mirror of https://github.com/jetkvm/kvm.git
feat(websecure): add support for ed25519 certificates (#513)
This commit is contained in:
Aveline
GitHub
parent
2ec061b3a8
commit
a28676cd94
|
|
@ -0,0 +1,55 @@
|
||||||
|
package websecure
|
||||||
|
|
||||||
|
import (
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
fixtureEd25519Certificate = `-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBQDCB86ADAgECAhQdB4qB6dV0/u1lwhJofQgkmjjV1zAFBgMrZXAwLzELMAkG
|
||||||
|
A1UEBhMCREUxIDAeBgNVBAMMF2VkMjU1MTktdGVzdC5qZXRrdm0uY29tMB4XDTI1
|
||||||
|
MDUyMzEyNTkyN1oXDTI3MDQyMzEyNTkyN1owLzELMAkGA1UEBhMCREUxIDAeBgNV
|
||||||
|
BAMMF2VkMjU1MTktdGVzdC5qZXRrdm0uY29tMCowBQYDK2VwAyEA9tLyoulJn7Ev
|
||||||
|
bf8kuD1ZGdA092773pCRjFEDKpXHonyjITAfMB0GA1UdDgQWBBRkmrVMfsLY57iy
|
||||||
|
r/0POP0S4QxCADAFBgMrZXADQQBfTRvqavLHDYQiKQTgbGod+Yn+fIq2lE584+1U
|
||||||
|
C4wh9peIJDFocLBEAYTQpEMKxa4s0AIRxD+a7aCS5oz0e/0I
|
||||||
|
-----END CERTIFICATE-----`
|
||||||
|
|
||||||
|
fixtureEd25519PrivateKey = `-----BEGIN PRIVATE KEY-----
|
||||||
|
MC4CAQAwBQYDK2VwBCIEIKV08xUsLRHBfMXqZwxVRzIbViOp8G7aQGjPvoRFjujB
|
||||||
|
-----END PRIVATE KEY-----`
|
||||||
|
|
||||||
|
certStore *CertStore
|
||||||
|
certSigner *SelfSigner
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestMain(m *testing.M) {
|
||||||
|
tlsStorePath, err := os.MkdirTemp("", "jktls.*")
|
||||||
|
if err != nil {
|
||||||
|
defaultLogger.Fatal().Err(err).Msg("failed to create temp directory")
|
||||||
|
}
|
||||||
|
|
||||||
|
certStore = NewCertStore(tlsStorePath, nil)
|
||||||
|
certStore.LoadCertificates()
|
||||||
|
|
||||||
|
certSigner = NewSelfSigner(
|
||||||
|
certStore,
|
||||||
|
nil,
|
||||||
|
"ci.jetkvm.com",
|
||||||
|
"JetKVM",
|
||||||
|
"JetKVM",
|
||||||
|
"JetKVM",
|
||||||
|
)
|
||||||
|
|
||||||
|
m.Run()
|
||||||
|
|
||||||
|
os.RemoveAll(tlsStorePath)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestSaveEd25519Certificate(t *testing.T) {
|
||||||
|
err, _ := certStore.ValidateAndSaveCertificate("ed25519-test.jetkvm.com", fixtureEd25519Certificate, fixtureEd25519PrivateKey, true)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("failed to save certificate: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -2,6 +2,7 @@ package websecure
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
|
"crypto/ed25519"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
|
|
@ -37,11 +38,15 @@ func keyToFile(cert *tls.Certificate, filename string) error {
|
||||||
if e != nil {
|
if e != nil {
|
||||||
return fmt.Errorf("failed to marshal EC private key: %v", e)
|
return fmt.Errorf("failed to marshal EC private key: %v", e)
|
||||||
}
|
}
|
||||||
|
|
||||||
keyBlock = pem.Block{
|
keyBlock = pem.Block{
|
||||||
Type: "EC PRIVATE KEY",
|
Type: "EC PRIVATE KEY",
|
||||||
Bytes: b,
|
Bytes: b,
|
||||||
}
|
}
|
||||||
|
case ed25519.PrivateKey:
|
||||||
|
keyBlock = pem.Block{
|
||||||
|
Type: "ED25519 PRIVATE KEY",
|
||||||
|
Bytes: k,
|
||||||
|
}
|
||||||
default:
|
default:
|
||||||
return fmt.Errorf("unknown private key type: %T", k)
|
return fmt.Errorf("unknown private key type: %T", k)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue