diff options
Diffstat (limited to 'vicn/resource/linux/certificate.py')
-rw-r--r-- | vicn/resource/linux/certificate.py | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/vicn/resource/linux/certificate.py b/vicn/resource/linux/certificate.py new file mode 100644 index 00000000..e8750dff --- /dev/null +++ b/vicn/resource/linux/certificate.py @@ -0,0 +1,74 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017 Cisco and/or its affiliates. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +import os.path + +from netmodel.model.type import String +from vicn.core.attribute import Attribute, Multiplicity, Reference +from vicn.core.exception import ResourceNotFound +from vicn.core.resource import Resource +from vicn.core.task import task, inline_task, BashTask +from vicn.resource.linux.file import File +from vicn.resource.node import Node + +DEFAULT_RSA_LENGTH = '4096' +DEFAULT_SUBJECT = '/CN=www.cisco.com/L=Paris/O=Cisco/C=FR' + +CMD_CREATE='\n'.join([ + '# Generate a new certificate', + 'openssl req -x509 -newkey rsa:' + DEFAULT_RSA_LENGTH + + ' -keyout {self.key} -out {self.cert} -subj ' + DEFAULT_SUBJECT + ' -nodes' +]) + +class Certificate(Resource): + """ + Resource: Certificate + + Implements a SSL certificate. + + Todo: + - ideally, this should be implemented as a pair of tightly coupled files. + """ + node = Attribute(Node, + description = 'Node on which the certificate is created', + mandatory = True, + multiplicity = Multiplicity.ManyToOne) + cert = Attribute(String, description = 'Certificate path', + mandatory = True) + key = Attribute(String, description = 'Key path', + mandatory = True) + + @inline_task + def __initialize__(self): + self._cert_file = File(node = Reference(self, 'node'), + filename = Reference(self, 'cert'), + managed = False) + self._key_file = File(node = Reference(self, 'node'), + filename = Reference(self, 'key'), + managed = False) + + def __get__(self): + return self._cert_file.__get__() | self._key_file.__get__() + + def __create__(self): + return BashTask(None, CMD_CREATE, {'self': self}) + + def __delete__(self): + return self._cert_file.__delete__() | self._key_file.__delete__() + + |