summaryrefslogtreecommitdiffstats
path: root/src/tls.c
diff options
context:
space:
mode:
authorMark Dain <mark@markdain.net>2020-11-21 13:56:37 +0000
committerDrew DeVault <sir@cmpwn.com>2020-11-21 09:12:16 -0500
commitcb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4 (patch)
treefa4907e58edb060ad0145958de64934785ee2ebf /src/tls.c
parent10662cac467d2151d0ee605a28e235d052030054 (diff)
downloadgmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.tar.gz
gmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.tar.xz
gmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.zip
Switch to using ECDSA (secp384r1) keys
Diffstat (limited to 'src/tls.c')
-rw-r--r--src/tls.c13
1 files changed, 4 insertions, 9 deletions
diff --git a/src/tls.c b/src/tls.c
index f7ed344..e3653f2 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -23,17 +23,12 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host,
EVP_PKEY *pkey = EVP_PKEY_new();
assert(pkey);
- BIGNUM *bn = BN_new();
- assert(bn);
- BN_set_word(bn, RSA_F4);
-
- RSA* rsa = RSA_new();
- assert(rsa);
- int r = RSA_generate_key_ex(rsa, 4096, bn, NULL);
+ EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_secp384r1);
+ assert(ec_key);
+ int r = EC_KEY_generate_key(ec_key);
assert(r == 1);
- BN_free(bn);
- EVP_PKEY_assign_RSA(pkey, rsa);
+ EVP_PKEY_assign_EC_KEY(pkey, ec_key);
X509 * x509 = X509_new();
assert(x509);