GetKeyDetailsFromCLI gets the key pair algorithm, curve, and size inputs from the CLI context.
(ctx *cli.Context, insecure bool, ktyKey, curveKey, sizeKey string)
| 18 | // GetKeyDetailsFromCLI gets the key pair algorithm, curve, and size inputs |
| 19 | // from the CLI context. |
| 20 | func GetKeyDetailsFromCLI(ctx *cli.Context, insecure bool, ktyKey, curveKey, sizeKey string) (string, string, int, error) { |
| 21 | var ( |
| 22 | crv = ctx.String("curve") |
| 23 | size = ctx.Int("size") |
| 24 | kty = ctx.String("kty") |
| 25 | ) |
| 26 | |
| 27 | if ctx.IsSet(ktyKey) { |
| 28 | switch kty { |
| 29 | case "RSA": |
| 30 | if !ctx.IsSet(sizeKey) { |
| 31 | size = DefaultRSASize |
| 32 | } |
| 33 | if ctx.IsSet(curveKey) { |
| 34 | return kty, crv, size, errs.IncompatibleFlagValue(ctx, curveKey, ktyKey, kty) |
| 35 | } |
| 36 | minimalSize := keyutil.MinRSAKeyBytes * 8 |
| 37 | if size < minimalSize && !insecure { |
| 38 | return kty, crv, size, errs.MinSizeInsecureFlag(ctx, sizeKey, strconv.Itoa(minimalSize)) |
| 39 | } |
| 40 | if size <= 0 { |
| 41 | return kty, crv, size, errs.MinSizeFlag(ctx, sizeKey, "0") |
| 42 | } |
| 43 | case "EC": |
| 44 | if ctx.IsSet("size") { |
| 45 | return kty, crv, size, errs.IncompatibleFlagValue(ctx, sizeKey, ktyKey, kty) |
| 46 | } |
| 47 | if !ctx.IsSet("curve") { |
| 48 | crv = DefaultECCurve |
| 49 | } |
| 50 | switch crv { |
| 51 | case "P-256", "P-384", "P-521": // ok |
| 52 | default: |
| 53 | return kty, crv, size, errs.IncompatibleFlagValueWithFlagValue(ctx, ktyKey, kty, |
| 54 | curveKey, crv, "P-256, P-384, P-521") |
| 55 | } |
| 56 | case "OKP": |
| 57 | if ctx.IsSet("size") { |
| 58 | return kty, crv, size, errs.IncompatibleFlagValue(ctx, sizeKey, ktyKey, kty) |
| 59 | } |
| 60 | switch crv { |
| 61 | case "Ed25519": // ok |
| 62 | case "": // ok: OKP defaults to Ed25519 |
| 63 | crv = "Ed25519" |
| 64 | default: |
| 65 | return kty, crv, size, errs.IncompatibleFlagValueWithFlagValue(ctx, ktyKey, kty, |
| 66 | curveKey, crv, "Ed25519") |
| 67 | } |
| 68 | default: |
| 69 | return kty, crv, size, errs.InvalidFlagValue(ctx, ktyKey, kty, "RSA, EC, OKP") |
| 70 | } |
| 71 | } else { |
| 72 | if ctx.IsSet(curveKey) { |
| 73 | return kty, crv, size, errs.RequiredWithFlag(ctx, curveKey, ktyKey) |
| 74 | } |
| 75 | if ctx.IsSet("size") { |
| 76 | return kty, crv, size, errs.RequiredWithFlag(ctx, sizeKey, ktyKey) |
| 77 | } |
no test coverage detected
searching dependent graphs…