feat: add parameter to adjust KeySize (#295)

--------- Co-authored-by: Nate McMaster <nate.mcmaster@gmail.com>
natemcmaster · May 20, 2024 · 7ca3fcc · 7ca3fcc
1 parent 49e2c62
commit 7ca3fcc
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 2 deletions.
diff --git a/Directory.Build.props b/Directory.Build.props
@@ -34,7 +34,7 @@
   </PropertyGroup>
 
   <PropertyGroup>
-    <VersionPrefix>1.3.2</VersionPrefix>
+    <VersionPrefix>1.3.3</VersionPrefix>
     <VersionSuffix>beta</VersionSuffix>
     <IncludePreReleaseLabelInPackageVersion Condition="'$(IS_STABLE_BUILD)' != 'true'">true</IncludePreReleaseLabelInPackageVersion>
     <BuildNumber Condition=" '$(BuildNumber)' == '' ">$([MSBuild]::ValueOrDefault($(BUILD_NUMBER), 0))</BuildNumber>

diff --git a/src/LettuceEncrypt/Internal/AcmeCertificateFactory.cs b/src/LettuceEncrypt/Internal/AcmeCertificateFactory.cs
@@ -298,7 +298,8 @@ public async Task<X509Certificate2> CreateCertificateAsync(CancellationToken can
         {
             CommonName = commonName,
         };
-        var privateKey = KeyFactory.NewKey((Certes.KeyAlgorithm)_options.Value.KeyAlgorithm);
+        var privateKeyAlgorithm = (Certes.KeyAlgorithm)_options.Value.KeyAlgorithm;
+        var privateKey = KeyFactory.NewKey(privateKeyAlgorithm, _options.Value.KeySize);
         var acmeCert = await _client.GetCertificateAsync(csrInfo, privateKey, order);
 
         _logger.LogAcmeAction("NewCertificate");

diff --git a/src/LettuceEncrypt/LettuceEncryptOptions.cs b/src/LettuceEncrypt/LettuceEncryptOptions.cs
@@ -88,6 +88,11 @@ public bool UseStagingServer
     /// </summary>
     public KeyAlgorithm KeyAlgorithm { get; set; } = KeyAlgorithm.ES256;
 
+    /// <summary>
+    /// The key size used for generating a private key for certificates
+    /// </summary>
+    public int? KeySize { get; set; }
+
     /// <summary>
     /// Specifies which kinds of ACME challenges LettuceEncrypt can use to verify domain ownership.
     /// Defaults to <see cref="ChallengeType.Any"/>.

diff --git a/src/LettuceEncrypt/PublicAPI.Shipped.txt b/src/LettuceEncrypt/PublicAPI.Shipped.txt
@@ -62,6 +62,8 @@ LettuceEncrypt.LettuceEncryptOptions.FallbackCertificate.get -> System.Security.
 LettuceEncrypt.LettuceEncryptOptions.FallbackCertificate.set -> void
 LettuceEncrypt.LettuceEncryptOptions.KeyAlgorithm.get -> LettuceEncrypt.KeyAlgorithm
 LettuceEncrypt.LettuceEncryptOptions.KeyAlgorithm.set -> void
+LettuceEncrypt.LettuceEncryptOptions.KeySize.get -> int?
+LettuceEncrypt.LettuceEncryptOptions.KeySize.set -> void
 LettuceEncrypt.LettuceEncryptOptions.LettuceEncryptOptions() -> void
 LettuceEncrypt.LettuceEncryptOptions.RenewalCheckPeriod.get -> System.TimeSpan?
 LettuceEncrypt.LettuceEncryptOptions.RenewalCheckPeriod.set -> void