diff options
author | Simon Chopin <simon.chopin@canonical.com> | 2022-04-08 09:49:06 +0200 |
---|---|---|
committer | Florian Wininger <fw.centrale@gmail.com> | 2022-04-12 11:47:46 +0200 |
commit | 6364a20037fe8b752d90725c49379ae08b387227 (patch) | |
tree | 80ac056317fc372d73639bd3fe978a79e33a381f | |
parent | 23a15cc8c77097ca15b0b11f131d4f4613b6e48e (diff) | |
download | net-ssh-6364a20037fe8b752d90725c49379ae08b387227.tar.gz |
Generate all DSA keys with 1024 bits
512bits keys are refused in newer OpenSSL libraries as too weak.
Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
-rw-r--r-- | test/authentication/methods/test_hostbased.rb | 2 | ||||
-rw-r--r-- | test/authentication/methods/test_publickey.rb | 2 | ||||
-rw-r--r-- | test/authentication/test_agent.rb | 12 | ||||
-rw-r--r-- | test/authentication/test_key_manager.rb | 4 | ||||
-rw-r--r-- | test/integration/test_agent.rb | 2 |
5 files changed, 11 insertions, 11 deletions
diff --git a/test/authentication/methods/test_hostbased.rb b/test/authentication/methods/test_hostbased.rb index 99e42fe..dd50caa 100644 --- a/test/authentication/methods/test_hostbased.rb +++ b/test/authentication/methods/test_hostbased.rb @@ -76,7 +76,7 @@ module Authentication @@keys = nil def keys - @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(512)] + @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(1024)] end def key_manager(options = {}) diff --git a/test/authentication/methods/test_publickey.rb b/test/authentication/methods/test_publickey.rb index 5e76ca0..4343232 100644 --- a/test/authentication/methods/test_publickey.rb +++ b/test/authentication/methods/test_publickey.rb @@ -184,7 +184,7 @@ module Authentication @@keys = nil def keys - @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(512)] + @@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(1024)] end def key_manager(options = {}) diff --git a/test/authentication/test_agent.rb b/test/authentication/test_agent.rb index 87247dc..0c15b1d 100644 --- a/test/authentication/test_agent.rb +++ b/test/authentication/test_agent.rb @@ -125,7 +125,7 @@ module Authentication def test_identities_should_augment_identities_with_comment_field key1 = key - key2 = OpenSSL::PKey::DSA.new(512) + key2 = OpenSSL::PKey::DSA.new(1024) socket.expect do |s, type, _buffer| assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type @@ -141,9 +141,9 @@ module Authentication def test_identities_should_ignore_unimplemented_ones key1 = key - key2 = OpenSSL::PKey::DSA.new(512) + key2 = OpenSSL::PKey::DSA.new(1024) key2.to_blob[0..5] = 'badkey' - key3 = OpenSSL::PKey::DSA.new(512) + key3 = OpenSSL::PKey::DSA.new(1024) socket.expect do |s, type, _buffer| assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type @@ -161,7 +161,7 @@ module Authentication def test_identities_should_ignore_invalid_ones key1 = key key2_bad = Net::SSH::Buffer.new(String.new) - key3 = OpenSSL::PKey::DSA.new(512) + key3 = OpenSSL::PKey::DSA.new(1024) socket.expect do |s, type, _buffer| assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type @@ -257,7 +257,7 @@ module Authentication end def test_add_dsa_identity - dsa = OpenSSL::PKey::DSA.new(512) + dsa = OpenSSL::PKey::DSA.new(1024) socket.expect do |s, type, buffer| assert_equal SSH2_AGENT_ADD_IDENTITY, type assert_equal buffer.read_string, "ssh-dss" @@ -276,7 +276,7 @@ module Authentication end def test_add_dsa_cert_identity - cert = make_cert(OpenSSL::PKey::DSA.new(512)) + cert = make_cert(OpenSSL::PKey::DSA.new(1024)) socket.expect do |s, type, buffer| assert_equal SSH2_AGENT_ADD_IDENTITY, type assert_equal buffer.read_string, "ssh-dss-cert-v01@openssh.com" diff --git a/test/authentication/test_key_manager.rb b/test/authentication/test_key_manager.rb index 05cb15d..4368a08 100644 --- a/test/authentication/test_key_manager.rb +++ b/test/authentication/test_key_manager.rb @@ -316,7 +316,7 @@ module Authentication cert.critical_options = {} cert.extensions = {} cert.reserved = '' - cert.sign!(OpenSSL::PKey::DSA.new(512)) + cert.sign!(OpenSSL::PKey::DSA.new(1024)) cert end end @@ -326,7 +326,7 @@ module Authentication end def dsa - @dsa ||= OpenSSL::PKey::DSA.new(512) + @dsa ||= OpenSSL::PKey::DSA.new(1024) end def ecdsa_sha2_nistp256 diff --git a/test/integration/test_agent.rb b/test/integration/test_agent.rb index 294a1b8..8a789d1 100644 --- a/test/integration/test_agent.rb +++ b/test/integration/test_agent.rb @@ -19,7 +19,7 @@ class TestAgent < NetSSHTest def setup @keys = [ OpenSSL::PKey::RSA.new(1024), - OpenSSL::PKey::DSA.new(512), + OpenSSL::PKey::DSA.new(1024), OpenSSL::PKey::EC.new("prime256v1").generate_key ] @keys << Net::SSH::Authentication::ED25519::PrivKey.read(ED25519, nil) if Net::SSH::Authentication::ED25519Loader::LOADED |