Copy PrivateKey fields to Signers
In order for Signers to produce the same key ids as
`PrivateKey.PublicData.IDs()`, we need to make sure we copy the exact
values for `Type`, `Scheme`, and `Algorithms`.
Change-Id: I6546481c9c03e3ff05db7c0375f32c3803d825c8
diff --git a/sign/keys.go b/sign/keys.go
index cae4d2e..78e0b5e 100644
--- a/sign/keys.go
+++ b/sign/keys.go
@@ -30,7 +30,12 @@
}
func (k *PrivateKey) Signer() Signer {
- return &ed25519Signer{PrivateKey: ed25519.PrivateKey(k.Value.Private)}
+ return &ed25519Signer{
+ PrivateKey: ed25519.PrivateKey(k.Value.Private),
+ keyType: k.Type,
+ keyScheme: k.Scheme,
+ keyAlgorithms: k.Algorithms,
+ }
}
func GenerateEd25519Key() (*PrivateKey, error) {
@@ -52,8 +57,11 @@
type ed25519Signer struct {
ed25519.PrivateKey
- ids []string
- idOnce sync.Once
+ keyType string
+ keyScheme string
+ keyAlgorithms []string
+ ids []string
+ idOnce sync.Once
}
var _ Signer = &ed25519Signer{}
@@ -74,17 +82,17 @@
func (s *ed25519Signer) publicData() *data.Key {
return &data.Key{
- Type: data.KeyTypeEd25519,
- Scheme: data.KeySchemeEd25519,
- Algorithms: data.KeyAlgorithms,
+ Type: s.keyType,
+ Scheme: s.keyScheme,
+ Algorithms: s.keyAlgorithms,
Value: data.KeyValue{Public: []byte(s.PrivateKey.Public().(ed25519.PublicKey))},
}
}
func (s *ed25519Signer) Type() string {
- return data.KeyTypeEd25519
+ return s.keyType
}
func (s *ed25519Signer) Scheme() string {
- return data.KeySchemeEd25519
+ return s.keyScheme
}
diff --git a/sign/keys_test.go b/sign/keys_test.go
new file mode 100644
index 0000000..aa05b69
--- /dev/null
+++ b/sign/keys_test.go
@@ -0,0 +1,36 @@
+package sign
+
+import (
+ "testing"
+
+ . "gopkg.in/check.v1"
+)
+
+// Hook up gocheck into the "go test" runner.
+func Test(t *testing.T) { TestingT(t) }
+
+type KeysSuite struct{}
+
+var _ = Suite(&KeysSuite{})
+
+func (KeysSuite) TestSignerKeyIDs(c *C) {
+ key, err := GenerateEd25519Key()
+ c.Assert(err, IsNil)
+ signer := key.Signer()
+ c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+
+ // If we have a TUF-0.9 key, we won't have a scheme.
+ key, err = GenerateEd25519Key()
+ c.Assert(err, IsNil)
+ key.Scheme = ""
+ signer = key.Signer()
+ c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+
+ // Make sure we preserve ids if we don't have any
+ // keyid_hash_algorithms.
+ key, err = GenerateEd25519Key()
+ c.Assert(err, IsNil)
+ key.Algorithms = []string{}
+ signer = key.Signer()
+ c.Assert(key.PublicData().IDs(), DeepEquals, signer.IDs())
+}