Skip to content

Commit 7c7f0c0

Browse files
sweatybridgesweatybridge
committed
chore: simplify key generation
1 parent a26a8a8 commit 7c7f0c0

File tree

1 file changed

+8
-42
lines changed

1 file changed

+8
-42
lines changed

internal/gen/signingkeys/signingkeys.go

Lines changed: 8 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -23,13 +23,8 @@ import (
2323
"github.com/supabase/cli/pkg/config"
2424
)
2525

26-
type KeyPair struct {
27-
PublicKey config.JWK
28-
PrivateKey config.JWK
29-
}
30-
31-
// GenerateKeyPair generates a new key pair for the specified algorithm
32-
func GenerateKeyPair(alg config.Algorithm) (*KeyPair, error) {
26+
// GeneratePrivateKey generates a new private key for the specified algorithm
27+
func GeneratePrivateKey(alg config.Algorithm) (*config.JWK, error) {
3328
keyID := uuid.New()
3429

3530
switch alg {
@@ -42,7 +37,7 @@ func GenerateKeyPair(alg config.Algorithm) (*KeyPair, error) {
4237
}
4338
}
4439

45-
func generateRSAKeyPair(keyID uuid.UUID) (*KeyPair, error) {
40+
func generateRSAKeyPair(keyID uuid.UUID) (*config.JWK, error) {
4641
// Generate RSA key pair (2048 bits for RS256)
4742
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
4843
if err != nil {
@@ -72,24 +67,10 @@ func generateRSAKeyPair(keyID uuid.UUID) (*KeyPair, error) {
7267
FirstCRTCoefficient: base64.RawURLEncoding.EncodeToString(privateKey.Precomputed.Qinv.Bytes()),
7368
}
7469

75-
publicJWK := config.JWK{
76-
KeyType: "RSA",
77-
KeyID: keyID,
78-
Use: "sig",
79-
KeyOps: []string{"verify"},
80-
Algorithm: "RS256",
81-
Extractable: cast.Ptr(true),
82-
Modulus: privateJWK.Modulus,
83-
Exponent: privateJWK.Exponent,
84-
}
85-
86-
return &KeyPair{
87-
PublicKey: publicJWK,
88-
PrivateKey: privateJWK,
89-
}, nil
70+
return &privateJWK, nil
9071
}
9172

92-
func generateECDSAKeyPair(keyID uuid.UUID) (*KeyPair, error) {
73+
func generateECDSAKeyPair(keyID uuid.UUID) (*config.JWK, error) {
9374
// Generate ECDSA key pair (P-256 curve for ES256)
9475
privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
9576
if err != nil {
@@ -112,22 +93,7 @@ func generateECDSAKeyPair(keyID uuid.UUID) (*KeyPair, error) {
11293
PrivateExponent: base64.RawURLEncoding.EncodeToString(privateKey.D.Bytes()),
11394
}
11495

115-
publicJWK := config.JWK{
116-
KeyType: "EC",
117-
KeyID: keyID,
118-
Use: "sig",
119-
KeyOps: []string{"verify"},
120-
Algorithm: "ES256",
121-
Extractable: cast.Ptr(true),
122-
Curve: "P-256",
123-
X: privateJWK.X,
124-
Y: privateJWK.Y,
125-
}
126-
127-
return &KeyPair{
128-
PublicKey: publicJWK,
129-
PrivateKey: privateJWK,
130-
}, nil
96+
return &privateJWK, nil
13197
}
13298

13399
// Run generates a key pair and writes it to the specified file path
@@ -139,7 +105,7 @@ func Run(ctx context.Context, algorithm string, appendMode bool, fsys afero.Fs)
139105
outputPath := utils.Config.Auth.SigningKeysPath
140106

141107
// Generate key pair
142-
keyPair, err := GenerateKeyPair(config.Algorithm(algorithm))
108+
privateJWK, err := GeneratePrivateKey(config.Algorithm(algorithm))
143109
if err != nil {
144110
return err
145111
}
@@ -181,7 +147,7 @@ func Run(ctx context.Context, algorithm string, appendMode bool, fsys afero.Fs)
181147
}
182148
out = f
183149
}
184-
jwkArray = append(jwkArray, keyPair.PrivateKey)
150+
jwkArray = append(jwkArray, *privateJWK)
185151

186152
// Write to file
187153
enc := json.NewEncoder(out)

0 commit comments

Comments
 (0)