(ctx *cli.Context)
| 388 | } |
| 389 | |
| 390 | func createAction(ctx *cli.Context) (err error) { |
| 391 | // require public and private files |
| 392 | if err := errs.NumberOfArguments(ctx, 2); err != nil { |
| 393 | return err |
| 394 | } |
| 395 | |
| 396 | // Use password to protect private JWK by default |
| 397 | usePassword := true |
| 398 | passwordFile := ctx.String("password-file") |
| 399 | if ctx.Bool("no-password") { |
| 400 | if passwordFile != "" { |
| 401 | return errs.IncompatibleFlag(ctx, "no-password", "password-file") |
| 402 | } |
| 403 | if ctx.Bool("insecure") { |
| 404 | usePassword = false |
| 405 | } else { |
| 406 | return errs.RequiredInsecureFlag(ctx, "no-password") |
| 407 | } |
| 408 | } |
| 409 | |
| 410 | pubFile := ctx.Args().Get(0) |
| 411 | privFile := ctx.Args().Get(1) |
| 412 | if pubFile == privFile { |
| 413 | return errs.EqualArguments(ctx, "public-jwk-file", "private-jwk-file") |
| 414 | } |
| 415 | |
| 416 | // Read password if necessary |
| 417 | var password string |
| 418 | if passwordFile != "" { |
| 419 | password, err = utils.ReadStringPasswordFromFile(passwordFile) |
| 420 | if err != nil { |
| 421 | return err |
| 422 | } |
| 423 | } |
| 424 | |
| 425 | kty := ctx.String("kty") |
| 426 | crv := ctx.String("crv") |
| 427 | alg := ctx.String("alg") |
| 428 | use := ctx.String("use") |
| 429 | kid := ctx.String("kid") |
| 430 | size := ctx.Int("size") |
| 431 | pemFile := ctx.String("from-pem") |
| 432 | |
| 433 | switch kty { |
| 434 | case "EC": |
| 435 | if ctx.IsSet("size") { |
| 436 | return errs.IncompatibleFlag(ctx, "size", "--kty EC") |
| 437 | } |
| 438 | case "RSA": |
| 439 | if ctx.IsSet("crv") { |
| 440 | return errs.IncompatibleFlag(ctx, "crv", "--kty RSA") |
| 441 | } |
| 442 | // If size is not set it will use a safe default |
| 443 | if ctx.IsSet("size") { |
| 444 | minimalSize := keyutil.MinRSAKeyBytes * 8 |
| 445 | if size < minimalSize && !ctx.Bool("insecure") { |
| 446 | return errs.MinSizeInsecureFlag(ctx, "size", strconv.Itoa(minimalSize)) |
| 447 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…