From 0575c632e5818f48407d79696950a5ae044163e0 Mon Sep 17 00:00:00 2001
From: Ian Young <ian@iay.org.uk>
Date: Fri, 30 May 2008 15:37:15 +0000
Subject: [PATCH] Add checking of public key size for embedded certificates. 
 Regard 1024 bits as the minimum for now.

---
 build/check_embedded.pl | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/build/check_embedded.pl b/build/check_embedded.pl
index 166b450d..131054e2 100755
--- a/build/check_embedded.pl
+++ b/build/check_embedded.pl
@@ -71,6 +71,13 @@
 				$subjectCN = $1;
 				# print "subjectCN = $subjectCN\n";
 			}
+			if (/RSA Public Key: \((\d+) bit\)/) {
+				$pubSize = $1;
+				# print "   Public key size: $pubSize\n";
+				if ($pubSize < 1024) {
+					print "      *** PUBLIC KEY TOO SHORT ***\n";
+				}
+			}
 		}
 		close SSL;
 		#print "   text lines: $#lines\n";