diff --git a/ca.go b/ca.go index c7fe240..9095cdb 100644 --- a/ca.go +++ b/ca.go @@ -271,7 +271,7 @@ func parseValidity(validity string) (time.Duration, error) { } } -func SavePEM(filename string, data []byte, secure bool, overwrite bool) error { +func SavePEM(filename string, data []byte, secure bool) error { if !overwrite { if _, err := os.Stat(filename); err == nil { return fmt.Errorf("file %s already exists (overwrite not allowed)", filename) @@ -321,7 +321,7 @@ func (c *_CAConfig) Validate() error { return nil } -func InitCA(overwrite bool) error { +func InitCA() error { var err error @@ -409,11 +409,11 @@ func InitCA(overwrite bool) error { certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER}) keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)}) - if err := SavePEM(filepath.Join(CAConfig.Paths.Certificates, "ca_cert.pem"), certPEM, false, overwrite); err != nil { + if err := SavePEM(filepath.Join(CAConfig.Paths.Certificates, "ca_cert.pem"), certPEM, false); err != nil { fmt.Println("Error saving CA certificate:", err) return err } - if err := SavePEM(filepath.Join(CAConfig.Paths.PrivateKeys, "ca_key.pem"), keyPEM, true, overwrite); err != nil { + if err := SavePEM(filepath.Join(CAConfig.Paths.PrivateKeys, "ca_key.pem"), keyPEM, true); err != nil { fmt.Println("Error saving CA key:", err) return err } @@ -433,7 +433,7 @@ func InitCA(overwrite bool) error { } // Helper: issue a single certificate and key, save to files, return error if any -func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool) error { +func issueSingleCertificate(def CertificateDefinition) error { // Validate Name isValidName, err := regexp.MatchString(`^[A-Za-z0-9_-]+$`, def.Name) @@ -536,10 +536,10 @@ func issueSingleCertificate(def CertificateDefinition, overwrite, verbose bool) } certFile := filepath.Join(CAConfig.Paths.Certificates, basename+".crt.pem") keyFile := filepath.Join(CAConfig.Paths.PrivateKeys, basename+".key.pem") - if err := SavePEM(certFile, certPEM, false, overwrite); err != nil { + if err := SavePEM(certFile, certPEM, false); err != nil { return fmt.Errorf("error saving certificate: %v", err) } - if err := SavePEM(keyFile, keyPEM, true, overwrite); err != nil { + if err := SavePEM(keyFile, keyPEM, true); err != nil { return fmt.Errorf("error saving key: %v", err) } if verbose { @@ -622,7 +622,7 @@ func ProvisionCertificates(filePath string, overwrite bool, dryRun bool, verbose continue } - err = issueSingleCertificate(certDefs.Certificates[i], overwrite, verbose) + err = issueSingleCertificate(certDefs.Certificates[i]) if err != nil { fmt.Printf("error: %v\n", err) errors++ @@ -664,7 +664,7 @@ func IssueCertificate(certDef CertificateDefinition, overwrite bool, dryRun bool return nil } - err = issueSingleCertificate(certDef, overwrite, verbose) + err = issueSingleCertificate(certDef) if err != nil { return err diff --git a/main.go b/main.go index 465dd9b..090fc37 100644 --- a/main.go +++ b/main.go @@ -9,22 +9,31 @@ import ( var Version = "dev" +// Global flags available to all commands +var overwrite bool +var dryRun bool +var verbose bool + func main() { - var overwrite bool + // issue command flags + var name string var subject string var certType string var validity string var san []string - var name string - var dryRun bool - var verbose bool + + // provision command flags + var provisionFile string + + // crl command flags var crlFile string var crlValidityDays int + + // revoke command flags var revokeName string var revokeSerial string var revokeReasonStr string - var provisionFile string var rootCmd = &cobra.Command{ Use: "lab-ca", @@ -46,7 +55,7 @@ func main() { Use: "initca", Short: "Generate a new CA certificate and key", Run: func(cmd *cobra.Command, args []string) { - InitCA(overwrite) + InitCA() }, } rootCmd.AddCommand(initCmd)