We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Description
This is necessary to specify a non-default hash algorithm - See https://github.com/golang/go/blob/master/src/crypto/x509/x509.go#L1412 for more information. Otherwise, only SHA-256 will be used for RSA.
We need a table from signer-hash to SignatureAlgorithm, https://github.com/golang/go/blob/master/src/crypto/x509/x509.go#L215-L233. There might be something else we can reuse from x509.go or maybe smallstep/crypto.
FYI @codysoyland @malancas
The text was updated successfully, but these errors were encountered:
Something like:
func ToSignatureAlgorithm(signer crypto.Signer, hash crypto.Hash) (x509.SignatureAlgorithm, error) { pub := signer.Public() switch pub := pub.(type) { // only supports pkcs1.5, not PSS case *rsa.PublicKey: if hash == crypto.SHA256 { return x509.SHA256WithRSA, nil } // etc case *ecdsa.PublicKey: case ed25519.PublicKey: return x509.PureEd25519, nil default: return x509.UnknownSignatureAlgorithm, errors.New("unknown signer") } }
Sorry, something went wrong.
No branches or pull requests
Description
This is necessary to specify a non-default hash algorithm - See https://github.com/golang/go/blob/master/src/crypto/x509/x509.go#L1412 for more information. Otherwise, only SHA-256 will be used for RSA.
We need a table from signer-hash to SignatureAlgorithm, https://github.com/golang/go/blob/master/src/crypto/x509/x509.go#L215-L233. There might be something else we can reuse from x509.go or maybe smallstep/crypto.
FYI @codysoyland @malancas
The text was updated successfully, but these errors were encountered: