proposal: crypto/x509: create typed versions of ParsePKCS8PrivateKey #26485
Labels
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Proposal
Proposal-Crypto
Proposal related to crypto packages or other security issues
Milestone
Comments
|
Change https://golang.org/cl/125056 mentions this issue: |
|
CC @FiloSottile |
bcmills
added
the
NeedsInvestigation
|
I'm indifferent, but adding new methods adds to the overall api surface, which has its own problems with maintenance. |
|
@gopherbot proposal-crypto |
odeke-em
changed the title
|
I've retitled this as a proposal as it hasn't been looked at since Go1.11 but it is a proposal that we have to examine and decide on. |
odeke-em
added
the
Proposal-Crypto
|
I agree with Adam (https://go-review.googlesource.com/c/go/+/125056/4#message-46b6bcfdedbc7383393b0e37c5a640be477bd615) that the increased API surface is not worth it. There is already a dizzying array of Parse functions in crypto/x509, and the type assertion is not much more work than checking the error. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It bothers me that me as an end-user of
ParsePKCS8PrivateKeyhave to do type assertion logic on the key even when you know what you expect.We should utilize Go's strong type system to create type-specific functions called for example
ParsePKCS8PrivateKeyRSA(der []byte) (key *rsa.PrivateKey, err error)ParsePKCS8PrivateKeyECDSA(der []byte) (key *ecdsa.PrivateKey, err error)The text was updated successfully, but these errors were encountered: