summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/crypto/tls/boring.go2
-rw-r--r--src/crypto/tls/boring_test.go2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
index dabc67423d..63957c7442 100644
--- a/src/crypto/tls/boring.go
+++ b/src/crypto/tls/boring.go
@@ -91,7 +91,7 @@ func isBoringCertificate(c *x509.Certificate) bool {
default:
return false
case *rsa.PublicKey:
- if size := k.N.BitLen(); size != 2048 && size != 3072 {
+ if size := k.N.BitLen(); size != 2048 && size != 3072 && size != 4096 {
return false
}
case *ecdsa.PublicKey:
diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
index 8dd477a021..f7a2e03590 100644
--- a/src/crypto/tls/boring_test.go
+++ b/src/crypto/tls/boring_test.go
@@ -309,7 +309,7 @@ func TestBoringCertAlgs(t *testing.T) {
// Set up some roots, intermediate CAs, and leaf certs with various algorithms.
// X_Y is X signed by Y.
R1 := boringCert(t, "R1", boringRSAKey(t, 2048), nil, boringCertCA|boringCertFIPSOK)
- R2 := boringCert(t, "R2", boringRSAKey(t, 4096), nil, boringCertCA)
+ R2 := boringCert(t, "R2", boringRSAKey(t, 1024), nil, boringCertCA)
M1_R1 := boringCert(t, "M1_R1", boringECDSAKey(t, elliptic.P256()), R1, boringCertCA|boringCertFIPSOK)
M2_R1 := boringCert(t, "M2_R1", boringECDSAKey(t, elliptic.P224()), R1, boringCertCA)
View Lorry Controller Status