Skip to content

feat: introducing support for private and public x25519 keys #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
FranciscoKurpiel merged 2 commits into from
Apr 28, 2026
Merged

feat: introducing support for private and public x25519 keys #49

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f86731e
feat: introducing support for private and public x25519 keys
FranciscoKurpiel Apr 28, 2026
0595440
Fixing linter issues
FranciscoKurpiel Apr 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion sources/cfgenv/source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ func parse(
}
}

var violations types.ErrViolations
violations := make(types.ErrViolations, 0, len(env))
for envName := range env {
violations = append(violations, types.Violation{
Message: fmt.Sprintf(
Expand Down
135 changes: 135 additions & 0 deletions xtypes/x25519_priv.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
package xtypes

import (
"crypto/ecdh"
"crypto/x509"
"encoding/base64"
"encoding/hex"
"encoding/pem"
"fmt"
"sync"

"github.com/simplesurance/proteus/internal/consts"
"github.com/simplesurance/proteus/types"
)

// X25519PrivateKey is a xtype for *ecdh.PrivateKey. The key format is expected
// to be on PKCS8/PEM format, hex encoded (32 bytes), or raw bytes (optionally
// base64 encoded). The full value is fully redacted to avoid leaking secrets.
type X25519PrivateKey struct {
DefaultValue *ecdh.PrivateKey
UpdateFn func(*ecdh.PrivateKey)
Base64Encoder *base64.Encoding
content struct {
value *ecdh.PrivateKey
mutex sync.Mutex
}
}

var _ types.XType = &X25519PrivateKey{}
var _ types.Redactor = &X25519PrivateKey{}

// UnmarshalParam parses the input as a string.
func (d *X25519PrivateKey) UnmarshalParam(in *string) error {
var privK *ecdh.PrivateKey
if in != nil && *in != "" {
var err error
privK, err = parseX25519PrivateKey(*in, d.Base64Encoder)
if err != nil {
return err
}
}

d.content.mutex.Lock()
d.content.value = privK
d.content.mutex.Unlock()

if d.UpdateFn != nil {
d.UpdateFn(d.Value())
}

return nil
}

// Value reads the current updated value, taking the default value into
// consideration. If the parameter is not marked as optional, this is
// guaranteed to be not nil.
func (d *X25519PrivateKey) Value() *ecdh.PrivateKey {
d.content.mutex.Lock()
defer d.content.mutex.Unlock()

if d.content.value == nil {
return d.DefaultValue
}

return d.content.value
}

// ValueValid test if the provided parameter value is valid. Has no side
// effects.
func (d *X25519PrivateKey) ValueValid(s string) error {
if s == "" {
return types.ErrNoValue
}
_, err := parseX25519PrivateKey(s, d.Base64Encoder)
return err
}

// GetDefaultValue will be used to read the default value when showing usage
// information.
func (d *X25519PrivateKey) GetDefaultValue() (string, error) {
return "<secret>", nil
}

// RedactValue fully redacts the private key, to avoid leaking secrets.
func (d *X25519PrivateKey) RedactValue(string) string {
return consts.RedactedPlaceholder
}

func parseX25519PrivateKey(v string, base64Enc *base64.Encoding) (*ecdh.PrivateKey, error) {
var data []byte
var err error

if base64Enc != nil {
data, err = base64Enc.DecodeString(v)
if err != nil {
return nil, fmt.Errorf("not a valid base64: %w", err)
}
} else {
data = []byte(v)
}

// Try PEM first
pemBlock, _ := pem.Decode(data)
if pemBlock != nil {
if pemBlock.Type != "PRIVATE KEY" {
return nil, fmt.Errorf("PEM of type %q is not supported. Expected: %q",
pemBlock.Type,
"PRIVATE KEY")
}
privK, err := x509.ParsePKCS8PrivateKey(pemBlock.Bytes)
if err != nil {
return nil, fmt.Errorf("error decoding PEM block as PKCS8: %w", err)
}
xPrivK, ok := privK.(*ecdh.PrivateKey)
if !ok || xPrivK.Curve() != ecdh.X25519() {
return nil, fmt.Errorf("expected key of type *ecdh.PrivateKey (X25519), but got type: %T", privK)
}
return xPrivK, nil
}

// If not PEM, try hex (as seen in reference code)
if len(v) == 64 {
raw, err := hex.DecodeString(v)
if err == nil && len(raw) == 32 {
return ecdh.X25519().NewPrivateKey(raw)
}
}

