Support for new crypto/ecdh?

[DeanPDX]

I'm trying to update my API that uses acmez to use crypto/ecdh instead of crypto/elliptic. See this issue for more information about the rationale for deprecating crypto/elliptic. And this comment:

// Direct use of this package is deprecated, beyond the P224(), P256(), P384(),
// and P521() values necessary to use the crypto/ecdsa package. Most other uses
// should migrate to the more efficient and safer crypto/ecdh package.

The problem is: it doesn't implement signer so I can't use it for my PrivateKey in my acme.Account struct:

accountPrivateKey, err := ecdh.P256().GenerateKey(rand.Reader)
if err != nil {
	return resp, fmt.Errorf("generating account key: %v", err)
}
// Doesn't work because accountPrivateKey doesn't implement Signer
account := acme.Account{
	Contact:              []string{req.AccountContactEmailUrl},
	TermsOfServiceAgreed: true,
	PrivateKey:           accountPrivateKey,
}

Do you have any suggestions for this? Should I type alias it and implement Signer or something along those lines?

[mholt]

ECDH doesn't provide authentication, so it can't sign content. The account private key has to sign content so it can protect payloads on your behalf.

Our examples show how to use ECDSA for this purpose, however. Hopefully that will help!