certkit 0.2.0

//! Key generation, import/export, and cryptographic signing.

use std::fmt;

use der::pem::LineEnding;
use pkcs8::{EncodePrivateKey, PrivateKeyInfo};

use crate::error::{CertKitError, Result};

/// Identifies the cryptographic algorithm of a key pair.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub enum KeyType {
    /// RSA key.
    Rsa,
    /// ECDSA key on the NIST P-256 curve.
    EcdsaP256,
    /// ECDSA key on the NIST P-384 curve.
    EcdsaP384,
    /// ECDSA key on the NIST P-521 curve.
    EcdsaP521,
    /// Ed25519 key.
    Ed25519,
}

impl fmt::Display for KeyType {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            Self::Rsa => write!(f, "RSA"),
            Self::EcdsaP256 => write!(f, "ECDSA P-256"),
            Self::EcdsaP384 => write!(f, "ECDSA P-384"),
            Self::EcdsaP521 => write!(f, "ECDSA P-521"),
            Self::Ed25519 => write!(f, "Ed25519"),
        }
    }
}

#[cfg(feature = "ed25519")]
use ed25519_dalek::SigningKey as Ed25519SigningKey;
#[cfg(feature = "ed25519")]
use ed25519_dalek::VerifyingKey as Ed25519VerifyingKey;
#[cfg(feature = "p256")]
use p256::ecdsa::{SigningKey as P256SigningKey, VerifyingKey as P256VerifyingKey};
#[cfg(feature = "p384")]
use p384::ecdsa::{SigningKey as P384SigningKey, VerifyingKey as P384VerifyingKey};
#[cfg(feature = "p521")]
use p521::ecdsa::SigningKey as P521SigningKey;
#[cfg(feature = "rsa")]
use rsa::pkcs1v15::SigningKey as RsaSigningKey;
#[cfg(feature = "rsa")]
use rsa::signature::SignatureEncoding;
#[cfg(feature = "rsa")]
use rsa::signature::Signer as RsaSigner;
#[cfg(feature = "rsa")]
use rsa::{
    RsaPrivateKey, RsaPublicKey,
    pkcs1::{DecodeRsaPrivateKey, DecodeRsaPublicKey, EncodeRsaPublicKey},
    traits::PublicKeyParts,
};
#[cfg(feature = "rsa")]
use sha2::Sha256; //only used with RSA keys.

/// Supported key types for certificate operations.
///
/// This enum represents different types of cryptographic key pairs supported by CertKit.
/// Each variant contains the necessary cryptographic primitives for signing and verification
/// operations.
///
/// # Supported Algorithms
///
/// - **RSA**: Variable key sizes (typically 2048, 3072, or 4096 bits)
/// - **ECDSA P-256**: NIST P-256 curve (secp256r1)
/// - **ECDSA P-384**: NIST P-384 curve (secp384r1)  
/// - **ECDSA P-521**: NIST P-521 curve (secp521r1)
/// - **Ed25519**: Edwards curve digital signature algorithm
///
/// # Examples
///
/// ```rust,no_run
/// use certkit::key::KeyPair;
///
/// # fn main() -> Result<(), certkit::error::CertKitError> {
/// // Generate different types of key pairs
/// let rsa_key = KeyPair::generate_rsa(2048)?;
/// let p256_key = KeyPair::generate_ecdsa_p256();
/// let p384_key = KeyPair::generate_ecdsa_p384();
/// let p521_key = KeyPair::generate_ecdsa_p521();
/// let ed25519_key = KeyPair::generate_ed25519();
///
/// // All key types can be used for signing
/// let data = b"Hello, world!";
/// let signature = rsa_key.sign_data(data)?;
/// println!("Signature length: {} bytes", signature.len());
/// # Ok(())
/// # }
/// ```
///
/// # Security Considerations
///
/// - RSA keys should be at least 2048 bits for security
/// - ECDSA keys provide equivalent security with smaller key sizes
/// - Ed25519 provides high security and performance
/// - Choose the appropriate algorithm based on your security requirements and compatibility needs
#[derive(Clone)]
pub enum KeyPair {
    /// RSA key pair.
    ///
    /// # Fields
    /// * `private` - The private key.
    /// * `public` - The public key.
    #[cfg(feature = "rsa")]
    Rsa {
        private: Box<RsaPrivateKey>,
        public: RsaPublicKey,
    },
    /// ECDSA P-256 key pair.
    ///
    /// # Fields
    /// * `signing_key` - The signing key.
    /// * `verifying_key` - The verifying key.
    #[cfg(feature = "p256")]
    EcdsaP256 {
        signing_key: P256SigningKey,
        verifying_key: P256VerifyingKey,
    },
    /// ECDSA P-384 key pair.
    ///
    /// # Fields
    /// * `signing_key` - The signing key.
    /// * `verifying_key` - The verifying key.
    #[cfg(feature = "p384")]
    EcdsaP384 {
        signing_key: P384SigningKey,
        verifying_key: P384VerifyingKey,
    },
    /// ECDSA P-521 key pair.
    ///
    /// # Fields
    /// * `secret_key` - The secret key.
    /// * `public_key` - The public key.
    #[cfg(feature = "p521")]
    EcdsaP521 {
        secret_key: p521::SecretKey,
        public_key: p521::PublicKey,
    },
    /// Ed25519 key pair.
    ///
    /// # Fields
    /// * `signing_key` - The signing key.
    #[cfg(feature = "ed25519")]
    Ed25519 { signing_key: Ed25519SigningKey },
}

impl std::fmt::Debug for KeyPair {
    /// Formats the key pair for debugging **without** exposing private key material.
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match self {
            #[cfg(feature = "rsa")]
            Self::Rsa { public, .. } => f
                .debug_struct("Rsa")
                .field("bits", &public.n().bits())
                .finish_non_exhaustive(),
            #[cfg(feature = "p256")]
            Self::EcdsaP256 { .. } => f.debug_struct("EcdsaP256").finish_non_exhaustive(),
            #[cfg(feature = "p384")]
            Self::EcdsaP384 { .. } => f.debug_struct("EcdsaP384").finish_non_exhaustive(),
            #[cfg(feature = "p521")]
            Self::EcdsaP521 { .. } => f.debug_struct("EcdsaP521").finish_non_exhaustive(),
            #[cfg(feature = "ed25519")]
            Self::Ed25519 { .. } => f.debug_struct("Ed25519").finish_non_exhaustive(),
        }
    }
}

/// Builds the P-521 ECDSA signing key for a stored secret key.
///
/// P-521 ECDSA signs over a SHA-512 prehash, which the `p521` crate implements
/// only on its `ecdsa::SigningKey` newtype. We store the `elliptic_curve`
/// `SecretKey`/`PublicKey`. They implement the PKCS#8/SPKI/SEC1 encoders that
/// the newtypes lack and, unlike the newtypes, derive `Debug`. We recover the
/// signing key on demand here. The scalar is preserved exactly, so signatures
/// match the previous `ecdsa::SigningKey<NistP521>` path.
#[cfg(feature = "p521")]
fn p521_signing_key(secret_key: &p521::SecretKey) -> P521SigningKey {
    P521SigningKey::from_bytes(&secret_key.to_bytes())
        .expect("a stored secret key always holds a valid scalar")
}

impl KeyPair {
    /// Generate an RSA key pair with the specified number of bits.
    ///
    /// Creates a new RSA key pair using cryptographically secure random number generation.
    /// The key size directly affects both security and performance characteristics.
    ///
    /// # Arguments
    /// * `bits` - The number of bits for the RSA key (recommended: 2048, 3072, or 4096)
    ///
    /// # Returns
    /// A `Result` containing the `KeyPair` on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::KeyGenerationError` if key generation fails due to:
    /// - Invalid key size
    /// - Insufficient entropy
    /// - System resource constraints
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::KeyPair;
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate a 2048-bit RSA key (recommended minimum)
    /// let key_2048 = KeyPair::generate_rsa(2048)?;
    ///
    /// // Generate a 4096-bit RSA key (higher security)
    /// let key_4096 = KeyPair::generate_rsa(4096)?;
    ///
    /// // Get the public key in DER format
    /// let public_der = key_2048.get_public_key_der();
    /// println!("Public key size: {} bytes", public_der.len());
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Security Notes
    /// - 2048-bit keys are considered secure for most applications
    /// - 3072-bit keys provide additional security margin
    /// - 4096-bit keys offer maximum security but with performance trade-offs
    #[cfg(feature = "rsa")]
    pub fn generate_rsa(bits: usize) -> Result<Self> {
        if bits < 2048 {
            return Err(CertKitError::InvalidInput(format!(
                "RSA key size {bits} bits is below the minimum of 2048"
            )));
        }
        log::debug!("generating RSA-{bits} key pair");
        let mut rng = rand_core::OsRng;
        let private = RsaPrivateKey::new(&mut rng, bits)?;
        let public = RsaPublicKey::from(&private);
        Ok(KeyPair::Rsa {
            private: Box::new(private),
            public,
        })
    }

    /// Generate an ECDSA P-256 key pair.
    ///
    /// Creates a new ECDSA key pair using the NIST P-256 curve (secp256r1).
    /// This curve provides approximately 128 bits of security and is widely supported.
    ///
    /// # Returns
    /// A `KeyPair` containing the ECDSA P-256 key pair.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::KeyPair;
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate a P-256 ECDSA key pair
    /// let key_pair = KeyPair::generate_ecdsa_p256();
    ///
    /// // Sign some data
    /// let data = b"Message to sign";
    /// let signature = key_pair.sign_data(data)?;
    /// println!("P-256 signature length: {} bytes", signature.len());
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Security Notes
    /// - P-256 provides ~128 bits of security
    /// - Widely supported across different systems and libraries
    /// - Smaller key and signature sizes compared to RSA
    /// - Fast signature generation and verification
    #[cfg(feature = "p256")]
    pub fn generate_ecdsa_p256() -> Self {
        log::debug!("generating ECDSA P-256 key pair");
        let mut rng = rand_core::OsRng;
        let signing_key = P256SigningKey::random(&mut rng);
        let verifying_key = signing_key.verifying_key().to_owned();
        KeyPair::EcdsaP256 {
            signing_key,
            verifying_key,
        }
    }

    /// Generate an ECDSA P-384 key pair.
    ///
    /// Creates a new ECDSA key pair using the NIST P-384 curve (secp384r1).
    /// This curve provides approximately 192 bits of security, offering a higher
    /// security level than P-256.
    ///
    /// # Returns
    /// A `KeyPair` containing the ECDSA P-384 key pair.
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// // Generate a P-384 ECDSA key pair
    /// let key_pair = KeyPair::generate_ecdsa_p384();
    ///
    /// // Convert to SPKI format for certificate use
    /// let spki = key_pair.as_spki();
    /// println!("Generated P-384 key pair");
    /// ```
    ///
    /// # Security Notes
    /// - P-384 provides ~192 bits of security
    /// - Higher security level than P-256
    /// - Suitable for high-security applications
    /// - Slightly larger signatures than P-256
    #[cfg(feature = "p384")]
    pub fn generate_ecdsa_p384() -> Self {
        log::debug!("generating ECDSA P-384 key pair");
        let mut rng = rand_core::OsRng;
        let signing_key = P384SigningKey::random(&mut rng);
        let verifying_key = signing_key.verifying_key().to_owned();
        KeyPair::EcdsaP384 {
            signing_key,
            verifying_key,
        }
    }

    /// Generate an ECDSA P-521 key pair.
    ///
    /// Creates a new ECDSA key pair using the NIST P-521 curve (secp521r1).
    /// This curve provides approximately 256 bits of security, the highest
    /// security level among the NIST curves.
    ///
    /// # Returns
    /// A `KeyPair` containing the ECDSA P-521 key pair.
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// // Generate a P-521 ECDSA key pair
    /// let key_pair = KeyPair::generate_ecdsa_p521();
    ///
    /// // Get public key in DER format
    /// let public_der = key_pair.get_public_key_der();
    /// println!("P-521 public key size: {} bytes", public_der.len());
    /// ```
    ///
    /// # Security Notes
    /// - P-521 provides ~256 bits of security
    /// - Highest security level among NIST curves
    /// - Suitable for applications requiring maximum security
    /// - Larger key and signature sizes than P-256/P-384
    #[cfg(feature = "p521")]
    pub fn generate_ecdsa_p521() -> Self {
        log::debug!("generating ECDSA P-521 key pair");
        let mut rng = rand_core::OsRng;
        let secret_key = p521::SecretKey::random(&mut rng);
        let public_key = secret_key.public_key();
        KeyPair::EcdsaP521 {
            secret_key,
            public_key,
        }
    }

