diff options
Diffstat (limited to 'rpkid/rpki')
| -rw-r--r-- | rpkid/rpki/config.py | 6 | ||||
| -rw-r--r-- | rpkid/rpki/x509.py | 29 |
2 files changed, 34 insertions, 1 deletions
diff --git a/rpkid/rpki/config.py b/rpkid/rpki/config.py index c954ad5f..421df487 100644 --- a/rpkid/rpki/config.py +++ b/rpkid/rpki/config.py @@ -285,3 +285,9 @@ class parser(object): rpki.daemonize.pid_filename = self.get("pid_filename") except ConfigParser.NoOptionError: pass + + try: + rpki.x509.generate_insecure_debug_only_rsa_key = rpki.x509.insecure_debug_only_rsa_key_generator(self.get("insecure-debug-only-rsa-key-db")) + except ConfigParser.NoOptionError: + pass + diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 4de729ac..95b47f7f 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -933,6 +933,30 @@ class PKCS10(DER_object): req.sign(keypair.get_POW(), rpki.POW.SHA256_DIGEST) return cls(POWpkix = req) +## @var generate_insecure_debug_only_rsa_key +# Debugging hack to let us save throwaway RSA keys from one debug +# session to the next. DO NOT USE THIS IN PRODUCTION. + +generate_insecure_debug_only_rsa_key = None + +class insecure_debug_only_rsa_key_generator(object): + + def __init__(self, filename): + import gdbm + self.keyno = 0 + self.filename = filename + self.db = gdbm.open(filename, "c") + + def __call__(self): + k = str(self.keyno) + try: + v = rpki.POW.derRead(rpki.POW.RSA_PRIVATE_KEY, self.db[k]) + except KeyError: + v = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, 2048) + self.db[k] = v.derWrite(rpki.POW.RSA_PRIVATE_KEY) + self.keyno += 1 + return v + class RSA(DER_object): """ Class to hold an RSA key pair. @@ -969,7 +993,10 @@ class RSA(DER_object): """ if not quiet: rpki.log.debug("Generating new %d-bit RSA key" % keylength) - return cls(POW = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, keylength)) + if generate_insecure_debug_only_rsa_key is not None: + return cls(POW = generate_insecure_debug_only_rsa_key()) + else: + return cls(POW = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, keylength)) def get_public_DER(self): """ |