Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(134)

Delta Between Two Patch Sets: src/pkg/crypto/tls/tls.go

Issue 6776043: code review 6776043: crypto/tls: add support for loading EC X.509 key pairs (Closed)
Left Patch Set: diff -r 15a03e58cd8d https://go.googlecode.com/hg/ Created 11 years, 4 months ago
Right Patch Set: diff -r 659f7a1810dd https://go.googlecode.com/hg/ Created 11 years, 4 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | src/pkg/crypto/tls/tls_test.go » ('j') | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 // Copyright 2009 The Go Authors. All rights reserved. 1 // Copyright 2009 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style 2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file. 3 // license that can be found in the LICENSE file.
4 4
5 // Package tls partially implements TLS 1.0, as specified in RFC 2246. 5 // Package tls partially implements TLS 1.0, as specified in RFC 2246.
6 package tls 6 package tls
7 7
8 import ( 8 import (
9 "crypto" 9 "crypto"
10 "crypto/ecdsa" 10 "crypto/ecdsa"
(...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after
191 191
192 } 192 }
193 if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 { 193 if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 {
194 err = errors.New("crypto/tls: private key does not match public key") 194 err = errors.New("crypto/tls: private key does not match public key")
195 return 195 return
196 } 196 }
197 default: 197 default:
198 err = errors.New("crypto/tls: unknown public key algorithm") 198 err = errors.New("crypto/tls: unknown public key algorithm")
199 return 199 return
200 } 200 }
201
201 return 202 return
202 } 203 }
203 204
204 // Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates 205 // Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates
205 // PKCS#1 private keys by default, while OpenSSL 1.0.0 generates PKCS#8 keys. 206 // PKCS#1 private keys by default, while OpenSSL 1.0.0 generates PKCS#8 keys.
206 // OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three. 207 // OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three.
207 func parsePrivateKey(der []byte) (crypto.PrivateKey, error) { 208 func parsePrivateKey(der []byte) (crypto.PrivateKey, error) {
208 if key, err := x509.ParsePKCS1PrivateKey(der); err == nil { 209 if key, err := x509.ParsePKCS1PrivateKey(der); err == nil {
209 return key, nil 210 return key, nil
210 } 211 }
211 if key, err := x509.ParsePKCS8PrivateKey(der); err == nil { 212 if key, err := x509.ParsePKCS8PrivateKey(der); err == nil {
212 switch key := key.(type) { 213 switch key := key.(type) {
213 case *rsa.PrivateKey, *ecdsa.PrivateKey: 214 case *rsa.PrivateKey, *ecdsa.PrivateKey:
214 return key, nil 215 return key, nil
215 default: 216 default:
216 return nil, errors.New("crypto/tls: found unknown privat e key type in PKCS#8 wrapping") 217 return nil, errors.New("crypto/tls: found unknown privat e key type in PKCS#8 wrapping")
217 } 218 }
218 } 219 }
219 if key, err := x509.ParseECPrivateKey(der); err == nil { 220 if key, err := x509.ParseECPrivateKey(der); err == nil {
220 return key, nil 221 return key, nil
221 } 222 }
222 223
223 return nil, errors.New("crypto/tls: failed to parse private key") 224 return nil, errors.New("crypto/tls: failed to parse private key")
224 } 225 }
LEFTRIGHT

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b