recognize ed25519 key type and return PKCS8 format (#13257)

* return pkcs8 format for ed25519 curve convertRespToPKCS8 does not recognize the ed25519 key. Changes to recognize ed25519 key and return its PKCS8 format
2025-10-29 17:52:32 +00:00 · 2021-11-24 20:24:06 +01:00
parent 3e703d576e
commit 50a9c8a6b0
2 changed files with 9 additions and 0 deletions
--- a/builtin/logical/pki/cert_util.go
+++ b/builtin/logical/pki/cert_util.go
@@ -1183,6 +1183,12 @@ func convertRespToPKCS8(resp *logical.Response) error {
 		signer, err = x509.ParsePKCS1PrivateKey(keyData)
 	case certutil.ECPrivateKey:
 		signer, err = x509.ParseECPrivateKey(keyData)
+	case certutil.Ed25519PrivateKey:
+		k, err := x509.ParsePKCS8PrivateKey(keyData)
+		if err != nil {
+			return fmt.Errorf("error converting response to pkcs8: error parsing previous key: %w", err)
+		}
+		signer = k.(crypto.Signer)
 	default:
 		return fmt.Errorf("unknown private key type %q", privKeyType)
 	}
--- a/changelog/13257.txt
+++ b/changelog/13257.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+secrets/pki: Recognize ed25519 when requesting a response in PKCS8 format
+```