/
keyconv.go
192 lines (173 loc) · 4.91 KB
/
keyconv.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
package keyconv
import (
"crypto"
"crypto/ecdsa"
"crypto/rsa"
"fmt"
"github.com/lestrrat-go/blackmagic"
"github.com/lestrrat-go/jwx/v2/jwk"
"golang.org/x/crypto/ed25519"
)
// RSAPrivateKey assigns src to dst.
// `dst` should be a pointer to a rsa.PrivateKey.
// `src` may be rsa.PrivateKey, *rsa.PrivateKey, or a jwk.Key
func RSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw rsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
return fmt.Errorf(`keyconv: failed to produce rsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
}
var ptr *rsa.PrivateKey
switch src := src.(type) {
case rsa.PrivateKey:
ptr = &src
case *rsa.PrivateKey:
ptr = src
default:
return fmt.Errorf(`keyconv: expected rsa.PrivateKey or *rsa.PrivateKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}
// RSAPublicKey assigns src to dst
// `dst` should be a pointer to a non-zero rsa.PublicKey.
// `src` may be rsa.PublicKey, *rsa.PublicKey, or a jwk.Key
func RSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
pk, err := jwk.PublicRawKeyOf(jwkKey)
if err != nil {
return fmt.Errorf(`keyconv: failed to produce public key from %T: %w`, src, err)
}
src = pk
}
var ptr *rsa.PublicKey
switch src := src.(type) {
case rsa.PrivateKey:
ptr = &src.PublicKey
case *rsa.PrivateKey:
ptr = &src.PublicKey
case rsa.PublicKey:
ptr = &src
case *rsa.PublicKey:
ptr = src
default:
return fmt.Errorf(`keyconv: expected rsa.PublicKey/rsa.PrivateKey or *rsa.PublicKey/*rsa.PrivateKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}
// ECDSAPrivateKey assigns src to dst, converting its type from a
// non-pointer to a pointer
func ECDSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ecdsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
return fmt.Errorf(`keyconv: failed to produce ecdsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
}
var ptr *ecdsa.PrivateKey
switch src := src.(type) {
case ecdsa.PrivateKey:
ptr = &src
case *ecdsa.PrivateKey:
ptr = src
default:
return fmt.Errorf(`keyconv: expected ecdsa.PrivateKey or *ecdsa.PrivateKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}
// ECDSAPublicKey assigns src to dst, converting its type from a
// non-pointer to a pointer
func ECDSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
pk, err := jwk.PublicRawKeyOf(jwkKey)
if err != nil {
return fmt.Errorf(`keyconv: failed to produce public key from %T: %w`, src, err)
}
src = pk
}
var ptr *ecdsa.PublicKey
switch src := src.(type) {
case ecdsa.PrivateKey:
ptr = &src.PublicKey
case *ecdsa.PrivateKey:
ptr = &src.PublicKey
case ecdsa.PublicKey:
ptr = &src
case *ecdsa.PublicKey:
ptr = src
default:
return fmt.Errorf(`keyconv: expected ecdsa.PublicKey/ecdsa.PrivateKey or *ecdsa.PublicKey/*ecdsa.PrivateKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}
func ByteSliceKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw []byte
if err := jwkKey.Raw(&raw); err != nil {
return fmt.Errorf(`keyconv: failed to produce []byte from %T: %w`, src, err)
}
src = raw
}
if _, ok := src.([]byte); !ok {
return fmt.Errorf(`keyconv: expected []byte, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, src)
}
func Ed25519PrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ed25519.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
return fmt.Errorf(`failed to produce ed25519.PrivateKey from %T: %w`, src, err)
}
src = &raw
}
var ptr *ed25519.PrivateKey
switch src := src.(type) {
case ed25519.PrivateKey:
ptr = &src
case *ed25519.PrivateKey:
ptr = src
default:
return fmt.Errorf(`expected ed25519.PrivateKey or *ed25519.PrivateKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}
func Ed25519PublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
pk, err := jwk.PublicRawKeyOf(jwkKey)
if err != nil {
return fmt.Errorf(`keyconv: failed to produce public key from %T: %w`, src, err)
}
src = pk
}
switch key := src.(type) {
case ed25519.PrivateKey:
src = key.Public()
case *ed25519.PrivateKey:
src = key.Public()
}
var ptr *ed25519.PublicKey
switch src := src.(type) {
case ed25519.PublicKey:
ptr = &src
case *ed25519.PublicKey:
ptr = src
case *crypto.PublicKey:
tmp, ok := (*src).(ed25519.PublicKey)
if !ok {
return fmt.Errorf(`failed to retrieve ed25519.PublicKey out of *crypto.PublicKey`)
}
ptr = &tmp
case crypto.PublicKey:
tmp, ok := src.(ed25519.PublicKey)
if !ok {
return fmt.Errorf(`failed to retrieve ed25519.PublicKey out of crypto.PublicKey`)
}
ptr = &tmp
default:
return fmt.Errorf(`expected ed25519.PublicKey or *ed25519.PublicKey, got %T`, src)
}
return blackmagic.AssignIfCompatible(dst, ptr)
}