mirror of
https://github.com/gregtwallace/apc-p15-tool.git
synced 2025-01-22 08:14:08 +00:00
create/install: add support for key pem in args
This commit is contained in:
parent
65f0ee7504
commit
27b7288e07
4 changed files with 82 additions and 42 deletions
|
@ -2,7 +2,6 @@ package app
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"errors"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
)
|
)
|
||||||
|
@ -17,20 +16,15 @@ func (app *app) cmdCreate(_ context.Context, args []string) error {
|
||||||
return fmt.Errorf("create: failed, %w (%d)", ErrExtraArgs, len(args))
|
return fmt.Errorf("create: failed, %w (%d)", ErrExtraArgs, len(args))
|
||||||
}
|
}
|
||||||
|
|
||||||
// key must be specified
|
keyPem, certPem, err := app.config.create.keyCertPemCfg.GetPemBytes("create")
|
||||||
if app.config.create.keyPemFilePath == nil || *app.config.create.keyPemFilePath == "" {
|
if err != nil {
|
||||||
return errors.New("create: failed, key not specified")
|
return err
|
||||||
}
|
|
||||||
|
|
||||||
// cert must be specified
|
|
||||||
if app.config.create.certPemFilePath == nil || *app.config.create.certPemFilePath == "" {
|
|
||||||
return errors.New("create: failed, cert not specified")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// validation done
|
// validation done
|
||||||
|
|
||||||
// make p15 file
|
// make p15 file
|
||||||
apcFile, err := app.pemToAPCP15(*app.config.create.keyPemFilePath, *app.config.create.certPemFilePath, "create")
|
apcFile, err := app.pemToAPCP15(keyPem, certPem, "create")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,14 +36,9 @@ func (app *app) cmdInstall(cmdCtx context.Context, args []string) error {
|
||||||
return errors.New("install: failed, fingerprint not specified")
|
return errors.New("install: failed, fingerprint not specified")
|
||||||
}
|
}
|
||||||
|
|
||||||
// key must be specified
|
keyPem, certPem, err := app.config.install.keyCertPemCfg.GetPemBytes("install")
|
||||||
if app.config.install.keyPemFilePath == nil || *app.config.install.keyPemFilePath == "" {
|
if err != nil {
|
||||||
return errors.New("install: failed, key not specified")
|
return err
|
||||||
}
|
|
||||||
|
|
||||||
// cert must be specified
|
|
||||||
if app.config.install.certPemFilePath == nil || *app.config.install.certPemFilePath == "" {
|
|
||||||
return errors.New("install: failed, cert not specified")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// host to install on must be specified
|
// host to install on must be specified
|
||||||
|
@ -54,7 +49,7 @@ func (app *app) cmdInstall(cmdCtx context.Context, args []string) error {
|
||||||
// validation done
|
// validation done
|
||||||
|
|
||||||
// make p15 file
|
// make p15 file
|
||||||
apcFile, err := app.pemToAPCP15(*app.config.install.keyPemFilePath, *app.config.install.certPemFilePath, "install")
|
apcFile, err := app.pemToAPCP15(keyPem, certPem, "install")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,8 @@ package app
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
|
||||||
"github.com/peterbourgon/ff/v4"
|
"github.com/peterbourgon/ff/v4"
|
||||||
)
|
)
|
||||||
|
@ -10,17 +12,24 @@ var (
|
||||||
ErrExtraArgs = errors.New("extra args present")
|
ErrExtraArgs = errors.New("extra args present")
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// keyCertPemCfg contains values common to subcommands that need to use key
|
||||||
|
// and cert pem
|
||||||
|
type keyCertPemCfg struct {
|
||||||
|
keyPemFilePath *string
|
||||||
|
certPemFilePath *string
|
||||||
|
keyPem *string
|
||||||
|
certPem *string
|
||||||
|
}
|
||||||
|
|
||||||
// app's config options from user
|
// app's config options from user
|
||||||
type config struct {
|
type config struct {
|
||||||
logLevel *string
|
logLevel *string
|
||||||
create struct {
|
create struct {
|
||||||
keyPemFilePath *string
|
keyCertPemCfg
|
||||||
certPemFilePath *string
|
|
||||||
outFilePath *string
|
outFilePath *string
|
||||||
}
|
}
|
||||||
install struct {
|
install struct {
|
||||||
keyPemFilePath *string
|
keyCertPemCfg
|
||||||
certPemFilePath *string
|
|
||||||
hostAndPort *string
|
hostAndPort *string
|
||||||
fingerprint *string
|
fingerprint *string
|
||||||
username *string
|
username *string
|
||||||
|
@ -57,6 +66,8 @@ func (app *app) getConfig(args []string) error {
|
||||||
|
|
||||||
cfg.create.keyPemFilePath = createFlags.StringLong("keyfile", "", "path and filename of the rsa-2048 key in pem format")
|
cfg.create.keyPemFilePath = createFlags.StringLong("keyfile", "", "path and filename of the rsa-2048 key in pem format")
|
||||||
cfg.create.certPemFilePath = createFlags.StringLong("certfile", "", "path and filename of the certificate in pem format")
|
cfg.create.certPemFilePath = createFlags.StringLong("certfile", "", "path and filename of the certificate in pem format")
|
||||||
|
cfg.create.keyPem = createFlags.StringLong("keypem", "", "string of the rsa-2048 key in pem format")
|
||||||
|
cfg.create.certPem = createFlags.StringLong("certpem", "", "string of the certificate in pem format")
|
||||||
cfg.create.outFilePath = createFlags.StringLong("outfile", createDefaultOutFilePath, "path and filename to write the p15 file to")
|
cfg.create.outFilePath = createFlags.StringLong("outfile", createDefaultOutFilePath, "path and filename to write the p15 file to")
