Don't use legacy exponent for RSA
As stated in the cryptography.io documentation, "Almost everyone should use 65537" for the public_exponent in an RSA key. [1] This patch also uses a larger RSA key length for FIPS compatibility. [1] https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key Change-Id: I9f0c030b172a544821aa42924e4401cd7ccc9956
This commit is contained in:
parent
2b2b95ac15
commit
25e16b8a0f
|
@ -68,8 +68,8 @@ class BarbicanScenarioTest(mgr.ScenarioTest):
|
||||||
'path in CONF.scenario.img_file config option.')
|
'path in CONF.scenario.img_file config option.')
|
||||||
self.img_file = os.path.join(CONF.scenario.img_dir, self.img_file)
|
self.img_file = os.path.join(CONF.scenario.img_dir, self.img_file)
|
||||||
|
|
||||||
self.private_key = rsa.generate_private_key(public_exponent=3,
|
self.private_key = rsa.generate_private_key(public_exponent=65537,
|
||||||
key_size=1024,
|
key_size=3072,
|
||||||
backend=default_backend())
|
backend=default_backend())
|
||||||
self.signing_certificate = self._create_self_signed_certificate(
|
self.signing_certificate = self._create_self_signed_certificate(
|
||||||
self.private_key,
|
self.private_key,
|
||||||
|
|
Loading…
Reference in New Issue