From 0380f7f91c831af18e37414afcdf30935b4b4ee9 Mon Sep 17 00:00:00 2001 From: Gibheer Date: Tue, 10 Jan 2023 17:38:46 +0100 Subject: fix ed25519 key function The private key for ed25519 never returned crypto.PrivateKey. This caused the generation of certificates to not work and may also have resulted in other issues. --- certificate_test.go | 42 ++++++++++++++++++++++++++---------------- ed25519.go | 4 ++-- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/certificate_test.go b/certificate_test.go index 9951d7a..14b1279 100644 --- a/certificate_test.go +++ b/certificate_test.go @@ -16,29 +16,39 @@ var ( ) func TestCertificateCreation(t *testing.T) { - pk, err := NewPrivateKeyEcdsa(elliptic.P224()) + ed25519Key, err := NewPrivateKeyEd25519() if err != nil { - t.Errorf("cert: creating private key failed: %s", err) + t.Errorf("cert: creating private key ed25519 failed: %s", err) } - - csr, err := TestCertificateData.ToCertificateRequest(pk) + ecdsaKey, err := NewPrivateKeyEcdsa(elliptic.P224()) if err != nil { - t.Errorf("cert: creating csr failed: %s", err) - } - - cert_opts := CertificateOptions{ - // KeyUsage: x509.KeyUsageEncipherOnly | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign, - SerialNumber: big.NewInt(1), - CALength: -1, + t.Errorf("cert: creating private key ecdsa failed: %s", err) } - - cert, err := csr.ToCertificate(pk, cert_opts, nil) + rsaKey, err := NewPrivateKeyRsa(1024) if err != nil { - t.Errorf("cert: creating cert failed: %s", err) + t.Errorf("cert: creating private key rsa failed: %s", err) } - if !fieldsAreSame(TestCertificateData, cert) { - t.Errorf("cert: Fields are not the same") + for _, pk := range []PrivateKey{rsaKey, ecdsaKey, ed25519Key} { + csr, err := TestCertificateData.ToCertificateRequest(pk) + if err != nil { + t.Errorf("cert: creating csr failed: %s", err) + } + + cert_opts := CertificateOptions{ + // KeyUsage: x509.KeyUsageEncipherOnly | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign, + SerialNumber: big.NewInt(1), + CALength: -1, + } + + cert, err := csr.ToCertificate(pk, cert_opts, nil) + if err != nil { + t.Errorf("cert: creating cert failed: %s", err) + } + + if !fieldsAreSame(TestCertificateData, cert) { + t.Errorf("cert: Fields are not the same") + } } } diff --git a/ed25519.go b/ed25519.go index 0104beb..c616e70 100644 --- a/ed25519.go +++ b/ed25519.go @@ -45,9 +45,9 @@ func LoadPrivateKeyEd25519(raw []byte) (*Ed25519PrivateKey, error) { return &Ed25519PrivateKey{pr_loaded}, nil } -// TODO implement the raw API for the private key +// PrivateKey returns the private key. func (pr *Ed25519PrivateKey) PrivateKey() crypto.PrivateKey { - return nil + return pr.private_key } // Return the public key for this private key. -- cgit v1.2.3-70-g09d2