Browse Source

Don't use legacy exponent for RSA

As stated in the cryptography.io documentation, "Almost everyone should
use 65537" for the public_exponent in an RSA key. [1]

This patch also uses a larger RSA key length for FIPS compatibility.

[1] https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key

Change-Id: I9f0c030b172a544821aa42924e4401cd7ccc9956
changes/97/795897/1 1.4.0
Douglas Mendizábal 4 months ago
parent
commit
25e16b8a0f
  1. 4
      barbican_tempest_plugin/tests/scenario/barbican_manager.py

4
barbican_tempest_plugin/tests/scenario/barbican_manager.py

@ -68,8 +68,8 @@ class BarbicanScenarioTest(mgr.ScenarioTest):
'path in CONF.scenario.img_file config option.')
self.img_file = os.path.join(CONF.scenario.img_dir, self.img_file)
self.private_key = rsa.generate_private_key(public_exponent=3,
key_size=1024,
self.private_key = rsa.generate_private_key(public_exponent=65537,
key_size=3072,
backend=default_backend())
self.signing_certificate = self._create_self_signed_certificate(
self.private_key,

Loading…
Cancel
Save