-Export method to generate keys for a Principal.
-Move the method from principal.go -> util.go
Change-Id: I0b4dc59f7c213d8c997c6a989308ceba2e165720
diff --git a/security/util.go b/security/util.go
index a7bd085..6e1f848 100644
--- a/security/util.go
+++ b/security/util.go
@@ -3,6 +3,7 @@
import (
"bytes"
"crypto/ecdsa"
+ "crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/json"
@@ -29,6 +30,15 @@
var PassphraseErr = errors.New("passphrase incorrect for decrypting private key")
+// NewPrincipalKey generates an ECDSA (public, private) key pair.
+func NewPrincipalKey() (security.PublicKey, *ecdsa.PrivateKey, error) {
+ priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+ if err != nil {
+ return nil, nil, err
+ }
+ return security.NewECDSAPublicKey(&priv.PublicKey), priv, nil
+}
+
// LoadPEMKey loads a key from 'r'. returns PassphraseErr for incorrect Passphrase.
// If the key held in 'r' is unencrypted, 'passphrase' will be ignored.
func LoadPEMKey(r io.Reader, passphrase []byte) (interface{}, error) {
