aboutsummaryrefslogtreecommitdiff
path: root/crypto.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-16 21:36:41 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-16 21:36:41 +0100
commit44203fdb737dab1c7e4aa9320e108e2426e509fd (patch)
tree72941921702ae4328695215c64783bbc6fdc0acd /crypto.go
parenta881f863e9808821189c4e84ed119798cb3b5cd8 (diff)
Add more key types
Diffstat (limited to 'crypto.go')
-rw-r--r--crypto.go22
1 files changed, 18 insertions, 4 deletions
diff --git a/crypto.go b/crypto.go
index ec3053f..f6aad30 100644
--- a/crypto.go
+++ b/crypto.go
@@ -21,7 +21,10 @@ const (
pemCRT = `CERTIFICATE`
)
-var errKeyType = errors.New("unknown key type")
+var (
+ ErrKeyType = errors.New("unknown key type")
+ ErrKeySize = errors.New("insufficient key size")
+)
func SaveKey(w io.Writer, key crypto.PrivateKey) error {
var block *pem.Block
@@ -51,7 +54,7 @@ func LoadKey(r io.Reader) (crypto.PrivateKey, error) {
case pemEC:
return x509.ParseECPrivateKey(block.Bytes)
default:
- return nil, errKeyType
+ return nil, ErrKeyType
}
}
@@ -73,10 +76,21 @@ func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
}
func NewKey(size int) (crypto.PrivateKey, error) {
- if size == 0 {
+ switch size {
+ case 224:
+ return ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
+ case 256:
+ return ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+ case 384:
return ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
+ case 521:
+ return ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
+ default:
+ if size < 1024 {
+ return nil, ErrKeySize
+ }
+ return rsa.GenerateKey(rand.Reader, size)
}
- return rsa.GenerateKey(rand.Reader, size)
}
func NewCSR(key crypto.PrivateKey, altnames []string) (string, error) {