    /// Generate an Ed25519 key pair.
    ///
    /// Creates a new Ed25519 key pair using the Edwards curve digital signature algorithm.
    /// Ed25519 provides high security, fast performance, and resistance to side-channel attacks.
    ///
    /// # Returns
    /// A `KeyPair` containing the Ed25519 key pair.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::KeyPair;
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate an Ed25519 key pair
    /// let key_pair = KeyPair::generate_ed25519();
    ///
    /// // Sign data (Ed25519 is very fast)
    /// let data = b"Fast signing with Ed25519";
    /// let signature = key_pair.sign_data(data)?;
    /// println!("Ed25519 signature length: {} bytes", signature.len());
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Security Notes
    /// - Provides ~128 bits of security (equivalent to P-256)
    /// - Extremely fast signature generation and verification
    /// - Resistant to side-channel attacks
    /// - Fixed 32-byte public keys and 64-byte signatures
    /// - Deterministic signatures (no random nonce required)
    #[cfg(feature = "ed25519")]
    pub fn generate_ed25519() -> Self {
        log::debug!("generating Ed25519 key pair");
        let mut rng = rand_core::OsRng;
        let signing_key: Ed25519SigningKey = Ed25519SigningKey::generate(&mut rng);
        KeyPair::Ed25519 { signing_key }
    }

    /// Retrieves the public key in DER format.
    ///
    /// Extracts the public key component and encodes it in Distinguished Encoding Rules (DER) format.
    /// The encoding format varies by key type:
    /// - RSA: PKCS#1 RSAPublicKey format
    /// - ECDSA: SEC1 uncompressed point format
    /// - Ed25519: Raw 32-byte public key
    ///
    /// # Returns
    /// A byte vector containing the DER-encoded public key.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::KeyPair;
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// let rsa_key = KeyPair::generate_rsa(2048)?;
    /// let p256_key = KeyPair::generate_ecdsa_p256();
    /// let ed25519_key = KeyPair::generate_ed25519();
    ///
    /// // Get public keys in DER format
    /// let rsa_der = rsa_key.get_public_key_der();
    /// let p256_der = p256_key.get_public_key_der();
    /// let ed25519_der = ed25519_key.get_public_key_der();
    ///
    /// println!("RSA public key: {} bytes", rsa_der.len());
    /// println!("P-256 public key: {} bytes", p256_der.len());
    /// println!("Ed25519 public key: {} bytes", ed25519_der.len());
    /// # Ok(())
    /// # }
    /// ```
    pub fn get_public_key_der(&self) -> Vec<u8> {
        match self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { public, .. } => public
                .to_pkcs1_der()
                .expect("valid RSA public key always encodes to PKCS#1 DER")
                .as_bytes()
                .to_vec(),
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { verifying_key, .. } => verifying_key.to_sec1_bytes().to_vec(),
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { verifying_key, .. } => verifying_key.to_sec1_bytes().to_vec(),
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { public_key, .. } => public_key.to_sec1_bytes().to_vec(),
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key } => signing_key.verifying_key().to_bytes().to_vec(),
        }
    }

    /// Encodes the private key in PKCS8 PEM format
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// fn some_func() -> Result<(), certkit::error::CertKitError> {
    ///     let rsa_key = KeyPair::generate_rsa(2048)?;
    ///     println!("Random RSA private key pem:\n{}", rsa_key.encode_private_key_pem().unwrap());
    ///     Ok(())
    /// }
    /// ```
    pub fn encode_private_key_pem(&self) -> Result<String> {
        let key = (match &self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { private, .. } => private.to_pkcs8_pem(LineEnding::default()),
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { signing_key, .. } => {
                EncodePrivateKey::to_pkcs8_pem(signing_key, LineEnding::default())
            }
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { signing_key, .. } => {
                EncodePrivateKey::to_pkcs8_pem(signing_key, LineEnding::default())
            }
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { secret_key, .. } => {
                EncodePrivateKey::to_pkcs8_pem(secret_key, LineEnding::default())
            }
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key, .. } => {
                EncodePrivateKey::to_pkcs8_pem(signing_key, LineEnding::default())
            }
        })
        .map_err(|e| e.to_string())
        .map_err(CertKitError::EncodingError)?;

        Ok(key.as_str().to_string())
    }

    /// Encodes the private key in PKCS#8 DER format.
    ///
    /// # Returns
    /// A `Result` containing the DER-encoded private key bytes, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::EncodingError` if the key cannot be encoded.
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// let key = KeyPair::generate_ecdsa_p256();
    /// let der_bytes = key.encode_private_key_der().unwrap();
    /// println!("Private key DER: {} bytes", der_bytes.len());
    ///
    /// // Round-trip: the DER can be re-imported
    /// let restored = KeyPair::import_from_der(&der_bytes).unwrap();
    /// ```
    pub fn encode_private_key_der(&self) -> Result<Vec<u8>> {
        let doc = (match &self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { private, .. } => private.to_pkcs8_der(),
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { signing_key, .. } => EncodePrivateKey::to_pkcs8_der(signing_key),
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { signing_key, .. } => EncodePrivateKey::to_pkcs8_der(signing_key),
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { secret_key, .. } => EncodePrivateKey::to_pkcs8_der(secret_key),
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key, .. } => EncodePrivateKey::to_pkcs8_der(signing_key),
        })
        .map_err(|e| e.to_string())
        .map_err(CertKitError::EncodingError)?;

        Ok(doc.as_bytes().to_vec())
    }

    /// Returns the [`KeyType`] of this key pair.
    ///
    /// This is a lightweight accessor that lets callers discover the
    /// algorithm without matching on the full `KeyPair` enum.
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::{KeyPair, KeyType};
    ///
    /// let key = KeyPair::generate_ecdsa_p384();
    /// assert_eq!(key.key_type(), KeyType::EcdsaP384);
    /// ```
    pub fn key_type(&self) -> KeyType {
        match self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { .. } => KeyType::Rsa,
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { .. } => KeyType::EcdsaP256,
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { .. } => KeyType::EcdsaP384,
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { .. } => KeyType::EcdsaP521,
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { .. } => KeyType::Ed25519,
        }
    }

