qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] crypto: use a stronger private key for tests


From: Kashyap Chamarthy
Subject: Re: [PATCH v2] crypto: use a stronger private key for tests
Date: Thu, 16 Jul 2020 10:20:27 +0200

On Wed, Jul 15, 2020 at 04:47:01PM +0100, Daniel P. Berrangé wrote:
> The unit tests using the x509 crypto functionality have started
> failing in Fedora 33 rawhide with a message like
> 
>       The certificate uses an insecure algorithm
> 
> This is result of Fedora changes to support strong crypto [1]. RSA

It looks like the reference [1] is supposed to resolve to the following
URL:

    https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

Whoever is applying the patch might want to tweak the commit. FWIW:

    Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>    

> with 1024 bit key is viewed as legacy and thus insecure. Generate
> a new private key which is 3072 bits long and reasonable future
> proof.
> 
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
> 
> Changed in v2:
> 
>  - ALso fix the I/O tests key
>  - Use RSA key again instead of EC, since it is needed
>    for the real TLS sessions in the I/O tests
> 
>  tests/crypto-tls-x509-helpers.c | 59 ++++++++++++++++++++++-----------
>  tests/qemu-iotests/common.tls   | 57 +++++++++++++++++++++----------
>  2 files changed, 79 insertions(+), 37 deletions(-)
> 
[...]

-- 
/kashyap




reply via email to

[Prev in Thread] Current Thread [Next in Thread]