Skip to content

Commit

Permalink
Add support for ED25519 CA cert key
Browse files Browse the repository at this point in the history
  • Loading branch information
@ErikPelli @elazarl
ErikPelli authored and elazarl committed Dec 9, 2024
1 parent 6741dbf commit 47dbfa5
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
7 changes: 6 additions & 1 deletion counterecryptor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"crypto/aes"
"crypto/cipher"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
Expand All @@ -26,8 +27,12 @@ func NewCounterEncryptorRandFromKey(key interface{}, seed []byte) (r CounterEncr
if keyBytes, err = x509.MarshalECPrivateKey(key); err != nil {
return
}
case ed25519.PrivateKey:
if keyBytes, err = x509.MarshalPKCS8PrivateKey(key); err != nil {
return
}
default:
err = errors.New("only RSA and ECDSA keys supported")
err = errors.New("only RSA, ED25519 and ECDSA keys supported")
return
}
h := sha256.New()
Expand Down
5 changes: 5 additions & 0 deletions signer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package goproxy
import (
"crypto"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/rsa"
"crypto/sha1"
Expand Down Expand Up @@ -88,6 +89,10 @@ func signHost(ca tls.Certificate, hosts []string) (cert *tls.Certificate, err er
if certpriv, err = ecdsa.GenerateKey(elliptic.P256(), &csprng); err != nil {
return
}
case ed25519.PrivateKey:
if _, certpriv, err = ed25519.GenerateKey(&csprng); err != nil {
return
}
default:
err = fmt.Errorf("unsupported key type %T", ca.PrivateKey)
}
Expand Down

0 comments on commit 47dbfa5

Please sign in to comment.