This Page

Psst... hey. You're reading the latest content, but it might be out of sync with code. You can read Nova 2011.1 docs or all OpenStack docs too.

The nova.crypto Module

Wrappers around standard crypto data elements.

Includes root and intermediate CAs, SSH key_pairs and x509 certificates.

nova.crypto.ca_folder(project_id=None)
nova.crypto.ca_path(project_id=None)
nova.crypto.compute_md5(fp)
Parameters:
  • fp (file) – File pointer to the file to MD5 hash. The file pointer will be reset to the beginning of the file before the method returns.
Return type:

tuple

Returns:

the hex digest version of the MD5 hash

nova.crypto.fetch_ca(project_id=None, chain=True)
nova.crypto.generate_key_pair(bits=1024)
nova.crypto.generate_vpn_files(project_id)
nova.crypto.generate_x509_cert(user_id, project_id, bits=1024)

Generate and sign a cert for user in project

nova.crypto.key_path(project_id=None)
nova.crypto.mkcacert(subject='nova', years=1)
nova.crypto.mkreq(bits, subject='foo', ca=0)
nova.crypto.revoke_cert(project_id, file_name)

Revoke a cert by file name

nova.crypto.revoke_certs_by_project(project_id)

Revoke all project certs

nova.crypto.revoke_certs_by_user(user_id)

Revoke all user certs

nova.crypto.revoke_certs_by_user_and_project(user_id, project_id)

Revoke certs for user in project

nova.crypto.sign_csr(csr_text, project_id=None)
nova.crypto.ssl_pub_to_ssh_pub(ssl_public_key, name='root', suffix='nova')