1 files changed, 50 insertions, 0 deletions

diff --git a/lib/puppet/ssl/key.rb b/lib/puppet/ssl/key.rb
new file mode 100644
index 000000000..a1d436090
--- /dev/null
+++ b/lib/puppet/ssl/key.rb
@@ -0,0 +1,50 @@
+require 'puppet/ssl/base'
+require 'puppet/indirector'
+
+# Manage private and public keys as a pair.
+class Puppet::SSL::Key < Puppet::SSL::Base
+    wraps OpenSSL::PKey::RSA
+
+    extend Puppet::Indirector
+    indirects :key, :terminus_class => :file
+
+    attr_accessor :password_file
+
+    # Knows how to create keys with our system defaults.
+    def generate
+        Puppet.info "Creating a new SSL key for %s" % name
+        @content = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
+    end
+
+    def initialize(name)
+        super
+
+        if ca?
+            @password_file = Puppet[:capass]
+        else
+            @password_file = Puppet[:passfile]
+        end
+    end
+
+    def password
+        return nil unless password_file and FileTest.exist?(password_file)
+
+        ::File.read(password_file)
+    end
+
+    # Optionally support specifying a password file.
+    def read(path)
+        return super unless password_file
+
+        #@content = wrapped_class.new(::File.read(path), password)
+        @content = wrapped_class.new(::File.read(path), password)
+    end
+
+    def to_s
+        if pass = password
+            @content.export(OpenSSL::Cipher::DES.new(:EDE3, :CBC), pass)
+        else
+            return super
+        end
+    end
+end