]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6c14060) | patch
bpo-34399: 2048 bits RSA keys and DH params (GH-8762) (GH-8763)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Tue, 14 Aug 2018 14:52:27 +0000 (10:52 -0400)
committerChristian Heimes <christian@python.org>
Tue, 14 Aug 2018 14:52:27 +0000 (16:52 +0200)
commite3228a3f44e382b6cdd2b5e001b651347013a7d3
treefb55d7ff5a4d550a4a2993e57af9e32f96141853tree | snapshot
parent6c140609770ba161a5bb8aa36ecef0d38e6642dfcommit | diff
bpo-34399: 2048 bits RSA keys and DH params (GH-8762) (GH-8763)

Downstream vendors have started to deprecate weak keys. Update all RSA keys
and DH params to use at least 2048 bits.

Finite field DH param file use RFC 7919 values, generated with

    certtool --get-dh-params --sec-param=high

Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 88bfd0bce05043f658e50addd21366f317995e35)

Co-authored-by: Christian Heimes <christian@python.org>
Lib/test/dh1024.pem [deleted file] blob | blame | history
Lib/test/ffdh3072.pem [new file with mode: 0644] blob
Lib/test/test_ssl.py diff | blob | blame | history
Lib/test/wrongcert.pem [deleted file] blob | blame | history
Misc/NEWS.d/next/Tests/2018-08-14-10-47-44.bpo-34399.D_jd1G.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git