cacert/cacert-webdb
9
0
Fork 0
Code Issues Pull requests 3 Projects Releases 4 Wiki Activity

Fix for https://bugs.cacert.org/view.php?id=1218

Browse source 
"client cert issued no longer exportable with private key (class3). IE10
certs usage broken"
This commit is contained in:
Wytze van der Raay 2014-02-06 15:52:57 +00:00
parent 1b49547d06
commit 35e318c03c
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
www/keygenIE.js
View file

@ -247,6 +247,7 @@ var CAcert_keygen_IE = function () {
privateKey.Algorithm = algorithmOid; privateKey.Algorithm = algorithmOid;
privateKey.Length = bits; privateKey.Length = bits;
privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES
privateKey.ExportPolicy = 0x1; // XCN_NCRYPT_ALLOW_EXPORT_FLAG
var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10"); var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");
request.InitializeFromPrivateKey( request.InitializeFromPrivateKey(
@ -545,7 +546,8 @@ var CAcert_keygen_IE = function () {
} }
cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits
//cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE // Allow exporting the private key
cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE
generatingKeyNotice.style.display = ""; generatingKeyNotice.style.display = "";