add ecdsa key support and enable 4,092 RSA

* apcssh: add descriptive error when required file(s) not passed
* create: dont create key+cert file when key isn't supported by NMC2
* config: fix usage messages re: key types
* p15 files: dont generate key+cert when it isn't needed (aka NMC2 doesn't support key)
* pkcs15: pre-calculate envelope when making the p15 struct
* pkcs15: omit key ID 8 & 9 from EC keys
* pkcs15: update key decode logic
* pkcs15: add key type value for easy determination of compatibility
* pkcs15: add ec key support
* pkcs15: separate functions for key and key+cert p15 files
* update README
see: https://github.com/gregtwallace/apc-p15-tool/issues/6
This commit is contained in:
Greg T. Wallace 2024-09-17 18:44:33 -04:00
parent 51e5847409
commit cbb831e009
12 changed files with 508 additions and 266 deletions
pkg/pkcs15

View file

@ -2,6 +2,7 @@ package pkcs15
import (
"apc-p15-tool/pkg/tools/asn1obj"
"crypto/ecdsa"
"crypto/rsa"
)
@ -27,15 +28,13 @@ func (p15 *pkcs15KeyCert) privateKeyObject() []byte {
asn1obj.IntegerExplicitValue(7, privKey.Precomputed.Qinv),
})
// case *ecdsa.PrivateKey:
// // Only private piece is the integer D
// privKeyObj = asn1obj.Sequence([][]byte{
// asn1obj.Integer(privKey.D),
// })
case *ecdsa.PrivateKey:
// Only private piece is the integer D
privKeyObj = asn1obj.Integer(privKey.D)
default:
// panic if non-RSA key
panic("private key object for non-rsa key is unexpected and unsupported")
// panic if unsupported key
panic("private key type is unexpected and unsupported")
}
return privKeyObj