From f85585155e9c3e2af1c5286e676c4caea25cd366 Mon Sep 17 00:00:00 2001
From: Johann150 <johann.galle@protonmail.com>
Date: Thu, 8 Apr 2021 00:13:18 +0200
Subject: [PATCH] switch default cert signing algorithm to ECDSA

resolves #42
resolves #49

I did not expect support for Ed25519 to be so bad as to receive multiple
complaints about it. I did expect some problems, hence why I provided the
--ecdsa flag. I had hoped support would be better to drive those who still
do not support it (while again there is no reason to not support this
algorithm!) to use it.
---
 src/main.rs | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index f5d0130..4eff065 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -136,9 +136,9 @@ fn args() -> Result<Args> {
         "Use a central .meta file in the content root directory. Decentral config files will be ignored.",
     );
     opts.optflag(
-        "",
-        "ecdsa",
-        "Generate keys using the ecdsa signature algorithm instead of the default ed25519.",
+        "e",
+        "ed25519",
+        "Generate keys using the Ed25519 signature algorithm instead of the default ECDSA.",
     );
 
     let matches = opts.parse(&args[1..]).map_err(|f| f.to_string())?;
@@ -202,13 +202,14 @@ fn args() -> Result<Args> {
                 // <CertificateParams as Default>::default() already implements a
                 // date in the far future from the time of writing: 4096-01-01
 
-                if !matches.opt_present("ecdsa") {
+                if matches.opt_present("e") {
                     cert_params.alg = &rcgen::PKCS_ED25519;
                 }
 
                 // generate the certificate with the configuration
                 let cert = Certificate::from_params(cert_params)?;
 
+                // make sure the certificate directory exists
                 fs::create_dir(certs_path.join(domain))?;
                 // write certificate data to disk
                 let mut cert_file = File::create(certs_path.join(format!(
@@ -217,6 +218,7 @@ fn args() -> Result<Args> {
                     certificates::CERT_FILE_NAME
                 )))?;
                 cert_file.write_all(&cert.serialize_der()?)?;
+                // write key data to disk
                 let mut key_file = File::create(certs_path.join(format!(
                     "{}/{}",
                     domain,
@@ -238,6 +240,7 @@ fn args() -> Result<Args> {
         certs.unwrap()
     };
 
+    // parse listening addresses
     let mut addrs = vec![];
     for i in matches.opt_strs("addr") {
         addrs.push(i.parse()?);