16 lines
803 B
Text
16 lines
803 B
Text
This check doesn't make sense for EC keys. (Also it ignores the default
|
|
key size compiled into libcrypto, only looks at default_bits in openssl.cnf
|
|
and any settings in the php file, which results in bogus failures).
|
|
|
|
Index: ext/openssl/openssl.c
|
|
--- ext/openssl/openssl.c.orig
|
|
+++ ext/openssl/openssl.c
|
|
@@ -3781,7 +3781,7 @@ static int php_openssl_get_evp_pkey_type(int key_type)
|
|
/* {{{ php_openssl_generate_private_key */
|
|
static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req)
|
|
{
|
|
- if (req->priv_key_bits < MIN_KEY_LENGTH) {
|
|
+ if (req->priv_key_type != OPENSSL_KEYTYPE_EC && req->priv_key_bits < MIN_KEY_LENGTH) {
|
|
php_error_docref(NULL, E_WARNING, "Private key length must be at least %d bits, configured to %d",
|
|
MIN_KEY_LENGTH, req->priv_key_bits);
|
|
return NULL;
|