Fix suggestions from code review

go-piv · Oct 3, 2024 · 2c985a1 · 2c985a1
1 parent 33d0d46
commit 2c985a1
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 13 deletions.
diff --git a/v2/piv/key.go b/v2/piv/key.go
@@ -1007,7 +1007,8 @@ func (yk *YubiKey) PrivateKey(slot Slot, public crypto.PublicKey, auth KeyAuth)
 	case *rsa.PublicKey:
 		return &keyRSA{yk, slot, pub, auth, pp}, nil
 	default:
-		return yk.privateKey(slot, public, auth, pp)
+		// Add support for X25519 keys using build tags
+		return yk.tryX25519PrivateKey(slot, public, auth, pp)
 	}
 }
 
@@ -1087,9 +1088,9 @@ func (yk *YubiKey) SetPrivateKeyInsecure(key []byte, slot Slot, private crypto.P
 		copy(privateKey, priv[:32])
 		params = append(params, privateKey)
 	default:
-		// Add support for ecdh.PrivateKey using build tags
+		// Add support for X25519 keys using build tags
 		var err error
-		params, paramTag, elemLen, err = yk.setPrivateKeyInsecure(private)
+		params, paramTag, elemLen, err = yk.tryX22519PrivateKeyInsecure(private)
 		if err != nil {
 			return err
 		}

diff --git a/v2/piv/key_go120.go b/v2/piv/key_go120.go
@@ -20,7 +20,6 @@ package piv
 import (
 	"crypto"
 	"crypto/ecdh"
-	"errors"
 	"fmt"
 )
 
@@ -46,7 +45,7 @@ func (k *X25519PrivateKey) SharedKey(peer *ecdh.PublicKey) ([]byte, error) {
 	})
 }
 
-func (yk *YubiKey) privateKey(slot Slot, public crypto.PublicKey, auth KeyAuth, pp PINPolicy) (crypto.PrivateKey, error) {
+func (yk *YubiKey) tryX25519PrivateKey(slot Slot, public crypto.PublicKey, auth KeyAuth, pp PINPolicy) (crypto.PrivateKey, error) {
 	switch pub := public.(type) {
 	case *ecdh.PublicKey:
 		if crv := pub.Curve(); crv != ecdh.X25519() {
@@ -58,18 +57,18 @@ func (yk *YubiKey) privateKey(slot Slot, public crypto.PublicKey, auth KeyAuth,
 	}
 }
 
-func (yk *YubiKey) setPrivateKeyInsecure(private crypto.PrivateKey) ([][]byte, byte, int, error) {
+func (yk *YubiKey) tryX22519PrivateKeyInsecure(private crypto.PrivateKey) ([][]byte, byte, int, error) {
 	switch priv := private.(type) {
 	case *ecdh.PrivateKey:
-		if priv.Curve() != ecdh.X25519() {
-			return nil, 0, 0, errors.New("unsupported private key type")
+		if crv := priv.Curve(); crv != ecdh.X25519() {
+			return nil, 0, 0, fmt.Errorf("unsupported ecdh curve: %v", crv)
 		}
 		// seed
 		params := make([][]byte, 0)
 		params = append(params, priv.Bytes())
 		return params, 0x08, 32, nil
 	default:
-		return nil, 0, 0, errors.New("unsupported private key type")
+		return nil, 0, 0, fmt.Errorf("unsupported private key type: %T", private)
 	}
 }
 

diff --git a/v2/piv/key_go120_test.go b/v2/piv/key_go120_test.go
@@ -29,7 +29,7 @@ import (
 func TestYubiKeyX25519ImportKey(t *testing.T) {
 	importKey, err := ecdh.X25519().GenerateKey(rand.Reader)
 	if err != nil {
-		t.Fatalf("error geneating X25519 key: %v", err)
+		t.Fatalf("error generating X25519 key: %v", err)
 	}
 
 	yk, close := newTestYubiKey(t)

diff --git a/v2/piv/key_legacy.go b/v2/piv/key_legacy.go
@@ -23,12 +23,12 @@ import (
 	"fmt"
 )
 
-func (yk *YubiKey) privateKey(slot Slot, public crypto.PublicKey, auth KeyAuth, pp PINPolicy) (crypto.PrivateKey, error) {
+func (yk *YubiKey) tryX25519PrivateKey(slot Slot, public crypto.PublicKey, auth KeyAuth, pp PINPolicy) (crypto.PrivateKey, error) {
 	return nil, fmt.Errorf("unsupported public key type: %T", public)
 }
 
-func (yk *YubiKey) setPrivateKeyInsecure(private crypto.PrivateKey) ([][]byte, byte, int, error) {
-	return nil, 0, 0, errors.New("unsupported private key type")
+func (yk *YubiKey) tryX22519PrivateKeyInsecure(private crypto.PrivateKey) ([][]byte, byte, int, error) {
+	return nil, 0, 0, errors.New("unsupported private key type: %T", private)
 }
 
 func decodeX25519Public(b []byte) (crypto.PublicKey, error) {