diff options
| author | Rob Austein <sra@hactrn.net> | 2012-08-10 16:51:43 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2012-08-10 16:51:43 +0000 |
| commit | f13d1e5e8e273258c07e30a0693d1021fb7ee568 (patch) | |
| tree | 67e990a7f0be81f88b4ab42db9ce3c1b7af73eeb | |
| parent | ec1ea025ad1aa75ea565414dc946878b0d3c56e4 (diff) | |
Add debug-only hack to let us reuse RSA keys from previous test runs.
Totally insecure. DO NOT USE THIS IN PRODUCTION. We may want to
remove this before merging this branch back to trunk, but I've tried
to make it difficult to hurt oneself with this by accident, and it
makes a big difference in CPU time spent generating keys on large test
runs.
svn path=/branches/tk274/; revision=4628
| -rw-r--r-- | rpkid/rpki/config.py | 6 | ||||
| -rw-r--r-- | rpkid/rpki/x509.py | 29 |
2 files changed, 34 insertions, 1 deletions
diff --git a/rpkid/rpki/config.py b/rpkid/rpki/config.py index c954ad5f..421df487 100644 --- a/rpkid/rpki/config.py +++ b/rpkid/rpki/config.py @@ -285,3 +285,9 @@ class parser(object): rpki.daemonize.pid_filename = self.get("pid_filename") except ConfigParser.NoOptionError: pass + + try: + rpki.x509.generate_insecure_debug_only_rsa_key = rpki.x509.insecure_debug_only_rsa_key_generator(self.get("insecure-debug-only-rsa-key-db")) + except ConfigParser.NoOptionError: + pass + diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 4de729ac..95b47f7f 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -933,6 +933,30 @@ class PKCS10(DER_object): req.sign(keypair.get_POW(), rpki.POW.SHA256_DIGEST) return cls(POWpkix = req) +## @var generate_insecure_debug_only_rsa_key +# Debugging hack to let us save throwaway RSA keys from one debug +# session to the next. DO NOT USE THIS IN PRODUCTION. + +generate_insecure_debug_only_rsa_key = None + +class insecure_debug_only_rsa_key_generator(object): + + def __init__(self, filename): + import gdbm + self.keyno = 0 + self.filename = filename + self.db = gdbm.open(filename, "c") + + def __call__(self): + k = str(self.keyno) + try: + v = rpki.POW.derRead(rpki.POW.RSA_PRIVATE_KEY, self.db[k]) + except KeyError: + v = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, 2048) + self.db[k] = v.derWrite(rpki.POW.RSA_PRIVATE_KEY) + self.keyno += 1 + return v + class RSA(DER_object): """ Class to hold an RSA key pair. @@ -969,7 +993,10 @@ class RSA(DER_object): """ if not quiet: rpki.log.debug("Generating new %d-bit RSA key" % keylength) - return cls(POW = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, keylength)) + if generate_insecure_debug_only_rsa_key is not None: + return cls(POW = generate_insecure_debug_only_rsa_key()) + else: + return cls(POW = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, keylength)) def get_public_DER(self): """ |