tsig-keygen.py 990 B

1234567891011121314151617181920212223242526272829303132333435363738394041
  1. #!/usr/bin/env python
  2. """
  3. Pure Python TSIG key generator, with multiple output formats.
  4. """
  5. import os, base64, argparse
  6. bind9_template = '''
  7. key "{name}" {{
  8. algorithm = {algorithm};
  9. secret = "{secret}";
  10. }};
  11. '''
  12. nsd_template = '''
  13. key:
  14. name: "{name}"
  15. algorithm: {algorithm}
  16. secret: "{secret}"
  17. '''
  18. ap = argparse.ArgumentParser(description = __doc__)
  19. ap.add_argument("-f", "--format", choices = ("bind9", "nsd"))
  20. ap.add_argument("dnsname")
  21. ap.add_argument("output", type = argparse.FileType("w"), nargs = "?", default = "-")
  22. args = ap.parse_args()
  23. # For the moment this only supports hmac-sha256
  24. params = dict(
  25. name = args.dnsname,
  26. algorithm = "hmac-sha256",
  27. secret = base64.b64encode(os.urandom(256 // 8)).decode("ascii"),
  28. )
  29. if args.format is None or args.format == "bind9":
  30. args.output.write(bind9_template.format(**params))
  31. if args.format is None or args.format == "nsd":
  32. args.output.write(nsd_template.format(**params))