Class: Puppet::SSL::Key

Inherits:

Base

• Object
• Base
• Puppet::SSL::Key

Extended by:

Indirector

Defined in:

lib/puppet/ssl/key.rb

Overview

Manage private and public keys as a pair.

Defined Under Namespace

Classes: Ca, DisabledCa, File, Memory

Constant Summary

Constants included from Indirector

Indirector::BadNameRegexp

Constants inherited from Base

Base::SEPARATOR, Base::VALID_CERTNAME

Instance Attribute Summary

• #password_file ⇒ Object

Attributes inherited from Base

#content, #name

Class Method Summary

• .supported_formats ⇒ Object

  Because of how the format handler class is included, this can’t be in the base class.

Instance Method Summary

• #generate ⇒ Object

  Knows how to create keys with our system defaults.

• #initialize(name) ⇒ Key constructor

  A new instance of Key.

• #password ⇒ Object
• #read(path) ⇒ Object

  Optionally support specifying a password file.

• #to_s ⇒ Object

Methods included from Indirector

configure_routes, indirects

Methods inherited from Base

#ca?, #digest, #digest_algorithm, #fingerprint, from_instance, from_multiple_s, from_s, name_from_subject, #to_data_hash, to_multiple_s, #to_text, validate_certname, wrapped_class, wraps

Constructor Details

#initialize(name) ⇒ Key

Returns a new instance of Key.

# File 'lib/puppet/ssl/key.rb', line 28

def initialize(name)
  super

  if ca?
    @password_file = Puppet[:capass]
  else
    @password_file = Puppet[:passfile]
  end
end

Instance Attribute Details

#password_file ⇒ Object

# File 'lib/puppet/ssl/key.rb', line 20

def password_file
  @password_file
end

Class Method Details

.supported_formats ⇒ Object

Because of how the format handler class is included, this can’t be in the base class.

# File 'lib/puppet/ssl/key.rb', line 16

def self.supported_formats
  [:s]
end

Instance Method Details

#generate ⇒ Object

Knows how to create keys with our system defaults.

# File 'lib/puppet/ssl/key.rb', line 23

def generate
  Puppet.info "Creating a new SSL key for #{name}"
  @content = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
end

#password ⇒ Object

# File 'lib/puppet/ssl/key.rb', line 38

def password
  return nil unless password_file and Puppet::FileSystem.exist?(password_file)

  ::File.read(password_file)
end

#read(path) ⇒ Object

Optionally support specifying a password file.

# File 'lib/puppet/ssl/key.rb', line 45

def read(path)
  return super unless password_file

  #@content = wrapped_class.new(::File.read(path), password)
  @content = wrapped_class.new(::File.read(path), password)
end

#to_s ⇒ Object

# File 'lib/puppet/ssl/key.rb', line 52

def to_s
  if pass = password
    @content.export(OpenSSL::Cipher::DES.new(:EDE3, :CBC), pass)
  else
    return super
  end
end