diff --git a/authority/authority.go b/authority/authority.go index 1ea0936c..0730fe5e 100644 --- a/authority/authority.go +++ b/authority/authority.go @@ -290,19 +290,3 @@ func (a *Authority) GetDatabase() db.AuthDB { func (a *Authority) Shutdown() error { return a.db.Shutdown() } - -func parseCryptoSigner(filename, password string) (crypto.Signer, error) { - var opts []pemutil.Options - if password != "" { - opts = append(opts, pemutil.WithPassword([]byte(password))) - } - key, err := pemutil.Read(filename, opts...) - if err != nil { - return nil, err - } - signer, ok := key.(crypto.Signer) - if !ok { - return nil, errors.Errorf("key %s of type %T cannot be used for signing operations", filename, key) - } - return signer, nil -} diff --git a/kms/softkms/softkms.go b/kms/softkms/softkms.go index 68d2dc3f..fb38a1c5 100644 --- a/kms/softkms/softkms.go +++ b/kms/softkms/softkms.go @@ -23,17 +23,17 @@ type algorithmAttributes struct { const DefaultRSAKeySize = 3072 var signatureAlgorithmMapping = map[apiv1.SignatureAlgorithm]algorithmAttributes{ - apiv1.UnspecifiedSignAlgorithm: algorithmAttributes{"EC", "P-256"}, - apiv1.SHA256WithRSA: algorithmAttributes{"RSA", ""}, - apiv1.SHA384WithRSA: algorithmAttributes{"RSA", ""}, - apiv1.SHA512WithRSA: algorithmAttributes{"RSA", ""}, - apiv1.SHA256WithRSAPSS: algorithmAttributes{"RSA", ""}, - apiv1.SHA384WithRSAPSS: algorithmAttributes{"RSA", ""}, - apiv1.SHA512WithRSAPSS: algorithmAttributes{"RSA", ""}, - apiv1.ECDSAWithSHA256: algorithmAttributes{"EC", "P-256"}, - apiv1.ECDSAWithSHA384: algorithmAttributes{"EC", "P-384"}, - apiv1.ECDSAWithSHA512: algorithmAttributes{"EC", "P-521"}, - apiv1.PureEd25519: algorithmAttributes{"OKP", "Ed25519"}, + apiv1.UnspecifiedSignAlgorithm: {"EC", "P-256"}, + apiv1.SHA256WithRSA: {"RSA", ""}, + apiv1.SHA384WithRSA: {"RSA", ""}, + apiv1.SHA512WithRSA: {"RSA", ""}, + apiv1.SHA256WithRSAPSS: {"RSA", ""}, + apiv1.SHA384WithRSAPSS: {"RSA", ""}, + apiv1.SHA512WithRSAPSS: {"RSA", ""}, + apiv1.ECDSAWithSHA256: {"EC", "P-256"}, + apiv1.ECDSAWithSHA384: {"EC", "P-384"}, + apiv1.ECDSAWithSHA512: {"EC", "P-521"}, + apiv1.PureEd25519: {"OKP", "Ed25519"}, } // generateKey is used for testing purposes.