plugin/dnssec, plugin/sign: ed25519 support (#3380)

* add ed25519 dnskey support
Signed-off-by: Sean Liao <seankhliao@gmail.com>

* fix ed25519 type assertion
Signed-off-by: Sean Liao <seankhliao@gmail.com>

* clean up whitespace
Signed-off-by: Sean Liao <seankhliao@gmail.com>

plugin/dnssec/dnskey.go

@@ -9,8 +9,9 @@ import (
 	"time"
 
 	"github.com/coredns/coredns/request"
-
 	"github.com/miekg/dns"
+
+	"golang.org/x/crypto/ed25519"
 )
 
 // DNSKEY holds a DNSSEC public and private key used for on-the-fly signing.
@@ -55,6 +56,9 @@ func ParseKeyFile(pubFile, privFile string) (*DNSKEY, error) {
 	if s, ok := p.(*ecdsa.PrivateKey); ok {
 		return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: dk.KeyTag()}, nil
 	}
+	if s, ok := p.(ed25519.PrivateKey); ok {
+		return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: dk.KeyTag()}, nil
+	}
 	return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: nil, tag: 0}, errors.New("no private key found")
 }
 

plugin/sign/keys.go

@@ -97,7 +97,7 @@ func readKeyPair(public, private string) (Pair, error) {
 	switch signer := privkey.(type) {
 	case *ecdsa.PrivateKey:
 		return Pair{Public: dnskey.(*dns.DNSKEY), KeyTag: dnskey.(*dns.DNSKEY).KeyTag(), Private: signer}, nil
-	case *ed25519.PrivateKey:
+	case ed25519.PrivateKey:
 		return Pair{Public: dnskey.(*dns.DNSKEY), KeyTag: dnskey.(*dns.DNSKEY).KeyTag(), Private: signer}, nil
 	case *rsa.PrivateKey:
 		return Pair{Public: dnskey.(*dns.DNSKEY), KeyTag: dnskey.(*dns.DNSKEY).KeyTag(), Private: signer}, nil