openclaw/deskflow
1
0
Fork 0
Code Issues Pull Requests Actions 17 Packages Projects Releases Wiki Activity

feat: Enforce a minimum TLS size of 2048bit

Browse Source
This commit is contained in:
sithlord48
2025-06-15 21:21:16 -04:00
committed by Chris Rizzitello
parent a7c1dc4520
commit 04943fad79
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/lib/gui/MainWindow.cpp
View File

@ -150,6 +150,13 @@ MainWindow::MainWindow()
// Force generation of SHA256 for the localhost
if (Settings::value(Settings::Security::TlsEnabled).toBool()) {
if (Settings::value(Settings::Security::KeySize).toInt() < 2048) {
QMessageBox::information(
this, kAppName,
tr("Your current TLS key is smaller than the minimum allowed size, A new key 2048-bit key will be generated.")
);
regenerateLocalFingerprints();
}
if (!QFile::exists(Settings::tlsLocalDb())) {
regenerateLocalFingerprints();
return;

7
src/lib/gui/tls/TlsUtility.cpp
View File

@ -39,6 +39,13 @@ bool TlsUtility::generateCertificate()
}
auto length = Settings::value(Settings::Security::KeySize).toInt();
if (length < 2048) {
length = 2048;
qDebug("selected size too small setting certificate size to 2048");
Settings::setValue(Settings::Security::KeySize, 2048);
}
const auto certificate = Settings::value(Settings::Security::Certificate).toString();
return m_certificate.generateCertificate(certificate, length);
}