// Try raw bytes if it's 32 bytes (maybe it was base64 encoded raw bytes)
if len(data) == 32 {
return ecdh.X25519().NewPrivateKey(data)
}

return nil, fmt.Errorf("invalid X25519 private key: expected PEM, 64-char hex, or 32-byte raw key")
}
129 changes: 129 additions & 0 deletions xtypes/x25519_pub.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
package xtypes

import (
"crypto/ecdh"
"crypto/x509"
"encoding/base64"
"encoding/hex"
"encoding/pem"
"fmt"
"sync"

"github.com/simplesurance/proteus/types"
)

// X25519PublicKey is a xtype for *ecdh.PublicKey. The key format is expected
// to be on PKIX/PEM format, hex encoded (32 bytes), or raw bytes (optionally
// base64 encoded).
type X25519PublicKey struct {
DefaultValue *ecdh.PublicKey
UpdateFn func(*ecdh.PublicKey)
Base64Encoder *base64.Encoding
content struct {
value *ecdh.PublicKey
mutex sync.Mutex
}
}

var _ types.XType = &X25519PublicKey{}

// UnmarshalParam parses the input as a string.
func (d *X25519PublicKey) UnmarshalParam(in *string) error {
var pubK *ecdh.PublicKey
if in != nil && *in != "" {
var err error
pubK, err = parseX25519PublicKey(*in, d.Base64Encoder)
if err != nil {
return err
}
}

d.content.mutex.Lock()
d.content.value = pubK
d.content.mutex.Unlock()

if d.UpdateFn != nil {
d.UpdateFn(d.Value())
}

return nil
}

// Value reads the current updated value, taking the default value into
// consideration. If the parameter is not marked as optional, this is
// guaranteed to be not nil.
func (d *X25519PublicKey) Value() *ecdh.PublicKey {
d.content.mutex.Lock()
defer d.content.mutex.Unlock()

if d.content.value == nil {
return d.DefaultValue
}

return d.content.value
}

// ValueValid test if the provided parameter value is valid. Has no side
// effects.
func (d *X25519PublicKey) ValueValid(s string) error {
if s == "" {
return types.ErrNoValue
}
_, err := parseX25519PublicKey(s, d.Base64Encoder)
return err
}

// GetDefaultValue will be used to read the default value when showing usage
// information.
func (d *X25519PublicKey) GetDefaultValue() (string, error) {
// TODO show the public key
return "<secret>", nil
}
Comment on lines +78 to +81
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Public keys are not secret, so GetDefaultValue should not return "<secret>" as this is misleading. The TODO comment on line 79 also indicates this needs to be addressed.

A better approach would be to return a representation of the public key. Since this is for usage information, a concise format like hex encoding is suitable. If no default value is set, an empty string should be returned.

func (d *X25519PublicKey) GetDefaultValue() (string, error) {
	if d.DefaultValue == nil {
		return "", nil
	}
	return hex.EncodeToString(d.DefaultValue.Bytes()), nil
}


func parseX25519PublicKey(v string, base64Enc *base64.Encoding) (*ecdh.PublicKey, error) {
var data []byte
var err error

if base64Enc != nil {
data, err = base64Enc.DecodeString(v)
if err != nil {
return nil, fmt.Errorf("not a valid base64: %w", err)
}
} else {
data = []byte(v)
}

// Try PEM first
pemBlock, _ := pem.Decode(data)
if pemBlock != nil {
if pemBlock.Type != "PUBLIC KEY" {
return nil, fmt.Errorf("PEM of type %q is not supported. Expected: %q",
pemBlock.Type,
"PUBLIC KEY")
}
pubK, err := x509.ParsePKIXPublicKey(pemBlock.Bytes)
if err != nil {
return nil, fmt.Errorf("error decoding PEM block as ANS.1 public key: %w", err)
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

There is a typo in the error message. ANS.1 should be ASN.1 (Abstract Syntax Notation One).

Suggested change
return nil, fmt.Errorf("error decoding PEM block as ANS.1 public key: %w", err)
return nil, fmt.Errorf("error decoding PEM block as ASN.1 public key: %w", err)

}
xPubK, ok := pubK.(*ecdh.PublicKey)
if !ok || xPubK.Curve() != ecdh.X25519() {
return nil, fmt.Errorf("expected key of type *ecdh.PublicKey (X25519), but got type: %T", pubK)
}
return xPubK, nil
}

// If not PEM, try hex (as seen in reference code)
if len(v) == 64 {
raw, err := hex.DecodeString(v)
if err == nil && len(raw) == 32 {
return ecdh.X25519().NewPublicKey(raw)
}
}

// Try raw bytes if it's 32 bytes (maybe it was base64 encoded raw bytes)
if len(data) == 32 {
return ecdh.X25519().NewPublicKey(data)
}

return nil, fmt.Errorf("invalid X25519 public key: expected PEM, 64-char hex, or 32-byte raw key")
}
Loading