boulder

Commit Graph

Author	SHA1	Message	Date
Roland Bracewell Shoemaker	8ce2f8b432	Basic RSA known weak key checking (#2765 ) Adds a basic truncated modulus hash check for RSA keys that can be used to check keys against the Debian `{openssl,openssh,openvpn}-blacklist` lists of weak keys generated during the [Debian weak key incident](https://wiki.debian.org/SSLkeys). Testing is gated on adding a new configuration key to the WFE, RA, and CA configs which contains the path to a directory which should contain the weak key lists. Fixes #157.	2017-05-25 09:33:58 -07:00

Author

SHA1

Message

Date

Roland Bracewell Shoemaker

8ce2f8b432

Basic RSA known weak key checking (#2765 )

Adds a basic truncated modulus hash check for RSA keys that can be used to check keys against the Debian `{openssl,openssh,openvpn}-blacklist` lists of weak keys generated during the [Debian weak key incident](https://wiki.debian.org/SSLkeys).

Testing is gated on adding a new configuration key to the WFE, RA, and CA configs which contains the path to a directory which should contain the weak key lists.

Fixes #157.

2017-05-25 09:33:58 -07:00

1 Commits