Skip to content

Commit

Permalink
feat: support for key/certificate types RSA, Ed25519, ECDSA
Browse files Browse the repository at this point in the history 
This also automatically derives key type and certificate signature
algorithm when possible. Option to select signature algorithm and key
type should only be passed usually when generating new CA or key.

Key/cert types:

* default - Ed25519
* `x509.RSA(true)` - RSA
* `x509.ECDSA(true)` - ECDSA

Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
  • Loading branch information
@smira @talos-bot
smira authored and talos-bot committed Feb 2, 2021
1 parent cf75519 commit 39584f1
Show file tree
Hide file tree
Showing 3 changed files with 406 additions and 99 deletions.
13 changes: 13 additions & 0 deletions x509/constants.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,16 @@ import "time"

// DefaultCertificateValidityDuration is a default certificate lifetime.
const DefaultCertificateValidityDuration = 24 * time.Hour

// PEM Block Header Types.
const (
PEMTypeRSAPrivate = "RSA PRIVATE KEY"
PEMTypeRSAPublic = "PUBLIC KEY"
PEMTypeECPrivate = "EC PRIVATE KEY"
PEMTypeECPublic = "EC PUBLIC KEY"
PEMTypeEd25519Private = "ED25519 PRIVATE KEY"
PEMTypeEd25519Public = "ED25519 PUBLIC KEY"

PEMTypeCertificate = "CERTIFICATE"
PEMTypeCertificateRequest = "CERTIFICATE REQUEST"
)
Loading

0 comments on commit 39584f1

Please sign in to comment.