New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/crypto/openpgp: Signature.Sign could be extended to help support key kept in a hardware module. #15841
Labels
Milestone
Comments
Actually proposed a patch here: https://go-review.googlesource.com/23802 |
CL https://golang.org/cl/23802 mentions this issue. |
Looks good to me. I ended up implementing the same thing, then discovered this patch while searching. |
chintanparikh
pushed a commit
to opendoor-labs/openpgp
that referenced
this issue
Dec 11, 2019
This adds support for crypto.Signer-based RSA and ECDSA private keys. This enables using opaque signing keys as explained in the documentation for crypto.Signer. The support is in the form of a new NewSignerPrivateKey function which makes a PrivateKey from a crypto.Signer. Fixes golang/go#15841. Change-Id: Ice2ec2793a9f5409a5bfd4e5e49d919e14ede1e0 Reviewed-on: https://go-review.googlesource.com/23802 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
c-expert-zigbee
pushed a commit
to c-expert-zigbee/crypto_go
that referenced
this issue
Mar 28, 2022
This adds support for crypto.Signer-based RSA and ECDSA private keys. This enables using opaque signing keys as explained in the documentation for crypto.Signer. The support is in the form of a new NewSignerPrivateKey function which makes a PrivateKey from a crypto.Signer. Fixes golang/go#15841. Change-Id: Ice2ec2793a9f5409a5bfd4e5e49d919e14ede1e0 Reviewed-on: https://go-review.googlesource.com/23802 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
c-expert-zigbee
pushed a commit
to c-expert-zigbee/crypto_go
that referenced
this issue
Mar 29, 2022
This adds support for crypto.Signer-based RSA and ECDSA private keys. This enables using opaque signing keys as explained in the documentation for crypto.Signer. The support is in the form of a new NewSignerPrivateKey function which makes a PrivateKey from a crypto.Signer. Fixes golang/go#15841. Change-Id: Ice2ec2793a9f5409a5bfd4e5e49d919e14ede1e0 Reviewed-on: https://go-review.googlesource.com/23802 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
LewiGoddard
pushed a commit
to LewiGoddard/crypto
that referenced
this issue
Feb 16, 2023
This adds support for crypto.Signer-based RSA and ECDSA private keys. This enables using opaque signing keys as explained in the documentation for crypto.Signer. The support is in the form of a new NewSignerPrivateKey function which makes a PrivateKey from a crypto.Signer. Fixes golang/go#15841. Change-Id: Ice2ec2793a9f5409a5bfd4e5e49d919e14ede1e0 Reviewed-on: https://go-review.googlesource.com/23802 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
BiiChris
pushed a commit
to BiiChris/crypto
that referenced
this issue
Sep 15, 2023
This adds support for crypto.Signer-based RSA and ECDSA private keys. This enables using opaque signing keys as explained in the documentation for crypto.Signer. The support is in the form of a new NewSignerPrivateKey function which makes a PrivateKey from a crypto.Signer. Fixes golang/go#15841. Change-Id: Ice2ec2793a9f5409a5bfd4e5e49d919e14ede1e0 Reviewed-on: https://go-review.googlesource.com/23802 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
At the moment packet.Signature.Sign supports only concrete implementations in priv.PrivateKey (like rsa.PrivateKey etc). From the stdlib docs crypto.Signer seems exactly intended to help cover cases for signing where the implementation is external, could come using a hardware module.
Wondering if a patch that switched the relevant signing code paths in Signature.Sign to work (optionally) with priv.PrivateKey implementing just crypto.Signer could be accepted? It would be fairly localized, the code would of course maintain the same shape switching over priv.PubKeyAlgo, and considering crypto.Signer only for RSA and ECDSA whose implementations expose support for that in the stdlib itself.
The text was updated successfully, but these errors were encountered: