(ctx *cli.Context)
| 122 | } |
| 123 | |
| 124 | func keysetAddAction(ctx *cli.Context) error { |
| 125 | if err := errs.NumberOfArguments(ctx, 1); err != nil { |
| 126 | return err |
| 127 | } |
| 128 | |
| 129 | b, err := io.ReadAll(os.Stdin) |
| 130 | if err != nil { |
| 131 | return errors.Wrap(err, "error reading STDIN") |
| 132 | } |
| 133 | |
| 134 | // Attempt to parse an encrypted file |
| 135 | if b, err = jose.Decrypt(b, jose.WithPasswordPrompter("Please enter the password to decrypt JWK", func(s string) ([]byte, error) { |
| 136 | return ui.PromptPassword(s) |
| 137 | })); err != nil { |
| 138 | return err |
| 139 | } |
| 140 | |
| 141 | // Unmarshal the plain (or decrypted JWK) |
| 142 | var jwk jose.JSONWebKey |
| 143 | if err = json.Unmarshal(b, &jwk); err != nil { |
| 144 | return errors.New("error reading JWK: unsupported format") |
| 145 | } |
| 146 | |
| 147 | jwksFile := ctx.Args().Get(0) |
| 148 | jwks, writeFunc, err := rwLockKeySet(jwksFile) |
| 149 | if err != nil { |
| 150 | return err |
| 151 | } |
| 152 | |
| 153 | // According to RFC7517 there are cases where multiple keys can share the |
| 154 | // same "kid". One example is if they have different "kty" values but are |
| 155 | // considered to be equivalent alternatives by the application using them. |
| 156 | jwks.Keys = append(jwks.Keys, jwk) |
| 157 | return writeFunc(true) |
| 158 | } |
| 159 | |
| 160 | func keysetRemoveAction(ctx *cli.Context) error { |
| 161 | if err := errs.NumberOfArguments(ctx, 1); err != nil { |
nothing calls this directly
no test coverage detected
searching dependent graphs…