Home Explore Help
Sign In
sra
/
tsig-keygen
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 176b5c9b46
Branches Tags
tsig-keygen
/
tsig-keygen.py

tsig-keygen.py 1.3 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 
  1. #!/usr/bin/env python
    2. 

  2. 

  3. """
    4. 

  4. Pure Python TSIG key generator, with multiple output formats.
    5. 

  5. """
    6. 

  6. 

  7. import os, base64, argparse
    8. 

  8. 

  9. algorithm_bits = dict(("hmac-sha{}".format(bits), bits // 8) for bits in (256, 384, 512))
    10. 

  10. 

  11. bind9_template = '''
    12. 

  12. key {name} {{
    13. 

  13.         algorithm {algorithm};
    14. 

  14.         secret "{secret}";
    15. 

  15. }};
    16. 

  16. '''
    17. 

  17. 

  18. nsd_template = '''
    19. 

  19. key:
    20. 

  20.         name: "{name}"
    21. 

  21.         algorithm: {algorithm}
    22. 

  22.         secret: "{secret}"
    23. 

  23. '''
    24. 

  24. 

  25. ap = argparse.ArgumentParser(description = __doc__)
    26. 

  26. ap.add_argument("-a", "--algorithm",
    27. 

  27.                 choices = tuple(sorted(algorithm_bits)),
    28. 

  28.                 default = sorted(algorithm_bits)[0])
    29. 

  29. ap.add_argument("-f", "--format",
    30. 

  30.                 choices = ("bind9", "nsd"))
    31. 

  31. ap.add_argument("-n", "--name",
    32. 

  32.                 default = "tsig.example.org")
    33. 

  33. ap.add_argument("-o", "--output",
    34. 

  34.                 default = "-", type = argparse.FileType("w"))
    35. 

  35. ap.add_argument("-s", "--servers", nargs = "+")
    36. 

  36. ap.add_argument("-z", "--zones",   nargs = "+")
    37. 

  37. args = ap.parse_args()
    38. 

  38. 

  39. params = dict(
    40. 

  40.     name = args.name,
    41. 

  41.     algorithm = args.algorithm,
    42. 

  42.     secret = base64.b64encode(os.urandom(algorithm_bits[args.algorithm])).decode("ascii"),
    43. 

  43. )
    44. 

  44. 

  45. if args.format is None or args.format == "bind9":
    46. 

  46.     args.output.write(bind9_template.format(**params))
    47. 

  47. 

  48. if args.format is None or args.format == "nsd":
    49. 

  49.     args.output.write(nsd_template.format(**params))
    50.