diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-09-09 12:13:14 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-09-16 12:10:44 +0200 |
commit | 573cf50c4de0102e6b58b7e3f8db27edbb055068 (patch) | |
tree | da4dab0beb3d40948dda54bcf0be2d5b1bddfbaf /openpgp | |
parent | fa4caed6d93e4addaf9396940288c83cac636aad (diff) |
openpgp: Avoid generating RSA keys longer than 2k in tests.
Diffstat (limited to 'openpgp')
-rw-r--r-- | openpgp/src/cert.rs | 4 | ||||
-rw-r--r-- | openpgp/src/cert/builder.rs | 2 | ||||
-rw-r--r-- | openpgp/src/packet/signature.rs | 12 | ||||
-rw-r--r-- | openpgp/src/policy.rs | 10 |
4 files changed, 13 insertions, 15 deletions
diff --git a/openpgp/src/cert.rs b/openpgp/src/cert.rs index f0f51e46..686821d6 100644 --- a/openpgp/src/cert.rs +++ b/openpgp/src/cert.rs @@ -5498,12 +5498,10 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= use crate::packet::signature; for cs in &[ CipherSuite::Cv25519, - CipherSuite::RSA3k, CipherSuite::P256, CipherSuite::P384, CipherSuite::P521, - CipherSuite::RSA2k, - CipherSuite::RSA4k ] + CipherSuite::RSA2k ] { let (alice, _) = CertBuilder::new() .set_cipher_suite(*cs) diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index d5172f20..7f8812f7 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -392,7 +392,7 @@ impl CertBuilder<'_> { /// /// let (rsa, _) = /// CertBuilder::general_purpose(None, Some("alice@example.org")) - /// .set_cipher_suite(CipherSuite::RSA4k) + /// .set_cipher_suite(CipherSuite::RSA2k) /// .generate()?; /// assert_eq!(rsa.primary_key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); /// # Ok(()) diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs index 3dcc711c..9178f76f 100644 --- a/openpgp/src/packet/signature.rs +++ b/openpgp/src/packet/signature.rs @@ -1046,8 +1046,7 @@ impl SignatureBuilder { /// use openpgp::cert::prelude::*; /// use openpgp::packet::prelude::*; /// use openpgp::policy::StandardPolicy; - /// use openpgp::types::KeyFlags; - /// use openpgp::types::SignatureType; + /// use openpgp::types::{Curve, KeyFlags, SignatureType}; /// /// # fn main() -> openpgp::Result<()> { /// let p = &StandardPolicy::new(); @@ -1060,7 +1059,8 @@ impl SignatureBuilder { /// let mut pk_signer = pk.clone().into_keypair()?; /// /// // Generate an encryption subkey. - /// let mut subkey: Key<_, _> = Key4::generate_rsa(3072)?.into(); + /// let mut subkey: Key<_, _> = + /// Key4::generate_ecc(false, Curve::Cv25519)?.into(); /// // Derive a signer. /// let mut sk_signer = subkey.clone().into_keypair()?; /// @@ -1190,8 +1190,7 @@ impl SignatureBuilder { /// use openpgp::cert::prelude::*; /// use openpgp::packet::prelude::*; /// use openpgp::policy::StandardPolicy; - /// use openpgp::types::KeyFlags; - /// use openpgp::types::SignatureType; + /// use openpgp::types::{Curve, KeyFlags, SignatureType}; /// /// # fn main() -> openpgp::Result<()> { /// let p = &StandardPolicy::new(); @@ -1204,7 +1203,8 @@ impl SignatureBuilder { /// let mut pk_signer = pk.clone().into_keypair()?; /// /// // Generate a signing subkey. - /// let mut subkey: Key<_, _> = Key4::generate_rsa(3072)?.into(); + /// let mut subkey: Key<_, _> = + /// Key4::generate_ecc(true, Curve::Ed25519)?.into(); /// // Derive a signer. /// let mut sk_signer = subkey.clone().into_keypair()?; /// diff --git a/openpgp/src/policy.rs b/openpgp/src/policy.rs index f589641c..934f7c12 100644 --- a/openpgp/src/policy.rs +++ b/openpgp/src/policy.rs @@ -2268,7 +2268,7 @@ mod test { // Generate a certificate with an RSA primary and two RSA // subkeys. let (cert,_) = CertBuilder::new() - .set_cipher_suite(CipherSuite::RSA4k) + .set_cipher_suite(CipherSuite::RSA2k) .add_signing_subkey() .add_signing_subkey() .generate()?; @@ -2286,7 +2286,7 @@ mod test { let pk = cert.primary_key().key().parts_as_secret()?; let subkey: key::SecretSubkey - = Key4::generate_rsa(4096)?.into(); + = Key4::generate_rsa(2048)?.into(); let binding = signature::SignatureBuilder::new(SignatureType::SubkeyBinding) .set_key_flags(KeyFlags::empty().set_transport_encryption())? .sign_subkey_binding(&mut pk.clone().into_keypair()?, @@ -2303,7 +2303,7 @@ mod test { // Generate a certificate with an RSA primary, an RSA subkey, // and an ECC subkey. let (cert,_) = CertBuilder::new() - .set_cipher_suite(CipherSuite::RSA4k) + .set_cipher_suite(CipherSuite::RSA2k) .add_signing_subkey() .generate()?; @@ -2498,7 +2498,7 @@ mod test { // subkey. eprintln!("Trying RSA primary, ECC sub:"); let (cert,_) = CertBuilder::new() - .set_cipher_suite(CipherSuite::RSA4k) + .set_cipher_suite(CipherSuite::RSA2k) .add_subkey(KeyFlags::empty().set_signing(), None, CipherSuite::Cv25519) .generate()?; @@ -2517,7 +2517,7 @@ mod test { let (cert,_) = CertBuilder::new() .set_cipher_suite(CipherSuite::Cv25519) .add_subkey(KeyFlags::empty().set_signing(), None, - CipherSuite::RSA4k) + CipherSuite::RSA2k) .generate()?; assert_eq!(cert.keys().with_policy(p, None).count(), 2); |