From e58c344649625908a08885c0dfb567e25cce315d Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Fri, 23 Jan 2015 14:17:14 +0100 Subject: [PATCH] handle invalid key sizes in a helpful way --- letsencrypt/client/client.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/letsencrypt/client/client.py b/letsencrypt/client/client.py index ecbcf6fc4..dd484cc31 100644 --- a/letsencrypt/client/client.py +++ b/letsencrypt/client/client.py @@ -339,10 +339,12 @@ def init_key(key_size): the namedtuple to easily work with the protocol. """ - if key_size < CONFIG.RSA_KEY_SIZE: - logging.warning("Generating keys smaller than %d bits is NOT recommended!", CONFIG.RSA_KEY_SIZE) - - key_pem = crypto_util.make_key(key_size) + try: + key_pem = crypto_util.make_key(key_size) + except ValueError as err: + logging.fatal(str(err)) + logging.info("Note: The default RSA key size is %d bits." % CONFIG.RSA_KEY_SIZE) + sys.exit(1) # Save file le_util.make_or_verify_dir(CONFIG.KEY_DIR, 0o700)