blob: 0ddc9623cdfba24c4e596e6e67b89141af38ae9f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
require 'puppet/ssl/base'
require 'puppet/indirector'
# Manage private and public keys as a pair.
class Puppet::SSL::Key < Puppet::SSL::Base
wraps OpenSSL::PKey::RSA
extend Puppet::Indirector
indirects :key, :terminus_class => :file
# Because of how the format handler class is included, this
# can't be in the base class.
def self.supported_formats
[:s]
end
attr_accessor :password_file
# Knows how to create keys with our system defaults.
def generate
Puppet.info "Creating a new SSL key for #{name}"
@content = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
end
def initialize(name)
super
if ca?
@password_file = Puppet[:capass]
else
@password_file = Puppet[:passfile]
end
end
def password
return nil unless password_file and FileTest.exist?(password_file)
::File.read(password_file)
end
# Optionally support specifying a password file.
def read(path)
return super unless password_file
#@content = wrapped_class.new(::File.read(path), password)
@content = wrapped_class.new(::File.read(path), password)
end
def to_s
if pass = password
@content.export(OpenSSL::Cipher::DES.new(:EDE3, :CBC), pass)
else
return super
end
end
end
|
