Merge pull request #69329 from mrIncompetent/use-signer-interface

use signer interface for certificate creation Kubernetes-commit: 0509eea6b53161d16d3944b0e0329cb0125384f9
2025-07-03 18:26:59 +00:00 · 2018-10-02 21:46:40 -07:00 · 2018-10-02 21:46:40 -07:00 · 3e116d4527
commit 3e116d4527
parent a0aefdd1eb 30575d7a9f
1 changed files with 3 additions and 2 deletions
--- a/util/cert/cert.go
+++ b/util/cert/cert.go
@ -18,6 +18,7 @@ package cert

 import (
 	"bytes"
+	"crypto"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@ -64,7 +65,7 @@ func NewPrivateKey() (*rsa.PrivateKey, error) {
 }

 // NewSelfSignedCACert creates a CA certificate
-func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, error) {
+func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error) {
 	now := time.Now()
 	tmpl := x509.Certificate{
 		SerialNumber: new(big.Int).SetInt64(0),
@ -87,7 +88,7 @@ func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, er
 }

 // NewSignedCert creates a signed certificate using the given CA certificate and key
-func NewSignedCert(cfg Config, key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, error) {
+func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error) {
 	serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64))
 	if err != nil {
 		return nil, err