def cli_generate_key(ctx, key_file, passphrase):
"""Generate Public and Private Keys."""
if os.path.isfile(key_file):
raise click.UsageError("%s already exists." % key_file)
key_file_pub = "%s.pub" % key_file
if os.path.isfile(key_file_pub):
raise click.UsageError("%s already exists." % key_file_pub)
if len(passphrase) < 8:
raise click.UsageError("Passphrase too short")
key_file_dir = os.path.dirname(key_file)
if key_file_dir and not os.path.isdir(key_file_dir):
os.mkdir(key_file_dir, 0o700)
if not key_file_dir:
# take currently dir if none was specified
key_file_dir = "."
if not os.access(key_file_dir, os.W_OK):
raise click.UsageError("Directory '%s' not read and writeable" % key_file_dir)
output_file_dir_stat = os.stat(key_file_dir).st_mode
if output_file_dir_stat & stat.S_IRWXG:
raise click.UsageError("Directory '%s' has group permissions and is insecure" % key_file_dir)
if output_file_dir_stat & stat.S_IRWXO:
raise click.UsageError("Directory '%s' has other permissions and is insecure" % key_file_dir)
p = nacl.signing.SigningKey.generate()
save_public_keyfile(key_file_pub, p.verify_key)
save_private_keyfile(key_file, p, passphrase)
评论列表
文章目录
