summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-03-09 03:59:51 +0100
committerMichael Tänzer <neo@nhng.de>2014-03-09 03:59:51 +0100
commit2ea7e3224f3fe0e604622dca3faf533579beda84 (patch)
tree94efde7c26326bee9ea009d5cc8b5a7fd33e294f
parentf8a00d63f4f858401f611bad51c1a9f839013ceb (diff)
downloadcacert-devel-bug-1255.tar.gz
cacert-devel-bug-1255.tar.xz
cacert-devel-bug-1255.zip
bug 1255: Use if blocks instead of switch because big switches are easy tobug-1255
break in maintenance Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--includes/lib/check_weak_key.php23
1 files changed, 12 insertions, 11 deletions
diff --git a/includes/lib/check_weak_key.php b/includes/lib/check_weak_key.php
index 090d66b..8ad2ccf 100644
--- a/includes/lib/check_weak_key.php
+++ b/includes/lib/check_weak_key.php
@@ -126,8 +126,8 @@ function checkWeakKeyText($text)
}
- switch ((string)$algorithm) {
- case "rsaEncryption":
+ if ($algorithm === "rsaEncryption")
+ {
if (!preg_match('/^\s*RSA Public Key: \((\d+) bit\)$/m', $text, $keysize))
{
return failWithId("checkWeakKeyText(): Couldn't parse the RSA ".
@@ -197,14 +197,17 @@ function checkWeakKeyText($text)
}
}
- break;
+ // No weakness found
+ return "";
+ } // End RSA
/*
//Fails to work due to outdated OpenSSL 0.9.8o
//For this to work OpenSSL 1.0.1f or newer is required
//which is currently unavailable on the systems
//If DSA2048 or longer is used the CSR hangs pending on the signer.
- case "dsaEncryption":
+ if ($algorithm === "dsaEncryption")
+ {
if (!preg_match('/^\s*Public Key Algorithm:\s+dsaEncryption\s+pub:\s+([0-9a-fA-F:\s]+)\s+P:\s+([0-9a-fA-F:\s]+)\s+Q:\s+([0-9a-fA-F:\s]+)\s+G:\s+([0-9a-fA-F:\s]+)\s+$/sm', $text, $keydetail))
{
return failWithId("checkWeakKeyText(): Couldn't parse the DSA ".
@@ -262,16 +265,14 @@ function checkWeakKeyText($text)
"key does seem to be normalized to have Q < P, G < P and pub < P.\nData:\n$text");
}
- break;
+ // No weakness found
+ return "";
+ } // End DSA
*/
- default:
- return _("The keys you supplied use an unrecognized algorithm. ".
- "For security reasons these keys can not be signed by CAcert.");
- }
- /* No weakness found */
- return "";
+ return _("The keys you supplied use an unrecognized algorithm. ".
+ "For security reasons these keys can not be signed by CAcert.");
}
/**