From: msweet Date: Tue, 16 Feb 2016 19:11:37 +0000 (+0000) Subject: Switch to ECDSA and SHA256 for self-signed certs on OS X X-Git-Tag: v2.2b1~111 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1ae693e31efebf45a4cd460420b0d8eb82a3b269;p=thirdparty%2Fcups.git Switch to ECDSA and SHA256 for self-signed certs on OS X () git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@13091 a1ca3aef-8c08-0410-bb20-df032aa958be --- diff --git a/cups/tls-darwin.c b/cups/tls-darwin.c index 767e815b43..6da0e09472 100644 --- a/cups/tls-darwin.c +++ b/cups/tls-darwin.c @@ -1,9 +1,7 @@ /* - * "$Id$" - * * TLS support code for CUPS on OS X. * - * Copyright 2007-2015 by Apple Inc. + * Copyright 2007-2016 by Apple Inc. * Copyright 1997-2007 by Easy Software Products, all rights reserved. * * These coded instructions, statements, and computer programs are the @@ -109,7 +107,7 @@ cupsMakeServerCredentials( if (!keyParams) goto cleanup; - CFDictionaryAddValue(keyParams, kSecAttrKeyType, kSecAttrKeyTypeRSA); + CFDictionaryAddValue(keyParams, kSecAttrKeyType, kSecAttrKeyTypeECDSA); CFDictionaryAddValue(keyParams, kSecAttrKeySizeInBits, CFSTR("2048")); CFDictionaryAddValue(keyParams, kSecAttrLabel, CFSTR("CUPS Self-Signed Certificate")); @@ -217,11 +215,11 @@ cleanup: cupsFilePrintf(fp, "CUPS Self-Signed Certificate\n" /* Enter key and certificate label */ - "r\n" /* Generate RSA key pair */ - "2048\n" /* Key size in bits */ + "e\n" /* Generate ECDSA key pair */ + "2048\n" /* 2048 bit encryption key */ "y\n" /* OK (y = yes) */ "b\n" /* Usage (b=signing/encryption) */ - "s\n" /* Sign with SHA1 */ + "2\n" /* Sign with SHA256 */ "y\n" /* OK (y = yes) */ "%s\n" /* Common name */ "\n" /* Country (default) */ @@ -1832,8 +1830,3 @@ http_cdsa_write( return (result); } - - -/* - * End of "$Id$". - */