From c07b174d42a1de307ab198bcb6baf10606759269 Mon Sep 17 00:00:00 2001 From: Gibheer Date: Thu, 19 Apr 2018 08:47:23 +0200 Subject: add more error checking Based on #13, we need more error checking when opening files. The CA and CSR files are now checked and return proper error messages in case something goes wrong. --- create_cert.go | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'create_cert.go') diff --git a/create_cert.go b/create_cert.go index d47732a..7f992db 100644 --- a/create_cert.go +++ b/create_cert.go @@ -87,14 +87,6 @@ func CreateCert(args []string) error { return fmt.Errorf("missing certificate sign request") } - out, err := openOutput(flagOutput) - if err != nil { - return err - } - // FIXME check all other out.Close for stdout exception - if flagOutput != "stdout" { - defer out.Close() - } pk, err := loadPrivateKey(flagPrivate) if err != nil { return err @@ -149,26 +141,36 @@ func CreateCert(args []string) error { if err != nil { return err } + + out, err := openOutput(flagOutput) + if err != nil { + return err + } + // FIXME check all other out.Close for stdout exception + if flagOutput != "stdout" { + defer out.Close() + } + return writePem(cert, out) } func parseCSR(path string) (*pki.CertificateRequest, error) { pems_raw, err := openInput(path) if err != nil { - return nil, err + return nil, fmt.Errorf("could not open file '%s': %s", path, err) } defer pems_raw.Close() pems, err := parseFile(pems_raw) if err != nil { - return nil, err + return nil, fmt.Errorf("could not parse file '%s': %s", path, err) } csr_raw, err := getSectionFromPem(pems, pki.PemLabelCertificateRequest) if err != nil { - return nil, err + return nil, fmt.Errorf("could not find sign request in '%s': %s", path, err) } csr, err := pki.LoadCertificateSignRequest(csr_raw) if err != nil { - return nil, err + return nil, fmt.Errorf("could not load sign request from '%s': %s", path, err) } return csr, nil } @@ -176,20 +178,20 @@ func parseCSR(path string) (*pki.CertificateRequest, error) { func parseCA(path string) (*pki.Certificate, error) { pems_raw, err := openInput(path) if err != nil { - return nil, err + return nil, fmt.Errorf("could not open file '%s': %s", path, err) } defer pems_raw.Close() pems, err := parseFile(pems_raw) if err != nil { - return nil, err + return nil, fmt.Errorf("could not parse file '%s': %s", path, err) } ca_raw, err := getSectionFromPem(pems, pki.PemLabelCertificate) if err != nil { - return nil, err + return nil, fmt.Errorf("could not find CA in '%s': %s", path, err) } ca, err := pki.LoadCertificate(ca_raw) if err != nil { - return nil, err + return nil, fmt.Errorf("could not load certificate from '%s': %s", path, err) } return ca, nil } -- cgit v1.2.3-70-g09d2