summaryrefslogtreecommitdiff
path: root/www/api
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-04-11 19:44:27 +0200
committerMichael Tänzer <neo@nhng.de>2011-04-11 19:44:27 +0200
commita4ca549c1b58bd0d891d76dbdf2ceb76fcc5557d (patch)
tree885cbfaf67f0972714c3c33c662f70ffad616127 /www/api
parentd198345148c5ad272d4dad0b072a8011c64e4932 (diff)
downloadcacert-devel-a4ca549c1b58bd0d891d76dbdf2ceb76fcc5557d.tar.gz
cacert-devel-a4ca549c1b58bd0d891d76dbdf2ceb76fcc5557d.tar.xz
cacert-devel-a4ca549c1b58bd0d891d76dbdf2ceb76fcc5557d.zip
#918: Check for weak keys on submission, renewal and in the API
#918: "Weak keys in certificates" Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'www/api')
-rw-r--r--www/api/ccsr.php6
1 files changed, 6 insertions, 0 deletions
diff --git a/www/api/ccsr.php b/www/api/ccsr.php
index e81c738..a4ec71e 100644
--- a/www/api/ccsr.php
+++ b/www/api/ccsr.php
@@ -59,6 +59,12 @@
$codesign = 1;
$CSR = trim($_REQUEST['optionalCSR']);
+
+ if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
+ {
+ die("403, $weakKey");
+ }
+
$incsr = tempnam("/tmp", "ccsrIn");
$checkedcsr = tempnam("/tmp", "ccsrOut");
$fp = fopen($incsr, "w");