From 4524721fba0582774b7c38fdc1f270c43fd8d53b Mon Sep 17 00:00:00 2001 From: href Date: Tue, 28 Nov 2017 16:50:12 +0100 Subject: [PATCH] Salmon: generate private key with native crypto if available. --- lib/pleroma/web/salmon/salmon.ex | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 4f6dfed65c..81b8645825 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -73,17 +73,30 @@ def encode_key({:RSAPublicKey, modulus, exponent}) do "RSA.#{modulus_enc}.#{exponent_enc}" end - def generate_rsa_pem do - port = Port.open({:spawn, "openssl genrsa"}, [:binary]) - {:ok, pem} = receive do - {^port, {:data, pem}} -> {:ok, pem} - end - Port.close(port) - if Regex.match?(~r/RSA PRIVATE KEY/, pem) do + # Native generation of RSA keys is only available since OTP 20+ and in default build conditions + # We try at compile time to generate natively an RSA key otherwise we fallback on the old way. + try do + _ = :public_key.generate_key({:rsa, 2048, 65537}) + def generate_rsa_pem do + key = :public_key.generate_key({:rsa, 2048, 65537}) + entry = :public_key.pem_entry_encode(:RSAPrivateKey, key) + pem = :public_key.pem_encode([entry]) |> String.trim_trailing {:ok, pem} - else - :error end + rescue + _ -> + def generate_rsa_pem do + port = Port.open({:spawn, "openssl genrsa"}, [:binary]) + {:ok, pem} = receive do + {^port, {:data, pem}} -> {:ok, pem} + end + Port.close(port) + if Regex.match?(~r/RSA PRIVATE KEY/, pem) do + {:ok, pem} + else + :error + end + end end def keys_from_pem(pem) do