mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-29 18:36:30 +02:00
14 lines
361 B
Go
14 lines
361 B
Go
package cryptutil
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
)
|
|
|
|
// NewSigningKey generates a random P-256 ECDSA private key.
|
|
// Go's P-256 is constant-time (which prevents certain types of attacks)
|
|
// while its P-384 and P-521 are not.
|
|
func NewSigningKey() (*ecdsa.PrivateKey, error) {
|
|
return ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
}
|