MCPcopy
hub / github.com/smallstep/cli / rekeyAction

Function rekeyAction

command/ssh/rekey.go:80–198  ·  view source on GitHub ↗
(ctx *cli.Context)

Source from the content-addressed store, hash-verified

78}
79
80func rekeyAction(ctx *cli.Context) error {
81 if err := errs.NumberOfArguments(ctx, 2); err != nil {
82 return err
83 }
84
85 args := ctx.Args()
86 certFile := args.Get(0)
87 keyFile := args.Get(1)
88
89 // SSH uses fixed suffixes for public keys and certificates
90 var newPubFile, newCertFile, newKeyFile string
91 if out := ctx.String("out"); out != "" {
92 newPubFile = out + ".pub"
93 newCertFile = out + "-cert.pub"
94 newKeyFile = out
95 } else {
96 newPubFile = keyFile + ".pub"
97 newCertFile = certFile
98 newKeyFile = keyFile
99 }
100
101 // Extra flags
102 passwordFile := ctx.String("password-file")
103 noPassword := ctx.Bool("no-password")
104 insecure := ctx.Bool("insecure")
105
106 flow, err := cautils.NewCertificateFlow(ctx)
107 if err != nil {
108 return err
109 }
110
111 // Load the cert, because we need the serial number.
112 certBytes, err := os.ReadFile(certFile)
113 if err != nil {
114 return errors.Wrapf(err, "error reading ssh certificate from %s", certFile)
115 }
116 sshpub, _, _, _, err := ssh.ParseAuthorizedKey(certBytes)
117 if err != nil {
118 return errors.Wrapf(err, "error parsing ssh public key from %s", certFile)
119 }
120 cert, ok := sshpub.(*ssh.Certificate)
121 if !ok {
122 return errors.New("error casting ssh public key to ssh certificate")
123 }
124 serial := strconv.FormatUint(cert.Serial, 10)
125
126 ctx.Set("sshpop-cert", certFile)
127 ctx.Set("sshpop-key", keyFile)
128 token, err := flow.GenerateSSHToken(ctx, serial, cautils.SSHRekeyType, nil, provisioner.TimeDuration{}, provisioner.TimeDuration{})
129 if err != nil {
130 return err
131 }
132
133 caClient, err := flow.GetClient(ctx, token)
134 if err != nil {
135 return err
136 }
137

Callers

nothing calls this directly

Calls 7

GenerateSSHTokenMethod · 0.95
GetClientMethod · 0.95
NewCertificateFlowFunction · 0.92
marshalPublicKeyFunction · 0.85
SetMethod · 0.80
StringMethod · 0.65
SSHRekeyMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…