    /// Imports a key pair from DER-encoded data.
    ///
    /// Attempts to decode DER-encoded private key data and create a `KeyPair`.
    /// The function automatically detects the key type and format by trying
    /// different decoding methods in order.
    ///
    /// # Supported Formats
    /// - RSA: PKCS#1 and PKCS#8 formats
    /// - ECDSA (P-256, P-384, P-521): PKCS#8 format
    /// - Ed25519: PKCS#8 format
    ///
    /// # Arguments
    /// * `der` - A byte slice containing the DER-encoded private key data
    ///
    /// # Returns
    /// A `Result` containing the `KeyPair` on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::DecodingError` if:
    /// - The DER data is malformed
    /// - The key type is unsupported
    /// - The key format is not recognized
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// // Generate a key and export to DER
    /// let original_key = KeyPair::generate_ecdsa_p256();
    /// // Note: In practice, you'd get DER data from external sources
    ///
    /// // Import from DER data (example with hypothetical DER bytes)
    /// let der_data = &[/* DER-encoded key bytes */];
    /// match KeyPair::import_from_der(der_data) {
    ///     Ok(imported_key) => println!("Key imported successfully"),
    ///     Err(e) => println!("Import failed: {}", e),
    /// }
    /// ```
    pub fn import_from_der(der: &[u8]) -> Result<Self> {
        log::trace!("importing key from {} bytes of DER", der.len());
        // Try RSA PKCS#1 first
        #[cfg(feature = "rsa")]
        if let Ok(private) = RsaPrivateKey::from_pkcs1_der(der) {
            let public = RsaPublicKey::from(&private);
            return Ok(KeyPair::Rsa {
                private: Box::new(private),
                public,
            });
        }

        let private_key_info = PrivateKeyInfo::try_from(der).map_err(|_| {
            CertKitError::DecodingError("Unsupported or invalid key DER encoding".to_string())
        })?;

        // Try RSA PKCS#8
        #[cfg(feature = "rsa")]
        if let Ok(private) = RsaPrivateKey::try_from(private_key_info.clone()) {
            let public = RsaPublicKey::from(&private);
            return Ok(KeyPair::Rsa {
                private: Box::new(private),
                public,
            });
        }

        // Try ECDSA P-256 PKCS#8
        #[cfg(feature = "p256")]
        if let Ok(signing_key) = P256SigningKey::try_from(private_key_info.clone()) {
            let verifying_key = signing_key.verifying_key().to_owned();
            return Ok(KeyPair::EcdsaP256 {
                signing_key,
                verifying_key,
            });
        }
        // Try ECDSA P-384 PKCS#8
        #[cfg(feature = "p384")]
        if let Ok(signing_key) = P384SigningKey::try_from(private_key_info.clone()) {
            let verifying_key = signing_key.verifying_key().to_owned();
            return Ok(KeyPair::EcdsaP384 {
                signing_key,
                verifying_key,
            });
        }
        // Try ECDSA P-521 PKCS#8
        #[cfg(feature = "p521")]
        if let Ok(secret_key) = p521::SecretKey::try_from(private_key_info.clone()) {
            let public_key = secret_key.public_key();
            return Ok(KeyPair::EcdsaP521 {
                secret_key,
                public_key,
            });
        }

        // Try Ed25519
        #[cfg(feature = "ed25519")]
        if let Ok(signing_key) = Ed25519SigningKey::try_from(private_key_info.clone()) {
            return Ok(KeyPair::Ed25519 { signing_key });
        }

        Err(CertKitError::DecodingError(
            "Unsupported or invalid key DER encoding".to_string(),
        ))
    }

    /// Imports a key pair from PEM-encoded data.
    ///
    /// Parses PEM-encoded private key data and creates a `KeyPair`. The function
    /// expects PKCS#8 format private keys with the "PRIVATE KEY" label.
    ///
    /// # Arguments
    /// * `pem_str` - A string slice containing the PEM-encoded private key data
    ///
    /// # Returns
    /// A `Result` containing the `KeyPair` on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::DecodingError` if:
    /// - The PEM format is invalid
    /// - The PEM label is not "PRIVATE KEY"
    /// - The underlying DER data cannot be decoded
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// let pem_data = r#"-----BEGIN PRIVATE KEY-----
    /// MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg...
    /// -----END PRIVATE KEY-----"#;
    ///
    /// match KeyPair::import_from_pkcs8_pem(pem_data) {
    ///     Ok(key_pair) => {
    ///         println!("Successfully imported key from PEM");
    ///         let signature = key_pair.sign_data(b"test data")?;
    ///         println!("Signature created: {} bytes", signature.len());
    ///     }
    ///     Err(e) => println!("Failed to import key: {}", e),
    /// }
    /// # Ok::<(), certkit::error::CertKitError>(())
    /// ```
    ///
    /// # Format Requirements
    /// The PEM data must:
    /// - Use the "PRIVATE KEY" label (PKCS#8 format)
    /// - Contain valid base64-encoded DER data
    /// - Represent a supported key type (RSA, ECDSA P-256/P-384/P-521, Ed25519)
    pub fn import_from_pkcs8_pem(pem_str: &str) -> Result<Self> {
        log::trace!("importing key from PKCS#8 PEM");
        let pemd = pem::parse(pem_str)
            .map_err(|_| CertKitError::DecodingError("Failed to parse PEM".to_string()))?;

        if pemd.tag() == "PRIVATE KEY" {
            Self::import_from_der(pemd.contents())
        } else {
            Err(CertKitError::InvalidInput(format!(
                "Unsupported PEM tag: {}",
                pemd.tag()
            )))
        }
    }

    /// Converts the key pair to an X.509 SubjectPublicKeyInfo format.
    ///
    /// Creates a SubjectPublicKeyInfo (SPKI) structure containing the public key
    /// and its algorithm identifier. This format is used in X.509 certificates
    /// and certificate signing requests.
    ///
    /// # Returns
    /// An `x509_cert::spki::SubjectPublicKeyInfoOwned` object containing:
    /// - Algorithm identifier with appropriate OID
    /// - Public key data in the correct format
    /// - Algorithm parameters (if required)
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::KeyPair;
    ///
    /// let key_pair = KeyPair::generate_ecdsa_p256();
    /// let spki = key_pair.as_spki();
    ///
    /// println!("Algorithm OID: {}", spki.algorithm.oid);
    /// println!("Public key bits: {} bytes", spki.subject_public_key.raw_bytes().len());
    /// ```
    ///
    /// # Algorithm Identifiers
    /// - RSA: rsaEncryption (1.2.840.113549.1.1.1)
    /// - ECDSA P-256: id-ecPublicKey with secp256r1 parameters
    /// - ECDSA P-384: id-ecPublicKey with secp384r1 parameters  
    /// - ECDSA P-521: id-ecPublicKey with secp521r1 parameters
    /// - Ed25519: id-Ed25519 (1.3.101.112)
    pub fn as_spki(&self) -> x509_cert::spki::SubjectPublicKeyInfoOwned {
        match self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { public, .. } => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(public.clone())
                    .expect("valid RSA key always encodes to SPKI")
            }
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { verifying_key, .. } => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*verifying_key)
                    .expect("valid P-256 key always encodes to SPKI")
            }
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { verifying_key, .. } => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*verifying_key)
                    .expect("valid P-384 key always encodes to SPKI")
            }
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { public_key, .. } => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*public_key)
                    .expect("valid P-521 key always encodes to SPKI")
            }
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key } => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(signing_key.verifying_key())
                    .expect("valid Ed25519 key always encodes to SPKI")
            }
        }
    }

    /// Signs the provided data using the private key.
    ///
    /// Creates a digital signature over the provided data using the appropriate
    /// signature algorithm for the key type. The signature can be verified using
    /// the corresponding public key.
    ///
    /// # Signature Algorithms Used
    /// - RSA: RSASSA-PKCS1-v1_5 with SHA-256
    /// - ECDSA (all curves): ECDSA with SHA-256
    /// - Ed25519: Pure Ed25519 (no hash function needed)
    ///
    /// # Arguments
    /// * `data` - A byte slice containing the data to sign
    ///
    /// # Returns
    /// A `Result` containing the signature bytes on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError` if:
    /// - The signing operation fails
    /// - The key is invalid or corrupted
    /// - System resources are insufficient
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::KeyPair;
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Sign data with different key types
    /// let rsa_key = KeyPair::generate_rsa(2048)?;
    /// let ecdsa_key = KeyPair::generate_ecdsa_p256();
    /// let ed25519_key = KeyPair::generate_ed25519();
    ///
    /// let message = b"Important message to sign";
    ///
    /// let rsa_sig = rsa_key.sign_data(message)?;
    /// let ecdsa_sig = ecdsa_key.sign_data(message)?;
    /// let ed25519_sig = ed25519_key.sign_data(message)?;
    ///
    /// println!("RSA signature: {} bytes", rsa_sig.len());
    /// println!("ECDSA signature: {} bytes", ecdsa_sig.len());
    /// println!("Ed25519 signature: {} bytes", ed25519_sig.len());
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Security Notes
    /// - RSA signatures are deterministic with PKCS#1 v1.5 padding
    /// - ECDSA signatures include randomness and vary between calls
    /// - Ed25519 signatures are deterministic and consistent
    /// - All algorithms provide strong security when used properly
    pub fn sign_data(&self, data: &[u8]) -> Result<Vec<u8>> {
        log::trace!("signing {} bytes of data", data.len());
        match self {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { private, .. } => {
                // Using RSA-PKCS1v15 (in a real implementation you’d choose a proper hash algorithm)
                let signing_key: RsaSigningKey<Sha256> = RsaSigningKey::new(*(private.clone()));
                let signature = signing_key.sign(data);
                Ok(signature.to_vec())
            }
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { signing_key, .. } => {
                let signature: p256::ecdsa::Signature =
                    p256::ecdsa::signature::Signer::sign(signing_key, data);
                Ok(signature.to_der().as_bytes().to_vec())
            }
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { signing_key, .. } => {
                let signature: p384::ecdsa::Signature =
                    p384::ecdsa::signature::Signer::sign(signing_key, data);
                Ok(signature.to_der().as_bytes().to_vec())
            }
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { secret_key, .. } => {
                let signing_key = p521_signing_key(secret_key);
                let signature: p521::ecdsa::Signature =
                    p521::ecdsa::signature::Signer::sign(&signing_key, data);
                Ok(signature.to_der().as_bytes().to_vec())
            }
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key } => {
                use ed25519_dalek::Signer;
                let signature = signing_key.sign(data);
                Ok(signature.to_bytes().to_vec())
            }
        }
    }
}

impl fmt::Display for KeyPair {
    /// Formats the key pair as a human-readable string describing the algorithm
    /// while never exposing the private key material.
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            #[cfg(feature = "rsa")]
            Self::Rsa { public, .. } => write!(f, "RSA-{}", public.n().bits()),
            #[cfg(feature = "p256")]
            Self::EcdsaP256 { .. } => write!(f, "ECDSA P-256"),
            #[cfg(feature = "p384")]
            Self::EcdsaP384 { .. } => write!(f, "ECDSA P-384"),
            #[cfg(feature = "p521")]
            Self::EcdsaP521 { .. } => write!(f, "ECDSA P-521"),
            #[cfg(feature = "ed25519")]
            Self::Ed25519 { .. } => write!(f, "Ed25519"),
        }
    }
}

/// Represents a public key for cryptographic operations.
///
/// This enum encapsulates public keys from various cryptographic algorithms
/// supported by CertKit. Public keys are used for signature verification,
/// encryption (in the case of RSA), and inclusion in X.509 certificates.
///
/// # Supported Key Types
/// - **RSA**: Variable key sizes, commonly 2048-4096 bits
/// - **ECDSA P-256**: NIST P-256 curve public keys
/// - **ECDSA P-384**: NIST P-384 curve public keys
/// - **ECDSA P-521**: NIST P-521 curve public keys
/// - **Ed25519**: Edwards curve public keys (32 bytes)
///
/// # Examples
///
/// ```rust,no_run
/// use certkit::key::{KeyPair, PublicKey};
///
/// # fn main() -> Result<(), certkit::error::CertKitError> {
/// // Extract public key from a key pair
/// let key_pair = KeyPair::generate_ecdsa_p256();
/// let public_key = PublicKey::from_key_pair(&key_pair);
///
/// // Convert to DER format for storage or transmission
/// let der_bytes = public_key.to_der()?;
/// println!("Public key DER size: {} bytes", der_bytes.len());
///
/// # Ok(())
/// # }
/// ```
#[derive(Debug, Clone)]
pub enum PublicKey {
    /// RSA public key.
    #[cfg(feature = "rsa")]
    Rsa(RsaPublicKey),
    /// ECDSA P-256 public key.
    #[cfg(feature = "p256")]
    EcdsaP256(P256VerifyingKey),
    /// ECDSA P-384 public key.
    #[cfg(feature = "p384")]
    EcdsaP384(P384VerifyingKey),
    /// ECDSA P-521 public key.
    #[cfg(feature = "p521")]
    EcdsaP521(p521::PublicKey),
    /// Ed25519 public key.
    #[cfg(feature = "ed25519")]
    Ed25519(Ed25519VerifyingKey),
}

impl PublicKey {
    /// Converts the public key to DER format.
    ///
    /// Encodes the public key in Distinguished Encoding Rules (DER) format.
    /// The specific encoding depends on the key type:
    /// - RSA: PKCS#1 RSAPublicKey format
    /// - ECDSA: SEC1 uncompressed point format
    /// - Ed25519: Raw 32-byte public key
    ///
    /// # Returns
    /// A `Result` containing the DER-encoded public key bytes, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::EncodingError` if the key cannot be encoded to DER format.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::{KeyPair, PublicKey};
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// let key_pair = KeyPair::generate_rsa(2048)?;
    /// let public_key = PublicKey::from_key_pair(&key_pair);
    ///
    /// let der_bytes = public_key.to_der()?;
    /// println!("RSA public key DER: {} bytes", der_bytes.len());
    /// # Ok(())
    /// # }
    /// ```
    pub fn to_der(&self) -> Result<Vec<u8>> {
        match self {
            #[cfg(feature = "rsa")]
            PublicKey::Rsa(public) => Ok(public.to_pkcs1_der()?.as_bytes().to_vec()),
            #[cfg(feature = "p256")]
            PublicKey::EcdsaP256(verifying_key) => Ok(verifying_key.to_sec1_bytes().to_vec()),
            #[cfg(feature = "p384")]
            PublicKey::EcdsaP384(verifying_key) => Ok(verifying_key.to_sec1_bytes().to_vec()),
            #[cfg(feature = "p521")]
            PublicKey::EcdsaP521(public_key) => Ok(public_key.to_sec1_bytes().to_vec()),
            #[cfg(feature = "ed25519")]
            PublicKey::Ed25519(verifying_key) => Ok(verifying_key.to_bytes().to_vec()),
        }
    }

    /// Converts the public key to an X.509 `SubjectPublicKeyInfo`.
    ///
    /// Mirrors [`KeyPair::as_spki`] for the public half. Deriving a key
    /// identifier from this SPKI yields the same value a CA derives from its
    /// signing key, so a subject key identifier here matches the authority key
    /// identifier of certificates this key later signs.
    pub fn as_spki(&self) -> x509_cert::spki::SubjectPublicKeyInfoOwned {
        match self {
            #[cfg(feature = "rsa")]
            PublicKey::Rsa(public) => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(public.clone())
                    .expect("valid RSA key always encodes to SPKI")
            }
            #[cfg(feature = "p256")]
            PublicKey::EcdsaP256(verifying_key) => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*verifying_key)
                    .expect("valid P-256 key always encodes to SPKI")
            }
            #[cfg(feature = "p384")]
            PublicKey::EcdsaP384(verifying_key) => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*verifying_key)
                    .expect("valid P-384 key always encodes to SPKI")
            }
            #[cfg(feature = "p521")]
            PublicKey::EcdsaP521(public_key) => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*public_key)
                    .expect("valid P-521 key always encodes to SPKI")
            }
            #[cfg(feature = "ed25519")]
            PublicKey::Ed25519(verifying_key) => {
                x509_cert::spki::SubjectPublicKeyInfoOwned::from_key(*verifying_key)
                    .expect("valid Ed25519 key always encodes to SPKI")
            }
        }
    }

    /// Decodes an RSA public key from PKCS#1 DER-encoded bytes.
    ///
    /// This method only supports RSA public keys in PKCS#1 (`RSAPublicKey`)
    /// format. For other key types, use [`PublicKey::from_key_pair`] or
    /// [`PublicKey::from_x509spki`].
    ///
    /// # Arguments
    /// * `der` - A byte slice containing the PKCS#1 DER-encoded RSA public key
    ///
    /// # Returns
    /// A `Result` containing the `PublicKey` on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::RsaPkcs1Error` if the DER data is not a valid
    /// PKCS#1 RSA public key.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::{KeyPair, PublicKey};
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate a key pair and extract public key DER
    /// let key_pair = KeyPair::generate_rsa(2048)?;
    /// let public_key = PublicKey::from_key_pair(&key_pair);
    /// let der_bytes = public_key.to_der()?;
    ///
    /// // Recreate public key from PKCS#1 DER
    /// let restored_key = PublicKey::from_rsa_pkcs1_der(&der_bytes)?;
    /// # Ok(())
    /// # }
    /// ```
    #[cfg(feature = "rsa")]
    pub fn from_rsa_pkcs1_der(der: &[u8]) -> Result<Self> {
        let public = RsaPublicKey::from_pkcs1_der(der)?;
        Ok(PublicKey::Rsa(public))
    }

    /// Creates a public key from a key pair.
    ///
    /// Extracts the public key component from a `KeyPair` and creates a
    /// corresponding `PublicKey` instance. This is useful when you need
    /// to work with just the public key portion.
    ///
    /// # Arguments
    /// * `key_pair` - A reference to a `KeyPair` object
    ///
    /// # Returns
    /// A `PublicKey` containing the public key component.
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::{KeyPair, PublicKey};
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate different types of key pairs
    /// let rsa_pair = KeyPair::generate_rsa(2048)?;
    /// let ecdsa_pair = KeyPair::generate_ecdsa_p256();
    /// let ed25519_pair = KeyPair::generate_ed25519();
    ///
    /// // Extract public keys
    /// let rsa_public = PublicKey::from_key_pair(&rsa_pair);
    /// let ecdsa_public = PublicKey::from_key_pair(&ecdsa_pair);
    /// let ed25519_public = PublicKey::from_key_pair(&ed25519_pair);
    ///
    /// println!("Extracted public keys from all key pair types");
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Use Cases
    /// - Creating certificates (public key goes into the certificate)
    /// - Sharing public keys for verification
    /// - Storing public keys separately from private keys
    pub fn from_key_pair(key_pair: &KeyPair) -> Self {
        match key_pair {
            #[cfg(feature = "rsa")]
            KeyPair::Rsa { public, .. } => PublicKey::Rsa(public.clone()),
            #[cfg(feature = "p256")]
            KeyPair::EcdsaP256 { verifying_key, .. } => PublicKey::EcdsaP256(*verifying_key),
            #[cfg(feature = "p384")]
            KeyPair::EcdsaP384 { verifying_key, .. } => PublicKey::EcdsaP384(*verifying_key),
            #[cfg(feature = "p521")]
            KeyPair::EcdsaP521 { public_key, .. } => PublicKey::EcdsaP521(*public_key),
            #[cfg(feature = "ed25519")]
            KeyPair::Ed25519 { signing_key, .. } => PublicKey::Ed25519(signing_key.verifying_key()),
        }
    }

    /// Creates a public key from an X.509 SubjectPublicKeyInfo object.
    ///
    /// Parses a SubjectPublicKeyInfo (SPKI) structure and extracts the public key.
    /// This is commonly used when parsing X.509 certificates or certificate
    /// signing requests.
    ///
    /// # Supported Algorithms
    /// - RSA (rsaEncryption OID)
    /// - ECDSA P-256 (id-ecPublicKey with secp256r1 parameters)
    /// - ECDSA P-384 (id-ecPublicKey with secp384r1 parameters)
    /// - ECDSA P-521 (id-ecPublicKey with secp521r1 parameters)
    /// - Ed25519 (id-Ed25519 OID)
    ///
    /// # Arguments
    /// * `spki` - A reference to an `x509_cert::spki::SubjectPublicKeyInfoOwned` object
    ///
    /// # Returns
    /// A `Result` containing the `PublicKey` on success, or a `CertKitError` on failure.
    ///
    /// # Errors
    /// Returns `CertKitError::DecodingError` if:
    /// - The algorithm OID is not supported
    /// - The public key data is malformed
    /// - Required algorithm parameters are missing
    /// - The key format is invalid for the specified algorithm
    ///
    /// # Examples
    ///
    /// ```rust,no_run
    /// use certkit::key::{KeyPair, PublicKey};
    ///
    /// # fn main() -> Result<(), certkit::error::CertKitError> {
    /// // Generate a key pair and convert to SPKI
    /// let key_pair = KeyPair::generate_ecdsa_p384();
    /// let spki = key_pair.as_spki();
    ///
    /// // Recreate public key from SPKI
    /// let public_key = PublicKey::from_x509spki(&spki)?;
    /// println!("Successfully parsed public key from SPKI");
    /// # Ok(())
    /// # }
    /// ```
    ///
    /// # Use Cases
    /// - Parsing public keys from X.509 certificates
    /// - Processing certificate signing requests
    /// - Validating certificate chains
    /// - Interoperability with other X.509 implementations
    pub fn from_x509spki(spki: &x509_cert::spki::SubjectPublicKeyInfoOwned) -> Result<Self> {
        match spki.algorithm.oid {
            #[cfg(feature = "rsa")]
            const_oid::db::rfc5912::RSA_ENCRYPTION => {
                let pk_bytes = spki.subject_public_key.as_bytes().ok_or_else(|| {
                    CertKitError::DecodingError("Invalid RSA public key bitstring".to_string())
                })?;
                let public_key = RsaPublicKey::from_pkcs1_der(pk_bytes)?;
                Ok(PublicKey::Rsa(public_key))
            }
            #[cfg(any(feature = "p256", feature = "p384", feature = "p521"))]
            const_oid::db::rfc5912::ID_EC_PUBLIC_KEY => {
                use der::asn1::ObjectIdentifier;
                let params = spki.algorithm.parameters.as_ref().ok_or_else(|| {
                    CertKitError::DecodingError("Missing EC parameters".to_string())
                })?;
                let params_oid: ObjectIdentifier = params.decode_as().map_err(|_| {
                    CertKitError::DecodingError("Invalid EC parameters OID".to_string())
                })?;
                let raw_bytes = spki.subject_public_key.as_bytes().ok_or_else(|| {
                    CertKitError::DecodingError("Invalid EC public key bitstring".to_string())
                })?;
                match params_oid {
                    #[cfg(feature = "p256")]
                    const_oid::db::rfc5912::SECP_256_R_1 => {
                        let verifying_key =
                            P256VerifyingKey::from_sec1_bytes(raw_bytes).map_err(|_| {
                                CertKitError::DecodingError(
                                    "Invalid P-256 public key bytes".to_string(),
                                )
                            })?;
                        Ok(PublicKey::EcdsaP256(verifying_key))
                    }
                    #[cfg(feature = "p384")]
                    const_oid::db::rfc5912::SECP_384_R_1 => {
                        let verifying_key =
                            P384VerifyingKey::from_sec1_bytes(raw_bytes).map_err(|_| {
                                CertKitError::DecodingError(
                                    "Invalid P-384 public key bytes".to_string(),
                                )
                            })?;
                        Ok(PublicKey::EcdsaP384(verifying_key))
                    }
                    #[cfg(feature = "p521")]
                    const_oid::db::rfc5912::SECP_521_R_1 => {
                        let public_key =
                            p521::PublicKey::from_sec1_bytes(raw_bytes).map_err(|_| {
                                CertKitError::DecodingError(
                                    "Invalid P-521 public key bytes".to_string(),
                                )
                            })?;
                        Ok(PublicKey::EcdsaP521(public_key))
                    }
                    _ => Err(CertKitError::DecodingError(format!(
                        "Unsupported EC curve OID: {params_oid}"
                    ))),
                }
            }
            #[cfg(feature = "ed25519")]
            const_oid::db::rfc8410::ID_ED_25519 => {
                let bytes = spki.subject_public_key.as_bytes().ok_or_else(|| {
                    CertKitError::DecodingError("Invalid Ed25519 public key bitstring".to_string())
                })?;
                let bytes_array: &[u8; 32] = bytes.try_into().map_err(|_| {
                    CertKitError::DecodingError("Invalid Ed25519 public key length".to_string())
                })?;
                let verifying_key = Ed25519VerifyingKey::from_bytes(bytes_array).map_err(|_| {
                    CertKitError::DecodingError("Invalid Ed25519 public key bytes".to_string())
                })?;
                Ok(PublicKey::Ed25519(verifying_key))
            }
            _ => Err(CertKitError::DecodingError(format!(
                "Unsupported algorithm: {}",
                spki.algorithm.oid
            ))),
        }
    }

    /// Returns the [`KeyType`] of this public key.
    ///
    /// # Examples
    ///
    /// ```rust
    /// use certkit::key::{KeyPair, PublicKey, KeyType};
    ///
    /// let kp = KeyPair::generate_ed25519();
    /// let pk = PublicKey::from_key_pair(&kp);
    /// assert_eq!(pk.key_type(), KeyType::Ed25519);
    /// ```
    pub fn key_type(&self) -> KeyType {
        match self {
            #[cfg(feature = "rsa")]
            PublicKey::Rsa(_) => KeyType::Rsa,
            #[cfg(feature = "p256")]
            PublicKey::EcdsaP256(_) => KeyType::EcdsaP256,
            #[cfg(feature = "p384")]
            PublicKey::EcdsaP384(_) => KeyType::EcdsaP384,
            #[cfg(feature = "p521")]
            PublicKey::EcdsaP521(_) => KeyType::EcdsaP521,
            #[cfg(feature = "ed25519")]
            PublicKey::Ed25519(_) => KeyType::Ed25519,
        }
    }
}

#[cfg(test)]
mod test {
    use super::*;

    #[test]
    #[cfg(feature = "rsa")]
    fn pem_encode_decode_rsa() {
        crate::init_test_logger();
        let rsa = KeyPair::generate_rsa(2048).unwrap();
        let rsa_der = rsa::pkcs8::EncodePrivateKey::to_pkcs8_der(match &rsa {
            KeyPair::Rsa { private, .. } => &**private,
            _ => unreachable!(),
        })
        .unwrap();
        let rsa_pem = pem::encode(&pem::Pem::new("PRIVATE KEY", rsa_der.as_bytes()));
        let rsa_decoded = KeyPair::import_from_pkcs8_pem(&rsa_pem);
        assert!(rsa_decoded.is_ok(), "RSA PEM decode should succeed");
    }

    #[test]
    #[cfg(feature = "p256")]
    fn pem_encode_decode_ecdsa_p256() {
        crate::init_test_logger();
        let p256 = KeyPair::generate_ecdsa_p256();
        let p256_der = p256::pkcs8::EncodePrivateKey::to_pkcs8_der(match &p256 {
            KeyPair::EcdsaP256 { signing_key, .. } => signing_key,
            _ => unreachable!(),
        })
        .unwrap();
        let p256_pem = pem::encode(&pem::Pem::new("PRIVATE KEY", p256_der.as_bytes()));
        let p256_decoded = KeyPair::import_from_pkcs8_pem(&p256_pem);
        assert!(p256_decoded.is_ok(), "P-256 PEM decode should succeed");
    }

    #[test]
    #[cfg(feature = "p384")]
    fn pem_encode_decode_ecdsa_p384() {
        crate::init_test_logger();
        let p384 = KeyPair::generate_ecdsa_p384();
        let p384_der = p384::pkcs8::EncodePrivateKey::to_pkcs8_der(match &p384 {
            KeyPair::EcdsaP384 { signing_key, .. } => signing_key,
            _ => unreachable!(),
        })
        .unwrap();
        let p384_pem = pem::encode(&pem::Pem::new("PRIVATE KEY", p384_der.as_bytes()));
        let p384_decoded = KeyPair::import_from_pkcs8_pem(&p384_pem);
        assert!(p384_decoded.is_ok(), "P-384 PEM decode should succeed");
    }

    #[test]
    #[cfg(feature = "p521")]
    fn pem_encode_decode_ecdsa_p521() {
        crate::init_test_logger();
        let p521 = KeyPair::generate_ecdsa_p521();
        let p521_der = p521::pkcs8::EncodePrivateKey::to_pkcs8_der(match &p521 {
            KeyPair::EcdsaP521 { secret_key, .. } => secret_key,
            _ => unreachable!(),
        })
        .unwrap();
        let p521_pem = pem::encode(&pem::Pem::new("PRIVATE KEY", p521_der.as_bytes()));
        let p521_decoded = KeyPair::import_from_pkcs8_pem(&p521_pem);
        assert!(p521_decoded.is_ok(), "P-521 PEM decode should succeed");
    }

    #[test]
    #[cfg(feature = "ed25519")]
    fn pem_encode_decode_ed25519() {
        crate::init_test_logger();
        let ed = KeyPair::generate_ed25519();
        let ed_der = ed25519_dalek::pkcs8::EncodePrivateKey::to_pkcs8_der(match &ed {
            KeyPair::Ed25519 { signing_key } => signing_key,
            _ => unreachable!(),
        })
        .unwrap();
        let ed_pem = pem::encode(&pem::Pem::new("PRIVATE KEY", ed_der.as_bytes()));
        let ed_decoded = KeyPair::import_from_pkcs8_pem(&ed_pem);
        assert!(ed_decoded.is_ok(), "Ed25519 PEM decode should succeed");
    }

    // X.509 requires ECDSA signatures to be the DER-encoded ECDSA-Sig-Value
    // SEQUENCE { r, s }. `sign_data` previously emitted the fixed-size r||s
    // form, which is rejected by `Signature::from_der` and fails verification.

    #[test]
    #[cfg(feature = "p256")]
    fn ecdsa_p256_sign_data_is_der_and_verifies() {
        use p256::ecdsa::signature::Verifier;
        crate::init_test_logger();
        let key = KeyPair::generate_ecdsa_p256();
        let msg = b"certkit ecdsa signature payload";
        let sig_bytes = key.sign_data(msg).unwrap();
        let sig = p256::ecdsa::Signature::from_der(&sig_bytes)
            .expect("ECDSA P-256 signature must be DER-encoded");
        let vk = p256::ecdsa::VerifyingKey::from_sec1_bytes(&key.get_public_key_der()).unwrap();
        vk.verify(msg, &sig).expect("signature must verify");
    }

    #[test]
    #[cfg(feature = "p384")]
    fn ecdsa_p384_sign_data_is_der_and_verifies() {
        use p384::ecdsa::signature::Verifier;
        crate::init_test_logger();
        let key = KeyPair::generate_ecdsa_p384();
        let msg = b"certkit ecdsa signature payload";
        let sig_bytes = key.sign_data(msg).unwrap();
        let sig = p384::ecdsa::Signature::from_der(&sig_bytes)
            .expect("ECDSA P-384 signature must be DER-encoded");
        let vk = p384::ecdsa::VerifyingKey::from_sec1_bytes(&key.get_public_key_der()).unwrap();
        vk.verify(msg, &sig).expect("signature must verify");
    }

    #[test]
    #[cfg(feature = "p521")]
    fn ecdsa_p521_sign_data_is_der_and_verifies() {
        use p521::ecdsa::signature::Verifier;
        crate::init_test_logger();
        let key = KeyPair::generate_ecdsa_p521();
        let msg = b"certkit ecdsa signature payload";
        let sig_bytes = key.sign_data(msg).unwrap();
        let sig = p521::ecdsa::Signature::from_der(&sig_bytes)
            .expect("ECDSA P-521 signature must be DER-encoded");
        let vk = p521::ecdsa::VerifyingKey::from_sec1_bytes(&key.get_public_key_der()).unwrap();
        vk.verify(msg, &sig).expect("signature must verify");
    }
}