Add support for importing RSA private keys and enhance OpenSSH serialization#14
Add support for importing RSA private keys and enhance OpenSSH serialization#14
Conversation
…pdate serialization method
… improved validation
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for importing RSA private keys from legacy encrypted PKCS#1 PEM format and enhances OpenSSH private key serialization with type-safe encryption ciphers. The changes improve API safety by replacing string-based cipher parameters with a typed EncryptionCipher enum while maintaining backward compatibility through raw value initialization.
- Introduces type-safe
EncryptionCipherwrapper for OpenSSH cipher names - Updates all OpenSSH serialization calls to use enum values instead of strings
- Enhances CLI cipher validation with friendly error messages
- Updates version to 0.1.2 and documentation
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
Sources/SwiftKeyGen/Formats/OpenSSH/OpenSSHPrivateKey.swift |
Adds EncryptionCipher type and updates serialize method signature |
Sources/SwiftKeyGenCLI/main.swift |
Updates version and adds cipher validation with enum mapping |
Tests/SwiftKeyGenTests/Formats/OpenSSH/OpenSSHPrivateKeyUnitTests.swift |
Updates test cases to use typed cipher enum values |
Tests/SwiftKeyGenTests/Cryptography/Ciphers/AES/AESGCMIntegrationTests.swift |
Updates test to use typed cipher array |
README.md |
Adds documentation for new OpenSSH serialization API and updates feature list |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| if let passphrase = passphrase, !passphrase.isEmpty { | ||
| cipherName = cipher ?? DEFAULT_CIPHER | ||
| cipherName = (cipher ?? .default).rawValue |
There was a problem hiding this comment.
The .default property is computed and calls Cipher.defaultCipher on every access. Consider caching this value or making it a static let to avoid repeated computation when no cipher is specified.
| var selectedCipher: OpenSSHPrivateKey.EncryptionCipher? = nil | ||
| if let c = cipher { | ||
| // Validate against known ciphers for a friendly error | ||
| if !OpenSSHPrivateKey.EncryptionCipher.known.contains(where: { $0.rawValue == c }) { |
There was a problem hiding this comment.
The known array is computed on every validation and uses linear search with closure. Consider creating a static Set of raw values for O(1) lookup performance.
Introduce support for importing RSA private keys from legacy encrypted PKCS#1 PEM. Enhance OpenSSH private key serialization with type-safe encryption ciphers and improved validation. Update the version to 0.1.2.