cacert/cacert-webdb
9
0
Fork 0
Code Issues Pull requests 3 Projects Releases 4 Wiki Activity

Fix for https://bugs.cacert.org/view.php?id=918

Browse source 
(detection and prevention of weak keys for CAcert-issued certificates)
This commit is contained in:
Wytze van der Raay 2011-06-16 09:20:24 +00:00
parent a9d9139d3a
commit a2a8c7dbe9
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
www/api/ccsr.php
View file

@ -59,6 +59,12 @@
$codesign = 1; $codesign = 1;
$CSR = trim($_REQUEST['optionalCSR']); $CSR = trim($_REQUEST['optionalCSR']);
if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
{
die("403, $weakKey");
}
$incsr = tempnam("/tmp", "ccsrIn"); $incsr = tempnam("/tmp", "ccsrIn");
$checkedcsr = tempnam("/tmp", "ccsrOut"); $checkedcsr = tempnam("/tmp", "ccsrOut");
$fp = fopen($incsr, "w"); $fp = fopen($incsr, "w");