Merge branch 'salmon-native-keys' into 'develop'

Salmon: generate private key with native crypto if available.

See merge request pleroma/pleroma!33

1 files changed, 22 insertions, 9 deletions

diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex
index 4f6dfed65..81b864582 100644
--- a/lib/pleroma/web/salmon/salmon.ex
+++ b/lib/pleroma/web/salmon/salmon.ex
@@ -73,17 +73,30 @@ defmodule Pleroma.Web.Salmon do
     "RSA.#{modulus_enc}.#{exponent_enc}"
   end
 
-  def generate_rsa_pem do
-    port = Port.open({:spawn, "openssl genrsa"}, [:binary])
-    {:ok, pem} = receive do
-      {^port, {:data, pem}} -> {:ok, pem}
-    end
-    Port.close(port)
-    if Regex.match?(~r/RSA PRIVATE KEY/, pem) do
+  # Native generation of RSA keys is only available since OTP 20+ and in default build conditions
+  # We try at compile time to generate natively an RSA key otherwise we fallback on the old way.
+  try do
+    _ = :public_key.generate_key({:rsa, 2048, 65537})
+    def generate_rsa_pem do
+      key = :public_key.generate_key({:rsa, 2048, 65537})
+      entry = :public_key.pem_entry_encode(:RSAPrivateKey, key)
+      pem = :public_key.pem_encode([entry]) |> String.trim_trailing
       {:ok, pem}
-    else
-      :error
     end
+  rescue
+    _ ->
+      def generate_rsa_pem do
+        port = Port.open({:spawn, "openssl genrsa"}, [:binary])
+        {:ok, pem} = receive do
+          {^port, {:data, pem}} -> {:ok, pem}
+        end
+        Port.close(port)
+        if Regex.match?(~r/RSA PRIVATE KEY/, pem) do
+          {:ok, pem}
+        else
+          :error
+        end
+      end
   end
 
   def keys_from_pem(pem) do