11package core
22
33import (
4- "bytes"
54 "crypto"
5+ "crypto/ecdsa"
66 "crypto/rand"
7+ "crypto/rsa"
78 "crypto/sha256"
89 "crypto/x509"
910 "encoding/base64"
@@ -97,7 +98,7 @@ func KeyDigest(key crypto.PublicKey) (Sha256Digest, error) {
9798 switch t := key .(type ) {
9899 case * jose.JSONWebKey :
99100 if t == nil {
100- return Sha256Digest {}, fmt . Errorf ( "Cannot compute digest of nil key" )
101+ return Sha256Digest {}, errors . New ( "cannot compute digest of nil key" )
101102 }
102103 return KeyDigest (t .Key )
103104 case jose.JSONWebKey :
@@ -133,21 +134,16 @@ func KeyDigestEquals(j, k crypto.PublicKey) bool {
133134 return digestJ == digestK
134135}
135136
136- // PublicKeysEqual determines whether two public keys have the same marshalled
137- // bytes as one another
138- func PublicKeysEqual (a , b interface {}) (bool , error ) {
139- if a == nil || b == nil {
140- return false , errors .New ("One or more nil arguments to PublicKeysEqual" )
141- }
142- aBytes , err := x509 .MarshalPKIXPublicKey (a )
143- if err != nil {
144- return false , err
145- }
146- bBytes , err := x509 .MarshalPKIXPublicKey (b )
147- if err != nil {
148- return false , err
137+ // PublicKeysEqual determines whether two public keys are identical.
138+ func PublicKeysEqual (a , b crypto.PublicKey ) (bool , error ) {
139+ switch ak := a .(type ) {
140+ case * rsa.PublicKey :
141+ return ak .Equal (b ), nil
142+ case * ecdsa.PublicKey :
143+ return ak .Equal (b ), nil
144+ default :
145+ return false , fmt .Errorf ("unsupported public key type %T" , ak )
149146 }
150- return bytes .Equal (aBytes , bBytes ), nil
151147}
152148
153149// SerialToString converts a certificate serial number (big.Int) to a String
@@ -161,7 +157,7 @@ func SerialToString(serial *big.Int) string {
161157func StringToSerial (serial string ) (* big.Int , error ) {
162158 var serialNum big.Int
163159 if ! ValidSerial (serial ) {
164- return & serialNum , errors . New ( "Invalid serial number" )
160+ return & serialNum , fmt . Errorf ( "invalid serial number %q" , serial )
165161 }
166162 _ , err := fmt .Sscanf (serial , "%036x" , & serialNum )
167163 return & serialNum , err
@@ -254,7 +250,7 @@ func LoadCert(filename string) (*x509.Certificate, error) {
254250 }
255251 block , _ := pem .Decode (certPEM )
256252 if block == nil {
257- return nil , fmt .Errorf ("No data in cert PEM file %s " , filename )
253+ return nil , fmt .Errorf ("no data in cert PEM file %q " , filename )
258254 }
259255 cert , err := x509 .ParseCertificate (block .Bytes )
260256 if err != nil {
0 commit comments