(ctx *cli.Context)
| 91 | } |
| 92 | |
| 93 | func p12Action(ctx *cli.Context) error { |
| 94 | if err := errs.MinMaxNumberOfArguments(ctx, 1, 3); err != nil { |
| 95 | return err |
| 96 | } |
| 97 | |
| 98 | p12File := ctx.Args().Get(0) |
| 99 | crtFile := ctx.Args().Get(1) |
| 100 | keyFile := ctx.Args().Get(2) |
| 101 | caFiles := ctx.StringSlice("ca") |
| 102 | hasKeyAndCert := crtFile != "" && keyFile != "" |
| 103 | |
| 104 | encoder := pkcs12.Modern |
| 105 | if ctx.Bool("legacy") { |
| 106 | encoder = pkcs12.LegacyRC2 |
| 107 | } |
| 108 | |
| 109 | // If either key or cert are provided, both must be provided |
| 110 | if !hasKeyAndCert && (crtFile != "" || keyFile != "") { |
| 111 | return errs.MissingArguments(ctx, "key_file") |
| 112 | } |
| 113 | |
| 114 | // If no key and cert are provided, ca files must be provided |
| 115 | if !hasKeyAndCert && len(caFiles) == 0 { |
| 116 | return errors.Errorf("flag '--%s' must be provided when no <crt_path> and <key_path> are present", "ca") |
| 117 | } |
| 118 | |
| 119 | // Validate flags |
| 120 | switch { |
| 121 | case ctx.String("password-file") != "" && ctx.Bool("no-password"): |
| 122 | return errs.IncompatibleFlagWithFlag(ctx, "no-password", "password-file") |
| 123 | case ctx.Bool("no-password") && !ctx.Bool("insecure"): |
| 124 | return errs.RequiredInsecureFlag(ctx, "no-password") |
| 125 | } |
| 126 | |
| 127 | x509CAs := []*x509.Certificate{} |
| 128 | for _, caFile := range caFiles { |
| 129 | x509Bundle, err := pemutil.ReadCertificateBundle(caFile) |
| 130 | if err != nil { |
| 131 | return errors.Wrap(err, "error reading CA certificate") |
| 132 | } |
| 133 | x509CAs = append(x509CAs, x509Bundle...) |
| 134 | } |
| 135 | |
| 136 | var err error |
| 137 | var password string |
| 138 | if !ctx.Bool("no-password") { |
| 139 | if passwordFile := ctx.String("password-file"); passwordFile != "" { |
| 140 | password, err = utils.ReadStringPasswordFromFile(passwordFile) |
| 141 | if err != nil { |
| 142 | return err |
| 143 | } |
| 144 | } |
| 145 | |
| 146 | if password == "" { |
| 147 | pass, err := ui.PromptPassword("Please enter a password to encrypt the .p12 file") |
| 148 | if err != nil { |
| 149 | return errors.Wrap(err, "error reading password") |
| 150 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…