Mercurial > hg > nginx-tests

diff stream_ssl.t @ 1488:dbce8fb5f5f8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: align with OpenSSL security level 2. This updates minimum requirements to 2048 bit RSA keys and SHA-2 message digest.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 09 Jul 2019 13:37:55 +0300
parents 0af58b78df35
children f3ba4c74de31
line wrap: on
line diff
--- a/stream_ssl.t
+++ b/stream_ssl.t
@@ -92,7 +92,7 @@ EOF
 
 $t->write_file('openssl.conf', <<EOF);
 [ req ]
-default_bits = 1024
+default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
 [ req_distinguished_name ]
@@ -103,7 +103,7 @@ mkfifo("$d/password_fifo", 0700);
 
 foreach my $name ('localhost', 'inherits') {
 	system("openssl genrsa -out $d/$name.key -passout pass:$name "
-		. "-aes128 1024 >>$d/openssl.out 2>&1") == 0
+		. "-aes128 2048 >>$d/openssl.out 2>&1") == 0
 		or die "Can't create private key: $!\n";
 	system('openssl req -x509 -new '
 		. "-config $d/openssl.conf -subj /CN=$name/ "