createNodePair creates a node certificate and key pair. The key file is created only if it doesn't already exist or we force it. The key path can differ from the certsDir which case the path must already exist and be writable. Returns nil on success, or an error otherwise.
(opt *options)
| 164 | // which case the path must already exist and be writable. |
| 165 | // Returns nil on success, or an error otherwise. |
| 166 | func createNodePair(opt *options) error { |
| 167 | if len(opt.nodes) == 0 { |
| 168 | return nil |
| 169 | } |
| 170 | |
| 171 | cc := certConfig{ |
| 172 | until: opt.days, |
| 173 | keySize: opt.keySize, |
| 174 | force: opt.force, |
| 175 | hosts: opt.nodes, |
| 176 | curve: opt.curve, |
| 177 | } |
| 178 | |
| 179 | var err error |
| 180 | cc.parent, err = readCert(opt.caCert) |
| 181 | if err != nil { |
| 182 | return err |
| 183 | } |
| 184 | { |
| 185 | priv, err := readKey(opt.caKey) |
| 186 | if err != nil { |
| 187 | return err |
| 188 | } |
| 189 | cc.signer = priv.(crypto.Signer) |
| 190 | } |
| 191 | |
| 192 | certFile := filepath.Join(opt.dir, defaultNodeCert) |
| 193 | keyFile := filepath.Join(opt.dir, defaultNodeKey) |
| 194 | err = cc.generatePair(keyFile, certFile) |
| 195 | if err != nil || !opt.verify { |
| 196 | return err |
| 197 | } |
| 198 | |
| 199 | return cc.verifyCert(certFile) |
| 200 | } |
| 201 | |
| 202 | // createClientPair creates a client certificate and key pair. The key file is created only |
| 203 | // if it doesn't already exist or we force it. The key path can differ from the certsDir |
no test coverage detected