diff options
author | Chris Buechler <cmb@pfsense.org> | 2016-06-28 22:36:49 -0500 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2016-06-28 22:36:49 -0500 |
commit | 31df78a89d5bc789a68bfdb1dfc5b27dadb36ccf (patch) | |
tree | 04316e7c7ba07bd07f80c6d846c55060bf43ad80 | |
parent | 1731599435d7f2e4c88020b8a9e94cb9e614caa9 (diff) | |
parent | 62a9863c1830ea36c5de4880426b2c8f1ddd9c5c (diff) | |
download | pfsense-31df78a89d5bc789a68bfdb1dfc5b27dadb36ccf.zip pfsense-31df78a89d5bc789a68bfdb1dfc5b27dadb36ccf.tar.gz |
Merge pull request #2944 from stilez/patch-23
-rw-r--r-- | src/etc/inc/certs.inc | 2 | ||||
-rw-r--r-- | src/usr/local/www/system_camanager.php | 4 | ||||
-rw-r--r-- | src/usr/local/www/system_certmanager.php | 4 | ||||
-rw-r--r-- | src/usr/local/www/system_usermanager.php | 7 |
4 files changed, 11 insertions, 6 deletions
diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc index d49f478..5511400 100644 --- a/src/etc/inc/certs.inc +++ b/src/etc/inc/certs.inc @@ -56,7 +56,7 @@ define("OPEN_SSL_CONF_PATH", "/etc/ssl/openssl.cnf"); require_once("functions.inc"); global $openssl_digest_algs; -$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512"); +$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512", "whirlpool"); global $openssl_crl_status; $openssl_crl_status = array( diff --git a/src/usr/local/www/system_camanager.php b/src/usr/local/www/system_camanager.php index ec83fb7..7669f0d 100644 --- a/src/usr/local/www/system_camanager.php +++ b/src/usr/local/www/system_camanager.php @@ -69,8 +69,8 @@ $ca_methods = array( "internal" => gettext("Create an internal Certificate Authority"), "intermediate" => gettext("Create an intermediate Certificate Authority")); -$ca_keylens = array("512", "1024", "2048", "4096"); -$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512"); +$ca_keylens = array("512", "1024", "2048", "3072", "4096", "7680", "8192", "15360", "16384"); +$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512", "whirlpool"); if (is_numericint($_GET['id'])) { $id = $_GET['id']; diff --git a/src/usr/local/www/system_certmanager.php b/src/usr/local/www/system_certmanager.php index e717c48..8fd1d6f 100644 --- a/src/usr/local/www/system_certmanager.php +++ b/src/usr/local/www/system_certmanager.php @@ -70,13 +70,13 @@ $cert_methods = array( "external" => gettext("Create a Certificate Signing Request"), ); -$cert_keylens = array("512", "1024", "2048", "4096"); +$cert_keylens = array("512", "1024", "2048", "3072", "4096", "7680", "8192", "15360", "16384"); $cert_types = array( "server" => "Server Certificate", "user" => "User Certificate"); $altname_types = array("DNS", "IP", "email", "URI"); -$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512"); +$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512", "whirlpool"); if (is_numericint($_GET['userid'])) { $userid = $_GET['userid']; diff --git a/src/usr/local/www/system_usermanager.php b/src/usr/local/www/system_usermanager.php index 8f14128..4f06569 100644 --- a/src/usr/local/www/system_usermanager.php +++ b/src/usr/local/www/system_usermanager.php @@ -841,9 +841,14 @@ if ($act == "new" || $act == "edit" || $input_errors): 512 => '512 bits', 1024 => '1024 bits', 2048 => '2048 bits', + 3072 => '3072 bits', 4096 => '4096 bits', + 7680 => '7680 bits', + 8192 => '8192 bits', + 15360 => '15360 bits', + 16384 => '16384 bits' ) - )); + ))->setHelp('The larger the key, the more security it offers, but larger keys take considerably more time to generate, and take slightly longer to validate leading to a slight slowdown in setting up new sessions (not always noticeable). As of 2016, 2048 bit is the minimum and most common selection and 4096 is the maximum in common use. For more information see <a href="https://keylength.com">keylength.com</a>.'); $section->addInput(new Form_Input( 'lifetime', |