pkg crypto/hpke, type PrivateKey interface, Bytes() ([]uint8, error) #75300
pkg crypto/hpke, type PrivateKey interface, KEM() KEM #75300
pkg crypto/hpke, type PrivateKey interface, PublicKey() PublicKey #75300
pkg crypto/hpke, type PrivateKey interface, unexported methods #75300
pkg crypto/hpke, type PublicKey interface, Bytes() []uint8 #75300
pkg crypto/hpke, type PublicKey interface, KEM() KEM #75300

pkg crypto/ecdsa, func ParseRawPrivateKey(elliptic.Curve, []uint8) (*PrivateKey, error) #63963
pkg crypto/ecdsa, func ParseUncompressedPublicKey(elliptic.Curve, []uint8) (*PublicKey, error) #63963
pkg crypto/ecdsa, method (*PrivateKey) Bytes() ([]uint8, error) #63963
pkg crypto/ecdsa, method (*PublicKey) Bytes() ([]uint8, error) #63963

- name: cert-secret-volume
  secret:
    secretName: {{ tpl .Values.tls.certSecret $ }}
    items:
    - key: {{ .Values.tls.publicCrt }}
      path: public.crt
    - key: {{ .Values.tls.privateKey }}
      path: private.key
{{- end }}
{{- if or .Values.tls.enabled (ne .Values.trustedCertsSecret "") }}
{{- $certSecret := eq .Values.trustedCertsSecret "" | ternary .Values.tls.certSecret .Values.trustedCertsSecret }}

          <description>
            The password used in conjunction with the username to authenticate.
          </description>
          <type>String</type>
        </field>
        <field>
          <name>privateKey</name>
          <version>1.0.0+</version>
          <description>
            The private key location used to authenticate.
          </description>
          <type>String</type>
        </field>

	}

	publicKey := func(priv any) any {
		switch k := priv.(type) {
		case *rsa.PrivateKey:
			return &k.PublicKey
		case *ecdsa.PrivateKey:
			return &k.PublicKey
		default:
			return nil
		}
	}

	pemBlockForKey := func(priv any) *pem.Block {
		switch k := priv.(type) {
		case *rsa.PrivateKey:
			return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)}

  ## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret
  certSecret: ""
  publicCrt: public.crt
  privateKey: private.key

## Trusted Certificates Settings for MinIO. Ref: https://docs.min.io/community/minio-object-store/operations/network-encryption.html#third-party-certificate-authorities

return a[:] } // GenerateKey generates a new Ed25519 private key pair. func GenerateKey() (*PrivateKey, error) { priv := &PrivateKey{} return generateKey(priv) } func generateKey(priv *PrivateKey) (*PrivateKey, error) { fips140.RecordApproved() drbg.Read(priv.seed[:]) precomputePrivateKey(priv) fipsPCT(priv) return priv, nil } func NewPrivateKeyFromSee(seed []byte) (*PrivateKey, error) { priv := &PrivateKey{} return newPrivateKeyFromSee(priv, seed) } func newPrivateKeyFromSee(priv *PrivateKey, seed...

return a[:] } // GenerateKey generates a new Ed25519 private key pair. func GenerateKey() (*PrivateKey, error) { priv := &PrivateKey{} return generateKey(priv) } func generateKey(priv *PrivateKey) (*PrivateKey, error) { fips140.RecordApproved() drbg.Read(priv.seed[:]) precomputePrivateKey(priv) fipsPCT(priv) return priv, nil } func NewPrivateKeyFromSee(seed []byte) (*PrivateKey, error) { priv := &PrivateKey{} return newPrivateKeyFromSee(priv, seed) } func newPrivateKeyFromSee(priv *PrivateKey, seed...

## Public Discussions

Please restrain from publicly discussing a potential security vulnerability. 🙊

It's better to discuss privately and try to find a solution first, to limit the potential impact as much as possible.

---

Thanks for your help!