forked from TrueCloudLab/certificates
Close key manager.
This commit is contained in:
parent
3fdab93ab8
commit
1d2146166b
1 changed files with 15 additions and 8 deletions
|
@ -137,6 +137,10 @@ func main() {
|
||||||
fatal(err)
|
fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
defer func() {
|
||||||
|
_ = k.Close()
|
||||||
|
}()
|
||||||
|
|
||||||
// Check if the slots are empty, fail if they are not
|
// Check if the slots are empty, fail if they are not
|
||||||
certUris := []string{
|
certUris := []string{
|
||||||
c.RootObject, c.CrtObject,
|
c.RootObject, c.CrtObject,
|
||||||
|
@ -168,17 +172,17 @@ func main() {
|
||||||
// Some HSMs like Nitrokey will overwrite the key with the
|
// Some HSMs like Nitrokey will overwrite the key with the
|
||||||
// certificate label.
|
// certificate label.
|
||||||
if err := deleter.DeleteKey(u); err != nil {
|
if err := deleter.DeleteKey(u); err != nil {
|
||||||
fatal(err)
|
fatalClose(err, k)
|
||||||
}
|
}
|
||||||
if err := deleter.DeleteCertificate(u); err != nil {
|
if err := deleter.DeleteCertificate(u); err != nil {
|
||||||
fatal(err)
|
fatalClose(err, k)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
for _, u := range keyUris {
|
for _, u := range keyUris {
|
||||||
if u != "" {
|
if u != "" {
|
||||||
if err := deleter.DeleteKey(u); err != nil {
|
if err := deleter.DeleteKey(u); err != nil {
|
||||||
fatal(err)
|
fatalClose(err, k)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -186,12 +190,8 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := createPKI(k, c); err != nil {
|
if err := createPKI(k, c); err != nil {
|
||||||
fatal(err)
|
fatalClose(err, k)
|
||||||
}
|
}
|
||||||
|
|
||||||
defer func() {
|
|
||||||
_ = k.Close()
|
|
||||||
}()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func fatal(err error) {
|
func fatal(err error) {
|
||||||
|
@ -203,6 +203,11 @@ func fatal(err error) {
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func fatalClose(err error, k kms.KeyManager) {
|
||||||
|
_ = k.Close()
|
||||||
|
fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
func usage() {
|
func usage() {
|
||||||
fmt.Fprintln(os.Stderr, "Usage: step-pkcs11-init")
|
fmt.Fprintln(os.Stderr, "Usage: step-pkcs11-init")
|
||||||
fmt.Fprintln(os.Stderr, `
|
fmt.Fprintln(os.Stderr, `
|
||||||
|
@ -228,6 +233,7 @@ func checkCertificate(k kms.KeyManager, rawuri string) {
|
||||||
}); err == nil {
|
}); err == nil {
|
||||||
fmt.Fprintf(os.Stderr, "⚠️ Your PKCS #11 module already has a certificate on %s.\n", rawuri)
|
fmt.Fprintf(os.Stderr, "⚠️ Your PKCS #11 module already has a certificate on %s.\n", rawuri)
|
||||||
fmt.Fprintln(os.Stderr, " If you want to delete it and start fresh, use `--force`.")
|
fmt.Fprintln(os.Stderr, " If you want to delete it and start fresh, use `--force`.")
|
||||||
|
_ = k.Close()
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -239,6 +245,7 @@ func checkObject(k kms.KeyManager, rawuri string) {
|
||||||
}); err == nil {
|
}); err == nil {
|
||||||
fmt.Fprintf(os.Stderr, "⚠️ Your PKCS #11 module already has a key on %s.\n", rawuri)
|
fmt.Fprintf(os.Stderr, "⚠️ Your PKCS #11 module already has a key on %s.\n", rawuri)
|
||||||
fmt.Fprintln(os.Stderr, " If you want to delete it and start fresh, use `--force`.")
|
fmt.Fprintln(os.Stderr, " If you want to delete it and start fresh, use `--force`.")
|
||||||
|
_ = k.Close()
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue