The nova.crypto
Module¶
Wrappers around standard crypto data elements.
Includes root and intermediate CAs, SSH key_pairs and x509 certificates.
-
ca_folder
(project_id=None)¶
-
ca_path
(project_id=None)¶
-
crl_path
(project_id=None)¶
-
decrypt_text
(project_id, text)¶
-
ensure_ca_filesystem
()¶ Ensure the CA filesystem exists.
-
fetch_ca
(project_id=None)¶
-
fetch_crl
(project_id)¶ Get crl file for project.
-
generate_fingerprint
(public_key)¶
-
generate_key
(bits)¶ Generate a paramiko RSAKey
-
generate_key_pair
(bits=2048)¶
-
generate_vpn_files
(project_id)¶
-
generate_winrm_x509_cert
(user_id, bits=2048)¶ Generate a cert for passwordless auth for user in project.
-
generate_x509_cert
(user_id, project_id, bits=2048)¶ Generate and sign a cert for user in project.
-
generate_x509_fingerprint
(pem_key)¶
-
key_path
(project_id=None)¶
-
revoke_cert
(project_id, file_name)¶ Revoke a cert by file name.
-
revoke_certs_by_project
(project_id)¶ Revoke all project certs.
-
revoke_certs_by_user
(user_id)¶ Revoke all user certs.
-
revoke_certs_by_user_and_project
(user_id, project_id)¶ Revoke certs for user in project.
-
sign_csr
(csr_text, project_id=None)¶
-
ssh_encrypt_text
(ssh_public_key, text)¶ Encrypt text with an ssh public key.
If text is a Unicode string, encode it to UTF-8.