plugin/dnssec, plugin/sign: ed25519 support

[seankhliao]

1. Why is this pull request needed and what does it do?

adds support for ed25519 keys to plugin/dnssec, and corrects plugin/sign ed25519 type assertion

2. Which issues (if any) are related?

#3379

3. Which documentation changes (if any) need to be made?

none

4. Does this introduce a backward incompatible change or deprecation?

no

[corbot]

Thank you for your contribution. I've just checked the OWNERS files to find a suitable reviewer. This search was successful and I've asked dilyevsky (via /OWNERS) for a review.
Note this is not an exclusive request. Anyone is free to provide a review of this pull request.

If you have questions or suggestions for this bot, please file an issue against the miekg/dreck repository.

The bot understands the commands that are listed here.

[miekg]

This might need a tweak in plugin/sign as well. Could you check? Current PR lgtm

…

On Tue, 15 Oct 2019, 17:44 Sean Liao, ***@***.***> wrote: 1. Why is this pull request needed and what does it do? adds support for ed25519 keys to plugin/dnssec, and corrects plugin/sign ed25519 type assertion 2. Which issues (if any) are related? #3379 <#3379> 3. Which documentation changes (if any) need to be made? none 4. Does this introduce a backward incompatible change or deprecation? no ------------------------------ You can view, comment on, or merge this pull request online at: #3380 Commit Summary - add ed25519 dnskey support - fix ed25519 type assertion File Changes - *M* plugin/dnssec/dnskey.go <https://github.com/coredns/coredns/pull/3380/files#diff-0> (5) - *M* plugin/sign/keys.go <https://github.com/coredns/coredns/pull/3380/files#diff-1> (2) Patch Links: - https://github.com/coredns/coredns/pull/3380.patch - https://github.com/coredns/coredns/pull/3380.diff — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#3380?email_source=notifications&email_token=AACWIW6LKBHHZJTRE7TNFULQOXXPVA5CNFSM4JA7HVCKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HR5XNQQ>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AACWIWZVSIQDS6FCJCCJTCDQOXXPVANCNFSM4JA7HVCA> .

[seankhliao]

i just checked on my server, the second commit f3e5eb7 does properly fix plugin/sign

[miekg]

I believe both README.md now also need to be updated?

[seankhliao]

I'm not sure which part of the READMEs to update. People should probably still use ecdsa keys if they don't want things to break. With this change coredns supports almost everything dnssec-keygen will generate as a signing key (ed448 is the exception, no stdlib or x/crypto support)

[codecov-io]

Codecov Report

Merging #3380 into master will increase coverage by 0.01%.
The diff coverage is 0%.

@@            Coverage Diff             @@
##           master    #3380      +/-   ##
==========================================
+ Coverage   56.27%   56.29%   +0.01%     
==========================================
  Files         218      218              
  Lines       10818    10820       +2     
==========================================
+ Hits         6088     6091       +3     
+ Misses       4253     4252       -1     
  Partials      477      477

Impacted Files	Coverage Δ
plugin/dnssec/dnskey.go	69.76% <0%> (-3.41%)	⬇️
plugin/sign/keys.go	40.32% <0%> (ø)	⬆️
plugin/forward/connect.go	85.91% <0%> (+4.22%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 34ffe2a...4d1811a. Read the comment docs.

[miekg]

ok, there also is https://github.com/coredns/coredns-utils/tree/master/coredns-keygen which we may want to give a single switch to allow ed25519 keys