bug-1292: prohibit keys with public exponent smaller than 65536
[cacert-devel.git] / includes / lib / check_weak_key.php
index 8ad2ccf..59c6cd6 100644 (file)
@@ -173,7 +173,7 @@ function checkWeakKeyText($text)
                        $exponent = $exponent[1]; // exponent might be very big =>
                        //handle as string using bc*()
 
-                       if (bccomp($exponent, "3") === 0)
+                       if (bccomp($exponent, "65537") < 0)
                        {
                                return sprintf(_("The keys you use might be insecure. ".
                                                        "Although there is currently no known attack for ".