From 81ed8399648fd2b0f4ea33e7ee588382793f64dc Mon Sep 17 00:00:00 2001
From: alexander <ak@systemstart.net>
Date: Fri, 9 Feb 2024 13:19:10 +0100
Subject: [PATCH] added ed25519 as key type

---
 cert.go |  5 +++++
 main.go | 14 +++++++++-----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/cert.go b/cert.go
index 4ce36ccf..0d6f1906 100644
--- a/cert.go
+++ b/cert.go
@@ -7,6 +7,7 @@ package main
 import (
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
@@ -167,6 +168,10 @@ func (m *mkcert) generateKey(rootCA bool) (crypto.PrivateKey, error) {
 	if m.ecdsa {
 		return ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	}
+	if m.ed25519 {
+		_, privateKey, err := ed25519.GenerateKey(rand.Reader)
+		return privateKey, err
+	}
 	if rootCA {
 		return rsa.GenerateKey(rand.Reader, 3072)
 	}
diff --git a/main.go b/main.go
index 6c5e835b..244e4ddc 100644
--- a/main.go
+++ b/main.go
@@ -57,6 +57,9 @@ const advancedUsage = `Advanced options:
 	-ecdsa
 	    Generate a certificate with an ECDSA key.
 
+	-ed25519
+	    Generate a certificate with an ed25519 key.
+
 	-pkcs12
 	    Generate a ".p12" PKCS #12 file, also know as a ".pfx" file,
 	    containing certificate and key for legacy applications.
@@ -95,6 +98,7 @@ func main() {
 		uninstallFlag = flag.Bool("uninstall", false, "")
 		pkcs12Flag    = flag.Bool("pkcs12", false, "")
 		ecdsaFlag     = flag.Bool("ecdsa", false, "")
+		ed25519Flag   = flag.Bool("ed25519", false, "")
 		clientFlag    = flag.Bool("client", false, "")
 		helpFlag      = flag.Bool("help", false, "")
 		carootFlag    = flag.Bool("CAROOT", false, "")
@@ -144,7 +148,7 @@ func main() {
 	}
 	(&mkcert{
 		installMode: *installFlag, uninstallMode: *uninstallFlag, csrPath: *csrFlag,
-		pkcs12: *pkcs12Flag, ecdsa: *ecdsaFlag, client: *clientFlag,
+		pkcs12: *pkcs12Flag, ecdsa: *ecdsaFlag, ed25519: *ed25519Flag, client: *clientFlag,
 		certFile: *certFileFlag, keyFile: *keyFileFlag, p12File: *p12FileFlag,
 	}).Run(flag.Args())
 }
@@ -153,10 +157,10 @@ const rootName = "rootCA.pem"
 const rootKeyName = "rootCA-key.pem"
 
 type mkcert struct {
-	installMode, uninstallMode bool
-	pkcs12, ecdsa, client      bool
-	keyFile, certFile, p12File string
-	csrPath                    string
+	installMode, uninstallMode     bool
+	pkcs12, ecdsa, ed25519, client bool
+	keyFile, certFile, p12File     string
+	csrPath                        string
 
 	CAROOT string
 	caCert *x509.Certificate