From c3d77873c46c57489c00d24867d71183e2ce37b4 Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <rolandshoemaker@gmail.com>
Date: Tue, 15 Dec 2015 13:49:26 -0800
Subject: [PATCH] Use a EC key to sign CT signatures, plus properly load it

---
 test/boulder-config.json |  2 +-
 test/ct-key.pem          |  6 +++---
 test/ct-test-srv/main.go | 13 ++++++++++---
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/test/boulder-config.json b/test/boulder-config.json
index 30961296c..ebc1bf68a 100644
--- a/test/boulder-config.json
+++ b/test/boulder-config.json
@@ -293,7 +293,7 @@
       "logs": [
         {
           "uri": "http://127.0.0.1:4500",
-          "key": "MHQCAQEEIGKI6QpOXNTBGdVaZ0938b0DEelF50qUDiWXvuB5oezjoAcGBSuBBAAKoUQDQgAEG7RPTHSjHhVDpR6XSishp/soJqHJHDvGpyc6TGJdHx+aD0wpi9knCJFpaxPTNDg0wWc3PtzLmlhlzeXu4lhDpQ=="
+          "key": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYggOxPnPkzKBIhTacSYoIfnSL2jPugcbUKx83vFMvk5gKAz/AGe87w20riuPwEGn229hKVbEKHFB61NIqNHC3Q=="
         }
       ],
       "intermediateBundleFilename": "test/test-ca.pem"
diff --git a/test/ct-key.pem b/test/ct-key.pem
index f208ae8be..f03aebd83 100644
--- a/test/ct-key.pem
+++ b/test/ct-key.pem
@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHQCAQEEIGKI6QpOXNTBGdVaZ0938b0DEelF50qUDiWXvuB5oezjoAcGBSuBBAAK
-oUQDQgAEG7RPTHSjHhVDpR6XSishp/soJqHJHDvGpyc6TGJdHx+aD0wpi9knCJFp
-axPTNDg0wWc3PtzLmlhlzeXu4lhDpQ==
+MHcCAQEEIOCtGlGt/WT7471dOHdfBg43uJWJoZDkZAQjWfTitcVNoAoGCCqGSM49
+AwEHoUQDQgAEYggOxPnPkzKBIhTacSYoIfnSL2jPugcbUKx83vFMvk5gKAz/AGe8
+7w20riuPwEGn229hKVbEKHFB61NIqNHC3Q==
 -----END EC PRIVATE KEY-----
diff --git a/test/ct-test-srv/main.go b/test/ct-test-srv/main.go
index 1610c7822..e11951e30 100644
--- a/test/ct-test-srv/main.go
+++ b/test/ct-test-srv/main.go
@@ -16,6 +16,7 @@ import (
 	"encoding/asn1"
 	"encoding/base64"
 	"encoding/json"
+	"encoding/pem"
 	"flag"
 	"fmt"
 	"io/ioutil"
@@ -142,13 +143,19 @@ func main() {
 
 	keyBytes, err := ioutil.ReadFile(*signingKey)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "failed to read signing key file\n")
+		fmt.Fprintf(os.Stderr, "failed to read signing key file: %s\n", err)
 		return
 	}
 
-	key, err := x509.ParseECPrivateKey(keyBytes)
+	keyBlock, _ := pem.Decode(keyBytes)
+	if keyBlock == nil {
+		fmt.Fprintf(os.Stderr, "failed to parse signing key PEM\n")
+		return
+	}
+
+	key, err := x509.ParseECPrivateKey(keyBlock.Bytes)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "failed to parse signing key file\n")
+		fmt.Fprintf(os.Stderr, "failed to parse signing key file: %s\n", err)
 		return
 	}