|
||||||
|
|
||||||
createCmd := &ff.Command{
|
createCmd := &ff.Command{
|
||||||
|
@ -74,6 +85,8 @@ func (app *app) getConfig(args []string) error {
|
||||||
|
|
||||||
cfg.install.keyPemFilePath = installFlags.StringLong("keyfile", "", "path and filename of the rsa-2048 key in pem format")
|
cfg.install.keyPemFilePath = installFlags.StringLong("keyfile", "", "path and filename of the rsa-2048 key in pem format")
|
||||||
cfg.install.certPemFilePath = installFlags.StringLong("certfile", "", "path and filename of the certificate in pem format")
|
cfg.install.certPemFilePath = installFlags.StringLong("certfile", "", "path and filename of the certificate in pem format")
|
||||||
|
cfg.install.keyPem = installFlags.StringLong("keypem", "", "string of the rsa-2048 key in pem format")
|
||||||
|
cfg.install.certPem = installFlags.StringLong("certpem", "", "string of the certificate in pem format")
|
||||||
cfg.install.hostAndPort = installFlags.StringLong("apchost", "", "hostname:port of the apc ups to install the certificate on")
|
cfg.install.hostAndPort = installFlags.StringLong("apchost", "", "hostname:port of the apc ups to install the certificate on")
|
||||||
cfg.install.fingerprint = installFlags.StringLong("fingerprint", "", "the SHA256 fingerprint value of the ups' ssh server")
|
cfg.install.fingerprint = installFlags.StringLong("fingerprint", "", "the SHA256 fingerprint value of the ups' ssh server")
|
||||||
cfg.install.username = installFlags.StringLong("username", "", "username to login to the apc ups")
|
cfg.install.username = installFlags.StringLong("username", "", "username to login to the apc ups")
|
||||||
|
@ -99,3 +112,53 @@ func (app *app) getConfig(args []string) error {
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetPemBytes returns the key and cert pem bytes as specified in keyCertPemCfg
|
||||||
|
// or an error if it cant get the bytes of both
|
||||||
|
func (kcCfg *keyCertPemCfg) GetPemBytes(subcommand string) (keyPem, certPem []byte, err error) {
|
||||||
|
// key pem (from arg or file)
|
||||||
|
if kcCfg.keyPem != nil && *kcCfg.keyPem != "" {
|
||||||
|
// error if filename is also set
|
||||||
|
if kcCfg.keyPemFilePath != nil && *kcCfg.keyPemFilePath != "" {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed, both key pem and key file specified", subcommand)
|
||||||
|
}
|
||||||
|
|
||||||
|
// use pem
|
||||||
|
keyPem = []byte(*kcCfg.keyPem)
|
||||||
|
} else {
|
||||||
|
// pem wasn't specified, try reading file
|
||||||
|
if kcCfg.keyPemFilePath == nil || *kcCfg.keyPemFilePath == "" {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed, neither key pem nor key file specified", subcommand)
|
||||||
|
}
|
||||||
|
|
||||||
|
// read file to get pem
|
||||||
|
keyPem, err = os.ReadFile(*kcCfg.keyPemFilePath)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed to read key file (%w)", subcommand, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// cert pem (repeat same process)
|
||||||
|
if kcCfg.certPem != nil && *kcCfg.certPem != "" {
|
||||||
|
// error if filename is also set
|
||||||
|
if kcCfg.certPemFilePath != nil && *kcCfg.certPemFilePath != "" {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed, both cert pem and cert file specified", subcommand)
|
||||||
|
}
|
||||||
|
|
||||||
|
// use pem
|
||||||
|
certPem = []byte(*kcCfg.certPem)
|
||||||
|
} else {
|
||||||
|
// pem wasn't specified, try reading file
|
||||||
|
if kcCfg.certPemFilePath == nil || *kcCfg.certPemFilePath == "" {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed, neither cert pem nor cert file specified", subcommand)
|
||||||
|
}
|
||||||
|
|
||||||
|
// read file to get pem
|
||||||
|
certPem, err = os.ReadFile(*kcCfg.certPemFilePath)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, fmt.Errorf("%s: failed to read cert file (%w)", subcommand, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return keyPem, certPem, nil
|
||||||
|
}
|
||||||
|
|
|
@ -3,23 +3,11 @@ package app
|
||||||
import (
|
import (
|
||||||
"apc-p15-tool/pkg/pkcs15"
|
"apc-p15-tool/pkg/pkcs15"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// pemToAPCP15 reads the specified pem files and returns the apc p15 bytes
|
// pemToAPCP15 reads the specified pem files and returns the apc p15 bytes
|
||||||
func (app *app) pemToAPCP15(keyFileName, certFileName, parentCmdName string) ([]byte, error) {
|
func (app *app) pemToAPCP15(keyPem, certPem []byte, parentCmdName string) ([]byte, error) {
|
||||||
app.logger.Infof("%s: making apc p15 file from pem files", parentCmdName)
|
app.logger.Infof("%s: making apc p15 file from pem", parentCmdName)
|
||||||
|
|
||||||
// Read in PEM files
|
|
||||||
keyPem, err := os.ReadFile(keyFileName)
|
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("%s: failed to read key file (%w)", parentCmdName, err)
|
|
||||||
}
|
|
||||||
|
|
||||||
certPem, err := os.ReadFile(certFileName)
|
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("%s: failed to read cert file (%w)", parentCmdName, err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// make p15 struct
|
// make p15 struct
|
||||||
p15, err := pkcs15.ParsePEMToPKCS15(keyPem, certPem)
|
p15, err := pkcs15.ParsePEMToPKCS15(keyPem, certPem)
|
||||||
|
|
Loading…
Reference in a new issue