summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-11-19 23:07:28 +0100
committerMichael Tänzer <neo@nhng.de>2013-11-19 23:07:28 +0100
commit76379293e7ef241412ca9890dab699698bfef925 (patch)
tree56cc5b45ac46d2042393c0be781c1a1164a543f4
parentbe7573a378a88bdc8574a613a068097503f40d6d (diff)
downloadcacert-devel-76379293e7ef241412ca9890dab699698bfef925.tar.gz
cacert-devel-76379293e7ef241412ca9890dab699698bfef925.tar.xz
cacert-devel-76379293e7ef241412ca9890dab699698bfef925.zip
Bug 1218: Allow exporting private keys in IE
Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--www/keygenIE.js6
1 files changed, 5 insertions, 1 deletions
diff --git a/www/keygenIE.js b/www/keygenIE.js
index be2d184..990be35 100644
--- a/www/keygenIE.js
+++ b/www/keygenIE.js
@@ -247,6 +247,7 @@ var CAcert_keygen_IE = function () {
privateKey.Algorithm = algorithmOid;
privateKey.Length = bits;
privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES
+ privateKey.ExportPolicy = 0x1; // XCN_NCRYPT_ALLOW_EXPORT_FLAG
var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");
request.InitializeFromPrivateKey(
@@ -544,9 +545,12 @@ var CAcert_keygen_IE = function () {
}
}
- cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits
+ // This is actually the default
//cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE
+ // keysize is encoded in the uper 16 bits
+ cenroll.GenKeyFlags = cenroll.GenKeyFlags | bits << 16;
+
generatingKeyNotice.style.display = "";
// The request needs to be created after we return so the "please wait"