mirror of
https://github.com/gravitational/teleport
synced 2024-10-21 01:34:01 +00:00
Remove alg argument from CertAuthority.Signers
It's no longer needed, since CertAuthority contains the signing algorithm internally.
This commit is contained in:
parent
6b53312bed
commit
2172965057
|
@ -549,6 +549,11 @@ func startNewRotation(req rotationReq, ca services.CertAuthority) error {
|
|||
}
|
||||
ca.SetTLSKeyPairs(keyPairs)
|
||||
ca.SetRotation(rotation)
|
||||
// caSigningAlg is only set when (1) rotation is started manually and (2)
|
||||
// signing algorithm was explicitly set in the config file.
|
||||
//
|
||||
// For automatic rotations or when config file doesn't set a value,
|
||||
// preserve the signing algorithm of the existing CA.
|
||||
if req.caSigningAlg != nil {
|
||||
ca.SetSigningAlg(*req.caSigningAlg)
|
||||
}
|
||||
|
|
|
@ -224,7 +224,7 @@ type CertAuthority interface {
|
|||
// Checkers returns public keys that can be used to check cert authorities
|
||||
Checkers() ([]ssh.PublicKey, error)
|
||||
// Signers returns a list of signers that could be used to sign keys
|
||||
Signers(alg string) ([]ssh.Signer, error)
|
||||
Signers() ([]ssh.Signer, error)
|
||||
// V1 returns V1 version of the resource
|
||||
V1() *CertAuthorityV1
|
||||
// V2 returns V2 version of the resource
|
||||
|
@ -581,16 +581,14 @@ func (ca *CertAuthorityV2) Checkers() ([]ssh.PublicKey, error) {
|
|||
}
|
||||
|
||||
// Signers returns a list of signers that could be used to sign keys.
|
||||
//
|
||||
// The optional alg flag can be used to override the signature algorithm.
|
||||
func (ca *CertAuthorityV2) Signers(alg string) ([]ssh.Signer, error) {
|
||||
func (ca *CertAuthorityV2) Signers() ([]ssh.Signer, error) {
|
||||
out := make([]ssh.Signer, 0, len(ca.Spec.SigningKeys))
|
||||
for _, keyBytes := range ca.Spec.SigningKeys {
|
||||
signer, err := ssh.ParsePrivateKey(keyBytes)
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
signer = sshutils.AlgSigner(signer, alg)
|
||||
signer = sshutils.AlgSigner(signer, ca.GetSigningAlg())
|
||||
out = append(out, signer)
|
||||
}
|
||||
return out, nil
|
||||
|
@ -626,7 +624,7 @@ func (ca *CertAuthorityV2) Check() error {
|
|||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
_, err = ca.Signers("")
|
||||
_, err = ca.Signers()
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue