diff options
| author | Mark Dain <mark@markdain.net> | 2020-11-21 13:56:37 +0000 |
|---|---|---|
| committer | Drew DeVault <sir@cmpwn.com> | 2020-11-21 09:12:16 -0500 |
| commit | cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4 (patch) | |
| tree | fa4907e58edb060ad0145958de64934785ee2ebf /src/tls.c | |
| parent | 10662cac467d2151d0ee605a28e235d052030054 (diff) | |
| download | gmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.tar.gz gmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.tar.xz gmnisrv-cb2c84b0ad9aadd4c92d8ef978c2bfca578cd3c4.zip | |
Switch to using ECDSA (secp384r1) keys
Diffstat (limited to 'src/tls.c')
| -rw-r--r-- | src/tls.c | 13 |
1 files changed, 4 insertions, 9 deletions
@@ -23,17 +23,12 @@ tls_host_gencert(struct gmnisrv_tls *tlsconf, struct gmnisrv_host *host, EVP_PKEY *pkey = EVP_PKEY_new(); assert(pkey); - BIGNUM *bn = BN_new(); - assert(bn); - BN_set_word(bn, RSA_F4); - - RSA* rsa = RSA_new(); - assert(rsa); - int r = RSA_generate_key_ex(rsa, 4096, bn, NULL); + EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_secp384r1); + assert(ec_key); + int r = EC_KEY_generate_key(ec_key); assert(r == 1); - BN_free(bn); - EVP_PKEY_assign_RSA(pkey, rsa); + EVP_PKEY_assign_EC_KEY(pkey, ec_key); X509 * x509 = X509_new(); assert(x509); |
