forked from TrueCloudLab/certificates
Merge pull request #566 from smallstep/ed25519-improvements
Ed25519 improvements
This commit is contained in:
Mariano Cano
GitHub
commit
1788d09b44
3 changed files with 17 additions and 1 deletions
|
|
@ -5,6 +5,7 @@ import (
|
|||
"crypto"
|
||||
"crypto/dsa" //nolint
|
||||
"crypto/ecdsa"
|
||||
"crypto/ed25519"
|
||||
"crypto/rsa"
|
||||
"crypto/x509"
|
||||
"encoding/asn1"
|
||||
|
|
@ -437,7 +438,6 @@ func parseCursor(r *http.Request) (cursor string, limit int, err error) {
|
|||
return
|
||||
}
|
||||
|
||||
// TODO: add support for Ed25519 once it's supported
|
||||
func fmtPublicKey(cert *x509.Certificate) string {
|
||||
var params string
|
||||
switch pk := cert.PublicKey.(type) {
|
||||
|
|
@ -445,6 +445,8 @@ func fmtPublicKey(cert *x509.Certificate) string {
|
|||
params = pk.Curve.Params().Name
|
||||
case *rsa.PublicKey:
|
||||
params = strconv.Itoa(pk.Size() * 8)
|
||||
case ed25519.PublicKey:
|
||||
return cert.PublicKeyAlgorithm.String()
|
||||
case *dsa.PublicKey:
|
||||
params = strconv.Itoa(pk.Q.BitLen() * 8)
|
||||
default:
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import (
|
|||
"crypto"
|
||||
"crypto/dsa" //nolint
|
||||
"crypto/ecdsa"
|
||||
"crypto/ed25519"
|
||||
"crypto/elliptic"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
|
|
@ -1285,6 +1286,10 @@ func Test_fmtPublicKey(t *testing.T) {
|
|||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
edPub, edPriv, err := ed25519.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
var dsa2048 dsa.PrivateKey
|
||||
if err := dsa.GenerateParameters(&dsa2048.Parameters, rand.Reader, dsa.L2048N256); err != nil {
|
||||
t.Fatal(err)
|
||||
|
|
@ -1304,6 +1309,7 @@ func Test_fmtPublicKey(t *testing.T) {
|
|||
}{
|
||||
{"p256", args{p256.Public(), p256, nil}, "ECDSA P-256"},
|
||||
{"rsa1024", args{rsa1024.Public(), rsa1024, nil}, "RSA 1024"},
|
||||
{"ed25519", args{edPub, edPriv, nil}, "Ed25519"},
|
||||
{"dsa2048", args{cert: &x509.Certificate{PublicKeyAlgorithm: x509.DSA, PublicKey: &dsa2048.PublicKey}}, "DSA 2048"},
|
||||
{"unknown", args{cert: &x509.Certificate{PublicKeyAlgorithm: x509.ECDSA, PublicKey: []byte("12345678")}}, "ECDSA unknown"},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"context"
|
||||
"crypto"
|
||||
"crypto/ecdsa"
|
||||
"crypto/ed25519"
|
||||
"crypto/rsa"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
|
|
@ -325,6 +326,13 @@ func getPEM(i interface{}) ([]byte, error) {
|
|||
if err != nil {
|
||||
return nil, errors.Wrap(err, "error marshaling private key")
|
||||
}
|
||||
case ed25519.PrivateKey:
|
||||
var err error
|
||||
block.Type = "PRIVATE KEY"
|
||||
block.Bytes, err = x509.MarshalPKCS8PrivateKey(i)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "error marshaling private key")
|
||||
}
|
||||
default:
|
||||
return nil, errors.Errorf("unsupported key type %T", i)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue