Bump crypto requirement to accomodate security standards

Depends-on: https://review.opendev.org/742165 On Fedora rawhide the gear package no longer build. https://koschei.fedoraproject.org/package/python-gear? This patch ensures that the ssl engine does not complains about: - ssl.SSLError: [SSL: EE_KEY_TOO_SMALL] ee key too small (_ssl.c:2951) - ssl.SSLError: [SSL: CA_MD_TOO_WEAK] ca md too weak (_ssl.c:2951) To reproduce the issue: podman run -it --root fedora:rawhide dnf install git libffi-devel python-devel tox gcc git clone https://opendev.org/opendev/gear.git && cd gear tox -epy39 tox -epy38 Change-Id: I57cd9c4750f27b7b76e92a0eef03e7de70c13dd5
2020-07-21 10:27:57 +00:00 · 2020-07-21 10:27:57 +00:00 · 79e1c3009e
commit 79e1c3009e
parent 9933f06821
1 changed files with 2 additions and 2 deletions
--- a/gear/tests/test_functional.py
+++ b/gear/tests/test_functional.py
@ -78,7 +78,7 @@ class TestFunctional(tests.BaseTestCase):

    def create_cert(self, cn, issuer=None, signing_key=None):
        key = crypto.PKey()
-        key.generate_key(crypto.TYPE_RSA, 1024)
+        key.generate_key(crypto.TYPE_RSA, 2048)

        cert = crypto.X509()
        subject = cert.get_subject()
@ -97,7 +97,7 @@ class TestFunctional(tests.BaseTestCase):
        else:
            cert.set_issuer(subject)
        if signing_key:
-            cert.sign(signing_key, 'sha1')
+            cert.sign(signing_key, 'sha256')
        else:
            cert.sign(key, 'sha1')