1234567891011121314151617181920212223242526272829303132333435363738394041 |
- #!/usr/bin/env python
- """
- Pure Python TSIG key generator, with multiple output formats.
- """
- import os, base64, argparse
- bind9_template = '''
- key "{name}" {{
- algorithm = {algorithm};
- secret = "{secret}";
- }};
- '''
- nsd_template = '''
- key:
- name: "{name}"
- algorithm: {algorithm}
- secret: "{secret}"
- '''
- ap = argparse.ArgumentParser(description = __doc__)
- ap.add_argument("-f", "--format", choices = ("bind9", "nsd"))
- ap.add_argument("dnsname")
- ap.add_argument("output", type = argparse.FileType("w"), nargs = "?", default = "-")
- args = ap.parse_args()
- # For the moment this only supports hmac-sha256
- params = dict(
- name = args.dnsname,
- algorithm = "hmac-sha256",
- secret = base64.b64encode(os.urandom(256 // 8)).decode("ascii"),
- )
- if args.format is None or args.format == "bind9":
- args.output.write(bind9_template.format(**params))
- if args.format is None or args.format == "nsd":
- args.output.write(nsd_template.format(**params))
|