Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-18 03:30:18 -04:00
Code Issues Projects Releases Packages Wiki Activity

added test for CA generation + use SeedSize constant

Browse source 
Previously, I just hard coded 256 as the key length that seeds the key
generation since it worked. Now, it uses ed25519.SeedSize (32) instead.
This commit is contained in:
miampf 2025-01-09 17:24:32 +01:00
parent 0be301fa3a
commit bee3f6c159
No known key found for this signature in database
GPG key ID: EF039364B5B6886C
3 changed files with 38 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
bootstrapper/internal/initserver/initserver.go
View file

@ -20,6 +20,7 @@ package initserver
import (
"bufio"
"context"
"crypto/ed25519"
"errors"
"fmt"
"io"
@ -225,7 +226,7 @@ func (s *Server) Init(req *initproto.InitRequest, stream initproto.API_InitServe
}
// Derive the emergency ssh CA key
key, err := cloudKms.GetDEK(stream.Context(), crypto.DEKPrefix+constants.SSHCAKeySuffix, 256)
key, err := cloudKms.GetDEK(stream.Context(), crypto.DEKPrefix+constants.SSHCAKeySuffix, ed25519.SeedSize)
if err != nil {
if e := s.sendLogsWithMessage(stream, status.Errorf(codes.Internal, "retrieving DEK for key derivation: %s", err)); e != nil {
err = errors.Join(err, e)