MCPcopy
hub / github.com/smallstep/cli / p12Action

Function p12Action

command/certificate/p12.go:93–198  ·  view source on GitHub ↗
(ctx *cli.Context)

Source from the content-addressed store, hash-verified

91}
92
93func p12Action(ctx *cli.Context) error {
94 if err := errs.MinMaxNumberOfArguments(ctx, 1, 3); err != nil {
95 return err
96 }
97
98 p12File := ctx.Args().Get(0)
99 crtFile := ctx.Args().Get(1)
100 keyFile := ctx.Args().Get(2)
101 caFiles := ctx.StringSlice("ca")
102 hasKeyAndCert := crtFile != "" && keyFile != ""
103
104 encoder := pkcs12.Modern
105 if ctx.Bool("legacy") {
106 encoder = pkcs12.LegacyRC2
107 }
108
109 // If either key or cert are provided, both must be provided
110 if !hasKeyAndCert && (crtFile != "" || keyFile != "") {
111 return errs.MissingArguments(ctx, "key_file")
112 }
113
114 // If no key and cert are provided, ca files must be provided
115 if !hasKeyAndCert && len(caFiles) == 0 {
116 return errors.Errorf("flag '--%s' must be provided when no <crt_path> and <key_path> are present", "ca")
117 }
118
119 // Validate flags
120 switch {
121 case ctx.String("password-file") != "" && ctx.Bool("no-password"):
122 return errs.IncompatibleFlagWithFlag(ctx, "no-password", "password-file")
123 case ctx.Bool("no-password") && !ctx.Bool("insecure"):
124 return errs.RequiredInsecureFlag(ctx, "no-password")
125 }
126
127 x509CAs := []*x509.Certificate{}
128 for _, caFile := range caFiles {
129 x509Bundle, err := pemutil.ReadCertificateBundle(caFile)
130 if err != nil {
131 return errors.Wrap(err, "error reading CA certificate")
132 }
133 x509CAs = append(x509CAs, x509Bundle...)
134 }
135
136 var err error
137 var password string
138 if !ctx.Bool("no-password") {
139 if passwordFile := ctx.String("password-file"); passwordFile != "" {
140 password, err = utils.ReadStringPasswordFromFile(passwordFile)
141 if err != nil {
142 return err
143 }
144 }
145
146 if password == "" {
147 pass, err := ui.PromptPassword("Please enter a password to encrypt the .p12 file")
148 if err != nil {
149 return errors.Wrap(err, "error reading password")
150 }

Callers

nothing calls this directly

Calls 3

StringMethod · 0.65
ReadMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…