reynir/albatross
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

vmm_provision: when private key is on disk, use it!

Browse source
This commit is contained in:
Hannes Mehnert 2018-01-06 14:20:23 +01:00
parent b3d27d5bb5
commit b403d11969
1 changed files with 10 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
provision/vmm_provision.ml
View file

@ -91,13 +91,18 @@ let sign ?dbname ?certname extensions issuer key csr delta =
let priv_key ?(bits = 2048) fn name =
let open Rresult.R.Infix in
match fn with
| None ->
let file = match fn with
| None -> Fpath.(v name + "key")
| Some f -> Fpath.v f
in
Bos.OS.File.exists file >>= function
| false ->
Logs.info (fun m -> m "creating new RSA key %a" Fpath.pp file) ;
let priv = `RSA (Nocrypto.Rsa.generate bits) in
Bos.OS.File.write ~mode:0o400 Fpath.(v name + "key") (Cstruct.to_string (X509.Encoding.Pem.Private_key.to_pem_cstruct1 priv)) >>= fun () ->
Bos.OS.File.write ~mode:0o400 file (Cstruct.to_string (X509.Encoding.Pem.Private_key.to_pem_cstruct1 priv)) >>= fun () ->
Ok priv
| Some fn ->
Bos.OS.File.read (Fpath.v fn) >>= fun s ->
| true ->
Bos.OS.File.read file >>= fun s ->
Ok (X509.Encoding.Pem.Private_key.of_pem_cstruct1 (Cstruct.of_string s))
open Cmdliner