % cert_dir
 
-
-def make_cert(dest=None):
-    pkey = crypto.PKey()
-    pkey.generate_key(crypto.TYPE_RSA, 2048)
-    if dest:
-        destfo = open(dest, 'w')
-        destfo.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
-        destfo.close()
-    
-    return pkey
-
-def make_csr(pkey, dest=None, cn=None):
-    req = crypto.X509Req()
-    req.get_subject()
-    subj  = req.get_subject()
-    subj.C = def_country
-    subj.ST = def_state
-    subj.L = def_local
-    subj.O = def_org
-    subj.OU = def_ou
-    if cn:
-        subj.CN = cn
-    else:
-        subj.CN = socket.getfqdn()
-    subj.emailAddress = 'root@%s' % subj.CN       
-        
-    req.set_pubkey(pkey)
-    req.sign(pkey, 'md5')
-    if dest:
-        destfo = open(dest, 'w')
-        destfo.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, req))
-        destfo.close()
-
-    return req
-
-def retrieve_key_from_file(keyfile):
-    fo = open(keyfile, 'r')
-    buf = fo.read()
-    keypair = crypto.load_privatekey(crypto.FILETYPE_PEM, buf)
-    return keypair
-    
-def retrieve_csr_from_file(csrfile)
-    fo = open(csrfile, 'r')
-    buf = fo.read()
-    csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, buf)
-    return csrreq
-    
 def submit_csr_to_master(csrfile, master):
     # stuff happens here - I can just cram the csr in a POST if need be
     pass
@@ -89,12 +34,12 @@ def main():
         if not os.path.exists(cert_dir):
             os.makedirs(cert_dir)
         if not os.path.exists(key_file):
-            keypair = make_cert(dest=key_file)
+            keypair = func.certs.make_cert(dest=key_file)
         if not os.path.exists(csr_file):
             if not keypair:
-                keypair = retrieve_key_from_file(key_file)
-            csr = make_csr(keypair, dest=csr_file)
-    except:
+                keypair = func.certs.retrieve_key_from_file(key_file)
+            csr = func.certs.make_csr(keypair, dest=csr_file)
+    except: # need a little more specificity here
         return 1
         
     return 0