lib/localhost/authority.rb in localhost-1.1.3 vs lib/localhost/authority.rb in localhost-1.1.4

@@ -47,12 +47,22 @@
 			@name = nil
 			@certificate = nil
 			@store = nil
 		end
 		
+		BITS = 1024*2
+		
+		def ecdh_key
+			@ecdh_key ||= OpenSSL::PKey::EC.new "prime256v1"
+		end
+		
+		def dh_key
+			@dh_key ||= OpenSSL::PKey::DH.new(BITS)
+		end
+		
 		def key
-			@key ||= OpenSSL::PKey::RSA.new(1024*2)
+			@key ||= OpenSSL::PKey::RSA.new(BITS)
 		end
 		
 		def key= key
 			@key = key
 		end
@@ -109,10 +119,20 @@
 				context.key = self.key
 				context.cert = self.certificate
 				
 				context.session_id_context = "localhost"
 				
+				if context.respond_to? :tmp_dh_callback=
+					context.tmp_dh_callback = proc {self.dh_key}
+				end
+				
+				if context.respond_to? :ecdh_curves=
+					context.ecdh_curves = 'P-256:P-384:P-224:P-521'
+				elsif context.respond_to? :tmp_ecdh_callback=
+					context.tmp_ecdh_callback = proc {self.ecdh_key}
+				end
+				
 				context.set_params(
 					ciphers: SERVER_CIPHERS
 				)
 			end
 		end
@@ -126,10 +146,10 @@
 				)
 			end
 		end
 		
 		def load(path)
-			if File.directory? path	
+			if File.directory? path
 				certificate_path = File.join(path, "#{@hostname}.crt")
 				key_path = File.join(path, "#{@hostname}.key")
 				
 				return false unless File.exist?(certificate_path) and File.exist?(key_path)