switch off deprecated elliptic.Marshal (#1108)

elliptic.Marshal was deprecated, we can replace it with the ECDH methods
even though we aren't using ECDH here. See:

- f03fb147d7

We still using elliptic.Unmarshal because this issue needs to be
resolved:

- https://github.com/golang/go/issues/63963
This commit is contained in:
Wade Simmons 2024-04-30 10:02:49 -04:00 committed by GitHub
parent d7f52dec41
commit 24f336ec56
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 3 deletions

View File

@ -180,9 +180,15 @@ func ca(args []string, out io.Writer, errOut io.Writer, pr PasswordReader) error
if err != nil { if err != nil {
return fmt.Errorf("error while generating ecdsa keys: %s", err) return fmt.Errorf("error while generating ecdsa keys: %s", err)
} }
// ref: https://github.com/golang/go/blob/go1.19/src/crypto/x509/sec1.go#L60
rawPriv = key.D.FillBytes(make([]byte, 32)) // ecdh.PrivateKey lets us get at the encoded bytes, even though
pub = elliptic.Marshal(elliptic.P256(), key.X, key.Y) // we aren't using ECDH here.
eKey, err := key.ECDH()
if err != nil {
return fmt.Errorf("error while converting ecdsa key: %s", err)
}
rawPriv = eKey.Bytes()
pub = eKey.PublicKey().Bytes()
} }
nc := cert.NebulaCertificate{ nc := cert.NebulaCertificate{