File: cli.go

package info (click to toggle)
golang-github-smallstep-cli 0.15.16%2Bds-4
  • links: PTS, VCS
  • area: main
  • in suites: sid, trixie
  • size: 4,404 kB
  • sloc: sh: 512; makefile: 99
file content (79 lines) | stat: -rw-r--r-- 2,181 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
package utils

import (
	"github.com/smallstep/cli/errs"
	"github.com/urfave/cli"
)

// DefaultRSASize sets the default key size for RSA to 2048 bits.
const DefaultRSASize = 2048

// DefaultECCurve sets the default curve for EC to P-256.
const DefaultECCurve = "P-256"

// GetKeyDetailsFromCLI gets the key pair algorithm, curve, and size inputs
// from the CLI context.
func GetKeyDetailsFromCLI(ctx *cli.Context, insecure bool, ktyKey, curveKey, sizeKey string) (string, string, int, error) {
	var (
		crv  = ctx.String("curve")
		size = ctx.Int("size")
		kty  = ctx.String("kty")
	)

	if ctx.IsSet(ktyKey) {
		switch kty {
		case "RSA":
			if !ctx.IsSet(sizeKey) {
				size = DefaultRSASize
			}
			if ctx.IsSet(curveKey) {
				return kty, crv, size, errs.IncompatibleFlagValue(ctx, curveKey, ktyKey, kty)
			}
			if size < 2048 && !insecure {
				return kty, crv, size, errs.MinSizeInsecureFlag(ctx, sizeKey, "2048")
			}
			if size <= 0 {
				return kty, crv, size, errs.MinSizeFlag(ctx, sizeKey, "0")
			}
		case "EC":
			if ctx.IsSet("size") {
				return kty, crv, size, errs.IncompatibleFlagValue(ctx, sizeKey, ktyKey, kty)
			}
			if !ctx.IsSet("curve") {
				crv = DefaultECCurve
			}
			switch crv {
			case "P-256", "P-384", "P-521": //ok
			default:
				return kty, crv, size, errs.IncompatibleFlagValueWithFlagValue(ctx, ktyKey, kty,
					curveKey, crv, "P-256, P-384, P-521")
			}
		case "OKP":
			if ctx.IsSet("size") {
				return kty, crv, size, errs.IncompatibleFlagValue(ctx, sizeKey, ktyKey, kty)
			}
			switch crv {
			case "Ed25519": //ok
			case "": // ok: OKP defaults to Ed25519
				crv = "Ed25519"
			default:
				return kty, crv, size, errs.IncompatibleFlagValueWithFlagValue(ctx, ktyKey, kty,
					curveKey, crv, "Ed25519")
			}
		default:
			return kty, crv, size, errs.InvalidFlagValue(ctx, ktyKey, kty, "RSA, EC, OKP")
		}
	} else {
		if ctx.IsSet(curveKey) {
			return kty, crv, size, errs.RequiredWithFlag(ctx, curveKey, ktyKey)
		}
		if ctx.IsSet("size") {
			return kty, crv, size, errs.RequiredWithFlag(ctx, sizeKey, ktyKey)
		}
		// Set default key type | curve | size.
		kty = "EC"
		crv = "P-256"
		size = 0
	}
	return kty, crv, size, nil
}