feat: add --cert-file

yubikey-ca-java/src/main/java/me/hatter/tools/yubikeyca/YubikeyCaArgs.java

@@ -53,6 +53,9 @@ public class YubikeyCaArgs {
     @Option(names = {"--cert-slot"}, description = "Slot for cert")
     String certSlot;
 
+    @Option(names = {"--cert-file"}, description = "File for cert(PEM)")
+    String certFile;
+
     @Option(names = {"--pin"}, description = "Yubikey PIV PIN")
     String pin;
 

yubikey-ca-java/src/main/java/me/hatter/tools/yubikeyca/YubikeyCaMain.java

@@ -67,15 +67,18 @@ public class YubikeyCaMain {
 
         final PublicKey publicKey;
         PrivateKey privateKey = null;
-        if (StringUtil.isEmpty(args.certSlot)) {
+        if (StringUtil.isNotEmpty(args.certFile)) {
+            final String certPem = RFile.from(args.certFile).string();
+            publicKey = KeyUtil.parsePublicKeyPEM(certPem);
+        } else if (StringUtil.isNotEmpty(args.certSlot)) {
+            final PivMeta certPivMeta = CardCliUtil.getPivPublicKey(args.certSlot);
+            publicKey = certPivMeta.getPublicKey();
+        } else {
             final PKType pkType = getPkTypeFromArgs(args);
             if (pkType == null) return;
             final KeyPair keyPair = KeyPairTool.instance(pkType).generateKeyPair().getKeyPair();
             publicKey = keyPair.getPublic();
             privateKey = keyPair.getPrivate();
-        } else {
-            final PivMeta certPivMeta = CardCliUtil.getPivPublicKey(args.certSlot);
-            publicKey = certPivMeta.getPublicKey();
         }
 
         final String cardCliCmd = CardCliUtil.getCardCliCmd();