Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Store private keys in the DB as PEM blocks rather than pieces of the BIND Priv Key Format #86

Open
3 tasks
johanix opened this issue Nov 2, 2024 · 0 comments
Open
3 tasks

Store private keys in the DB as PEM blocks rather than pieces of the BIND Priv Key Format #86

johanix opened this issue Nov 2, 2024 · 0 comments
Assignees
@ljliman

Comments

@johanix
Copy link
Owner

johanix commented Nov 2, 2024

In tdns/sig0_utils.go:GenerateKeyPair() a keypair is generated and subsequently stored in the KeyStore DB. However, only ED25519 keys can be stored at the moment, because of unfortunate assumptions about the key being stored in a BIND9 Private Key Format v1.3.

  • This code should be updated to instead convert the private key into a PEM block and store the PEM block in the DB.
  • A new function must be created that extracts the PEM block from the DB and from that creates a crypto.PrivateKey that may be used in the rest of the code.
  • Then all consumers (i.e. users of the private key) need to be located and updated to use the new access function instead of the immediate ED25519 private key.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ljliman ljliman

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ljliman @johanix