From 76379293e7ef241412ca9890dab699698bfef925 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Tue, 19 Nov 2013 23:07:28 +0100 Subject: Bug 1218: Allow exporting private keys in IE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Tänzer --- www/keygenIE.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/www/keygenIE.js b/www/keygenIE.js index be2d184..990be35 100644 --- a/www/keygenIE.js +++ b/www/keygenIE.js @@ -247,6 +247,7 @@ var CAcert_keygen_IE = function () { privateKey.Algorithm = algorithmOid; privateKey.Length = bits; privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES + privateKey.ExportPolicy = 0x1; // XCN_NCRYPT_ALLOW_EXPORT_FLAG var request = factory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10"); request.InitializeFromPrivateKey( @@ -544,9 +545,12 @@ var CAcert_keygen_IE = function () { } } - cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits + // This is actually the default //cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE + // keysize is encoded in the uper 16 bits + cenroll.GenKeyFlags = cenroll.GenKeyFlags | bits << 16; + generatingKeyNotice.style.display = ""; // The request needs to be created after we return so the "please wait" -- cgit v1.2.1 From 036f7b674615b72ae0119a5f5a403f95fb7ad977 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Wed, 20 Nov 2013 12:20:21 +0100 Subject: Bug 1218: Exportable flag needs to be explicitly set on Win XP MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Tänzer --- www/keygenIE.js | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/www/keygenIE.js b/www/keygenIE.js index 990be35..4c15b23 100644 --- a/www/keygenIE.js +++ b/www/keygenIE.js @@ -545,11 +545,9 @@ var CAcert_keygen_IE = function () { } } - // This is actually the default - //cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE - - // keysize is encoded in the uper 16 bits - cenroll.GenKeyFlags = cenroll.GenKeyFlags | bits << 16; + cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits + // Allow exporting the private key + cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE generatingKeyNotice.style.display = ""; -- cgit v1.2.1