Support for intermediate certificates

[Yannic]

No description provided.

[nathany]

I don't think message should be changed to interface{}.

Instead, I'd suggest that Sign continues using io.Reader and the calling application can use bytes.NewReader() if it needs to pass in []bytes.

[Yannic]

I agree with you that interface{} is not the best solution.

Instead of using io.Reader I suggest to introduce an interface Hashable Yannic@77cdc19

[nathany]

I'm not clear on how this would work. Do you intend to change Sign to accept Hashable instead of io.Reader then?

[Yannic]

I don't think replacing is an option because it wouldn't be compatible with the current version.

func Sign(reader io.Reader, certificate *x509.Certificate, privateKey *rsa.PrivateKey) ([]byte, error) {}

func SignIntermediate(reader io.Reader, certificate *x509.Certificate, privateKey *rsa.PrivateKey, intermediateCertificates []*x509.Certificate) ([]byte, error) {}

func SignData(hashable Hashable, certificate *x509.Certificate, privateKey *rsa.PrivateKey) ([]byte, error) {}

func SignDataIntermediate(hashable Hashable, certificate *x509.Certificate, privateKey *rsa.PrivateKey, intermediateCertificates []*x509.Certificate) ([]byte, error) {}

[nathany]

Agreed. But I'm not sure if I see the advantage of of Hashable over using bytes.NewReader() from the std library? Maybe I just need to see an example of how it would be used.

[Yannic]

You are right that there is no advantage when using []byte, but someone may have some kind of type struct{} he needs to sign. With Hashable, he has the opportunity to compute a checksum without having to serialize it first.

[nathany]

This nil check is unnecessary:
https://play.golang.org/p/4AJfaL9rNu

For more on nil, check out https://www.youtube.com/watch?v=ynoY2xz-F8s

[Yannic]

Thank you for your explanation, I will remove it.

[Yannic]

Ping?