Enable 1024-bit RSA keys because some people live with decade-old setups.
This commit is contained in:
parent
4ed6287e5c
commit
f7e6c10606
@ -263,14 +263,14 @@ validationSPF form = ado
|
|||||||
, v = form.v, mechanisms = Just mechanisms
|
, v = form.v, mechanisms = Just mechanisms
|
||||||
, modifiers = Just modifiers, q = form.q }
|
, modifiers = Just modifiers, q = form.q }
|
||||||
|
|
||||||
-- | Accepted RSA key sizes = 2048 or 4096 bits, 256 bits for ED25519.
|
-- | Accepted RSA key sizes = 1024, 2048 or 4096 bits, 256 bits for ED25519.
|
||||||
-- |
|
-- |
|
||||||
-- | Since the public key representation for the RSA algorithm is in PKCS format (RFC 5958)
|
-- | Since the public key representation for the RSA algorithm is in PKCS format (RFC 5958)
|
||||||
-- | then converted in PEM (RFC 7468), and knowing this format enables some optional parameters,
|
-- | then converted in PEM (RFC 7468), and knowing this format enables some optional parameters,
|
||||||
-- | it is not possible to expect an exact size for the public key input.
|
-- | it is not possible to expect an exact size for the public key input.
|
||||||
-- | Consequently, we expect *at least* an input of 250 bytes for public key, loosely leading
|
-- | Consequently, we expect *at least* an input of 128 bytes for public key, loosely leading
|
||||||
-- | to accept key sizes of at least 2048 bits. Maximum allowed key size is also arbitrary.
|
-- | to accept key sizes of at least 1024 bits. Maximum allowed key size is also arbitrary.
|
||||||
rsa_min_key_size = 250 :: Int
|
rsa_min_key_size = 128 :: Int
|
||||||
rsa_max_key_size = 1000 :: Int
|
rsa_max_key_size = 1000 :: Int
|
||||||
|
|
||||||
-- | Contrary to RSA, ED25519 doesn't use a PEM-converted PKCS representation to exchange
|
-- | Contrary to RSA, ED25519 doesn't use a PEM-converted PKCS representation to exchange
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user