From d186f5c10ae019f392fd34b51bef1517a12e12e7 Mon Sep 17 00:00:00 2001 From: Rodolphe Breard Date: Mon, 10 Jun 2019 13:17:10 +0200 Subject: [PATCH] Define the default algo in acme_common Because ring does not currently support RSA keys generation, the default algo must be adapted depending on whether or not the standalone feature is activated. --- acme_common/src/crypto.rs | 3 +++ acmed/src/config.rs | 2 +- acmed/src/main.rs | 1 - 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/acme_common/src/crypto.rs b/acme_common/src/crypto.rs index e5d4aa8..0b288e8 100644 --- a/acme_common/src/crypto.rs +++ b/acme_common/src/crypto.rs @@ -7,7 +7,10 @@ mod standalone_hash; mod openssl_keys; +#[cfg(not(feature = "standalone"))] pub const DEFAULT_ALGO: &str = "rsa2048"; +#[cfg(feature = "standalone")] +pub const DEFAULT_ALGO: &str = "ecdsa_p256"; pub use openssl_certificate::{Csr, X509Certificate}; diff --git a/acmed/src/config.rs b/acmed/src/config.rs index f8cb492..65611f2 100644 --- a/acmed/src/config.rs +++ b/acmed/src/config.rs @@ -284,7 +284,7 @@ impl Certificate { pub fn get_algorithm(&self) -> Result { let algo = match &self.algorithm { Some(a) => &a, - None => crate::DEFAULT_ALGO, + None => acme_common::crypto::DEFAULT_ALGO, }; Algorithm::from_str(algo) } diff --git a/acmed/src/main.rs b/acmed/src/main.rs index f2ee323..68648d2 100644 --- a/acmed/src/main.rs +++ b/acmed/src/main.rs @@ -18,7 +18,6 @@ pub const DEFAULT_CONFIG_FILE: &str = "/etc/acmed/acmed.toml"; pub const DEFAULT_ACCOUNTS_DIR: &str = "/etc/acmed/accounts"; pub const DEFAULT_CERT_DIR: &str = "/etc/acmed/certs"; pub const DEFAULT_CERT_FORMAT: &str = "{{name}}_{{algo}}.{{file_type}}.{{ext}}"; -pub const DEFAULT_ALGO: &str = "rsa2048"; pub const DEFAULT_SLEEP_TIME: u64 = 3600; pub const DEFAULT_POOL_TIME: u64 = 5000; pub const DEFAULT_CERT_FILE_MODE: u32 = 0o644;