Skip to content

Commit

Permalink
Merge pull request #461 from smallstep/mariano/softkms-signingkey
Browse files Browse the repository at this point in the history
Add SigningKey to softkms CreateKey response
  • Loading branch information
maraino authored Mar 20, 2024
2 parents 6daa7b9 + 3e12e44 commit 8e55bd9
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 10 deletions.
6 changes: 4 additions & 2 deletions kms/softkms/softkms.go
Original file line number Diff line number Diff line change
Expand Up @@ -122,12 +122,14 @@ func (k *SoftKMS) CreateKey(req *apiv1.CreateKeyRequest) (*apiv1.CreateKeyRespon
return nil, errors.Errorf("softKMS createKey result is not a crypto.Signer: type %T", priv)
}

name := filename(req.Name)
return &apiv1.CreateKeyResponse{
Name: filename(req.Name),
Name: name,
PublicKey: pub,
PrivateKey: priv,
CreateSignerRequest: apiv1.CreateSignerRequest{
Signer: signer,
Signer: signer,
SigningKey: name,
},
}, nil
}
Expand Down
16 changes: 8 additions & 8 deletions kms/softkms/softkms_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -182,28 +182,28 @@ func TestSoftKMS_CreateKey(t *testing.T) {
}{
{"p256", args{&apiv1.CreateKeyRequest{Name: "p256", SignatureAlgorithm: apiv1.ECDSAWithSHA256}}, func() (interface{}, interface{}, error) {
return p256.Public(), p256, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "p256", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256}}, params{"EC", "P-256", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "p256", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256, SigningKey: "p256"}}, params{"EC", "P-256", 0}, false},
{"rsa", args{&apiv1.CreateKeyRequest{Name: "rsa3072", SignatureAlgorithm: apiv1.SHA256WithRSA}}, func() (interface{}, interface{}, error) {
return rsa2048.Public(), rsa2048, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "rsa3072", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048}}, params{"RSA", "", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "rsa3072", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048, SigningKey: "rsa3072"}}, params{"RSA", "", 0}, false},
{"rsa2048", args{&apiv1.CreateKeyRequest{Name: "rsa2048", SignatureAlgorithm: apiv1.SHA256WithRSA, Bits: 2048}}, func() (interface{}, interface{}, error) {
return rsa2048.Public(), rsa2048, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "rsa2048", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048}}, params{"RSA", "", 2048}, false},
}, &apiv1.CreateKeyResponse{Name: "rsa2048", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048, SigningKey: "rsa2048"}}, params{"RSA", "", 2048}, false},
{"rsaPSS2048", args{&apiv1.CreateKeyRequest{Name: "rsa2048", SignatureAlgorithm: apiv1.SHA256WithRSAPSS, Bits: 2048}}, func() (interface{}, interface{}, error) {
return rsa2048.Public(), rsa2048, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "rsa2048", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048}}, params{"RSA", "", 2048}, false},
}, &apiv1.CreateKeyResponse{Name: "rsa2048", PublicKey: rsa2048.Public(), PrivateKey: rsa2048, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: rsa2048, SigningKey: "rsa2048"}}, params{"RSA", "", 2048}, false},
{"ed25519", args{&apiv1.CreateKeyRequest{Name: "ed25519", SignatureAlgorithm: apiv1.PureEd25519}}, func() (interface{}, interface{}, error) {
return edpub, edpriv, nil
}, &apiv1.CreateKeyResponse{Name: "ed25519", PublicKey: edpub, PrivateKey: edpriv, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: edpriv}}, params{"OKP", "Ed25519", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "ed25519", PublicKey: edpub, PrivateKey: edpriv, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: edpriv, SigningKey: "ed25519"}}, params{"OKP", "Ed25519", 0}, false},
{"default", args{&apiv1.CreateKeyRequest{Name: "default"}}, func() (interface{}, interface{}, error) {
return p256.Public(), p256, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256}}, params{"EC", "P-256", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256, SigningKey: "default"}}, params{"EC", "P-256", 0}, false},
{"uri", args{&apiv1.CreateKeyRequest{Name: "softkms:default"}}, func() (interface{}, interface{}, error) {
return p256.Public(), p256, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256}}, params{"EC", "P-256", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256, SigningKey: "default"}}, params{"EC", "P-256", 0}, false},
{"path uri", args{&apiv1.CreateKeyRequest{Name: "softkms:path=default"}}, func() (interface{}, interface{}, error) {
return p256.Public(), p256, nil //nolint:gocritic // ignore eval order warning
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256}}, params{"EC", "P-256", 0}, false},
}, &apiv1.CreateKeyResponse{Name: "default", PublicKey: p256.Public(), PrivateKey: p256, CreateSignerRequest: apiv1.CreateSignerRequest{Signer: p256, SigningKey: "default"}}, params{"EC", "P-256", 0}, false},
{"fail algorithm", args{&apiv1.CreateKeyRequest{Name: "fail", SignatureAlgorithm: apiv1.SignatureAlgorithm(100)}}, func() (interface{}, interface{}, error) {
return p256.Public(), p256, nil //nolint:gocritic // ignore eval order warning
}, nil, params{}, true},
Expand Down

0 comments on commit 8e55bd9

Please sign in to comment.