Don't use legacy exponent for RSA

As stated in the cryptography.io documentation, "Almost everyone should use 65537" for the public_exponent in an RSA key. [1] This patch also uses a larger RSA key length for FIPS compatibility. [1] https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key Change-Id: I9f0c030b172a544821aa42924e4401cd7ccc9956
2021-06-08 15:39:22 -05:00 · 2021-06-08 15:39:22 -05:00 · 25e16b8a0f
parent 2b2b95ac15
commit 25e16b8a0f
1 changed files with 2 additions and 2 deletions
--- a/barbican_tempest_plugin/tests/scenario/barbican_manager.py
+++ b/barbican_tempest_plugin/tests/scenario/barbican_manager.py
@ -68,8 +68,8 @@ class BarbicanScenarioTest(mgr.ScenarioTest):
                'path in CONF.scenario.img_file config option.')
            self.img_file = os.path.join(CONF.scenario.img_dir, self.img_file)

-        self.private_key = rsa.generate_private_key(public_exponent=3,
-                                                    key_size=1024,
+        self.private_key = rsa.generate_private_key(public_exponent=65537,
+                                                    key_size=3072,
                                                    backend=default_backend())
        self.signing_certificate = self._create_self_signed_certificate(
            self.private_key,