gimmecert Changeset - 268eb0f9eee2

Changeset - 268eb0f9eee2

Parent rev.

Child rev.

[Not reviewed]

0 1 0

Branko Majic (branko) - 4 years ago 2020-07-13 13:41:57
branko@majic.rs

GC-37: Deduplicate text for key specification format.

1 file changed with 14 insertions and 14 deletions:

gimmecert/cli.py

0 comments (0 inline, 0 general)

gimmecert/cli.py

➞

Show inline comments

@@ @@ -76,12 +76,22 @@ Examples: @@
     # Show information about CA hierarchy and issued certificates.
     gimmecert status
 """
 class ArgumentHelp:
     """
     Convenience class for storing help strings for common arguments.
     """
     key_specification_format = '''Specification/parameters to use for private key generation. \
                                   For RSA keys, use format rsa:BIT_LENGTH. For ECDSA keys, use format ecdsa:CURVE_NAME. \
                                   Supported curves: secp192r1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1.'''
 def key_specification(specification):
     """
     Verifies and parses the passed-in key specification. This is a
     small utility function for use with the Python argument parser.
     :param specification: Key specification. Currently supported formats are: "rsa:KEY_SIZE" and "ecdsa:CURVE_NAME".
@@ @@ -123,16 +133,13 @@ def key_specification(specification): @@
 @subcommand_parser
 def setup_init_subcommand_parser(parser, subparsers):
     subparser = subparsers.add_parser('init', description='Initialise CA hierarchy.')
     subparser.add_argument('--ca-base-name', '-b', help="Base name to use for CA naming. Default is to use the working directory base name.")
     subparser.add_argument('--ca-hierarchy-depth', '-d', type=int, help="Depth of CA hierarchy to generate. Default is 1", default=1)
     subparser.add_argument('--key-specification', '-k', type=key_specification,
                            help='''Default specification/parameters to use for private key generation. \
                            For RSA keys, use format rsa:BIT_LENGTH. For ECDSA keys, use format ecdsa:CURVE_NAME. \
                            Supported curves: secp192r1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1. \
                            Default is rsa:2048.''', default="rsa:2048")
                            help=ArgumentHelp.key_specification_format + " Default is rsa:2048.", default="rsa:2048")
     def init_wrapper(args):
         project_directory = os.getcwd()
         if args.ca_base_name is None:
             args.ca_base_name = os.path.basename(project_directory)
@@ @@ -160,16 +167,13 @@ def setup_server_subcommand_parser(parser, subparsers): @@
     subparser = subparsers.add_parser('server', description='Issues server certificate.')
     subparser.add_argument('entity_name', help='Name of the server entity.')
     subparser.add_argument('dns_name', nargs='*', help='Additional DNS names to include in subject alternative name.')
     subparser.add_argument('--csr', '-c', type=str, default=None, help='''Do not generate server private key locally, and use the passed-in \
     certificate signing request (CSR) instead. Use dash (-) to read from standard input. Only the public key is taken from the CSR.''')
     subparser.add_argument('--key-specification', '-k', type=key_specification,
                            help='''Specification/parameters to use for private key generation. \
                            For RSA keys, use format rsa:BIT_LENGTH. For ECDSA keys, use format ecdsa:CURVE_NAME. \
                            Supported curves: secp192r1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1. \
                            Default is rsa:2048. Default is to use same algorithm/parameters as used by CA hierarchy.''', default=None)
                            help=ArgumentHelp.key_specification_format + " Default is to use same algorithm/parameters as used by CA hierarchy.", default=None)
     def server_wrapper(args):
         project_directory = os.getcwd()
         return server(sys.stdout, sys.stderr, project_directory, args.entity_name, args.dns_name, args.csr, args.key_specification)
@@ @@ -182,16 +186,13 @@ def setup_server_subcommand_parser(parser, subparsers): @@
 def setup_client_subcommand_parser(parser, subparsers):
     subparser = subparsers.add_parser('client', description='Issue client certificate.')
     subparser.add_argument('entity_name', help='Name of the client entity.')
     subparser.add_argument('--csr', '-c', type=str, default=None, help='''Do not generate client private key locally, and use the passed-in \
     certificate signing request (CSR) instead. Use dash (-) to read from standard input. Only the public key is taken from the CSR.''')
     subparser.add_argument('--key-specification', '-k', type=key_specification,
                            help='''Specification/parameters to use for private key generation. \
                            For RSA keys, use format rsa:BIT_LENGTH. For ECDSA keys, use format ecdsa:CURVE_NAME. \
                            Supported curves: secp192r1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1. \
                            Default is rsa:2048. Default is to use same algorithm/parameters as used by CA hierarchy.''', default=None)
                            help=ArgumentHelp.key_specification_format + " Default is to use same algorithm/parameters as used by CA hierarchy.", default=None)
     def client_wrapper(args):
         project_directory = os.getcwd()
         return client(sys.stdout, sys.stderr, project_directory, args.entity_name, args.csr, args.key_specification)
@@ @@ -228,14 +229,13 @@ def setup_renew_subcommand_parser(parser, subparsers): @@
     Default is to keep the existing key. Mutually exclusive with the --csr option.''')
     new_private_key_or_csr_group.add_argument('--csr', '-c', type=str, default=None, help='''Do not use local private key and public key information from \
     existing certificate, and use the passed-in certificate signing request (CSR) instead. Use dash (-) to read from standard input. \
     If private key exists, it will be removed. Mutually exclusive with the --new-private-key option. Only the public key is taken from the CSR.''')
     subparser.add_argument('--key-specification', '-k', type=key_specification,
                            help='''Specification/parameters to use for private key generation. \
     For RSA keys, use format rsa:BIT_LENGTH. Default is to use same specification as used for current certificate.''', default=None)
                            help=ArgumentHelp.key_specification_format + " Default is to use same specification as used for current certificate.", default=None)
     def renew_wrapper(args):
         # This is a workaround for having the key specification option
         # be dependant on new private key option, since argparse
         # cannot provide such verification on its own.
         if args.key_specification and not args.new_private_key:

0 comments (0 inline, 0 general)