diff --git a/debian/control b/debian/control index 56b1e231c8..f5abd8215e 100644 --- a/debian/control +++ b/debian/control @@ -38,6 +38,7 @@ Depends: libcrypt-cracklib-perl, libcrypt-eksblowfish-perl, libcrypt-jwt-perl, + libcrypt-openssl-rsa-perl, libcrypt-rc4-perl, libcrypt-rijndael-perl, libcryptx-perl, diff --git a/tools_bin/ngcp-create-keys b/tools_bin/ngcp-create-keys new file mode 100755 index 0000000000..169caa85f1 --- /dev/null +++ b/tools_bin/ngcp-create-keys @@ -0,0 +1,103 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +use Getopt::Long qw(GetOptions); +use Pod::Usage qw(pod2usage); +use YAML::XS qw(); + +use Crypt::PK::RSA qw(); +use Crypt::OpenSSL::RSA qw(); + +#my $file = '/home/rkrenn/sipwise/git/vagrant-ngcp/config.yml'; +my $file = '/etc/ngcp-config/config.yml'; +my $type; +my $size; +GetOptions( + "type=s" => \$type, + "size=i" => \$size, +) or pod2usage(2); + +$type //= 'rsa'; +my $yaml = YAML::XS::LoadFile($file); +if ('rsa' eq lc($type)) { + $size //= 2048; + die("invalid size $size for RSA keys\n") if ($size < 256 or $size > 8192); + + my $rsa = Crypt::OpenSSL::RSA->generate_key($size); + + my $pk = Crypt::PK::RSA->new(); + $pk->import_key(\$rsa->get_private_key_string()); + $yaml->{www_admin}->{security}->{rsa_private_key} = $pk->export_key_jwk('private', 1); + + $pk->import_key(\$rsa->get_public_key_string()); + $yaml->{www_admin}->{security}->{rsa_public_key} = $pk->export_key_jwk('public', 1); + + print "$size bit RSA keypair saved to $file.\n"; +} elsif ('voucher' eq lc($type)) { + #todo +} else { + die("unsupported key type: $type\n") +} + +YAML::XS::DumpFile($file, $yaml); + +print "Please run ngcpcfg to apply.\n"; + +exit(0); + +__END__ + +=head1 NAME + +ngcp-create-keys - Generate encryption keys for ngcp-panel + +=head1 SYNOPSIS + +B [I] + +=head1 DESCRIPTION + +This program will generate new master key(s) required by ngcp-panel e.g. for encryption/decryption of JSON values. + +=head1 OPTIONS + +=over 4 + +=item B<--type=>I + +Specify what key to generate. Defaults to "rsa" (encryption of JSON fields). + +=item B<--size=>I + +Specify the key size in bits. + +=back + +=head1 EXAMPLES + +ngcp-create-keys --alg="rsa" --size="2048" + +=head1 AUTHOR + +Sipwise Development Team C<< >> + +=head1 LICENSE + +This software is Copyright © 2020 by Sipwise GmbH, Austria. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this package. If not, see . + +=cut diff --git a/tools_bin/ngcp-provisioning-template b/tools_bin/ngcp-provisioning-template old mode 100644 new mode 100755 index 3a4920350e..91fb0e567e --- a/tools_bin/ngcp-provisioning-template +++ b/tools_bin/ngcp-provisioning-template @@ -316,9 +316,9 @@ B IBI =head1 DESCRIPTION -B This program allows to run a 'provisioning template' from database or config.yml. This will produce a -subscriber setup including required billing contact, contract, preferences, etc. from an input form defined by that -template. The form fields can be passed as command line options. +This program allows to run a 'provisioning template' from database or config.yml. This will produce a +subscriber setup including required billing contact, contract, preferences, etc. from an input form defined +by that template. The form fields can be passed as command line options. =head1 OPTIONS