test: use 2048 bit RSA keys by mmomtchev · Pull Request #44498 · nodejs/node
This was referenced
Sep 6, 2022
mmomtchev
changed the title
test: use 4096 bit RSA keys
test: use 2048 bit RSA keys
This was referenced
Sep 8, 2022jkleinsc pushed a commit to electron/electron that referenced this pull request
Nov 30, 2023* chore: upgrade to Node.js v20 * src: allow embedders to override NODE_MODULE_VERSION nodejs/node#49279 * src: fix missing trailing , nodejs/node#46909 * src,tools: initialize cppgc nodejs/node#45704 * tools: allow passing absolute path of config.gypi in js2c nodejs/node#49162 * tools: port js2c.py to C++ nodejs/node#46997 * doc,lib: disambiguate the old term, NativeModule nodejs/node#45673 * chore: fixup Node.js BSSL tests * nodejs/node#49492 * nodejs/node#44498 * deps: upgrade to libuv 1.45.0 nodejs/node#48078 * deps: update V8 to 10.7 nodejs/node#44741 * test: use gcUntil() in test-v8-serialize-leak nodejs/node#49168 * module: make CJS load from ESM loader nodejs/node#47999 * src: make BuiltinLoader threadsafe and non-global nodejs/node#45942 * chore: address changes to CJS/ESM loading * module: make CJS load from ESM loader (nodejs/node#47999) * lib: improve esm resolve performance (nodejs/node#46652) * bootstrap: optimize modules loaded in the built-in snapshot nodejs/node#45849 * test: mark test-runner-output as flaky nodejs/node#49854 * lib: lazy-load deps in modules/run_main.js nodejs/node#45849 * url: use private properties for brand check nodejs/node#46904 * test: refactor `test-node-output-errors` nodejs/node#48992 * assert: deprecate callTracker nodejs/node#47740 * src: cast v8::Object::GetInternalField() return value to v8::Value nodejs/node#48943 * test: adapt test-v8-stats for V8 update nodejs/node#45230 * tls: ensure TLS Sockets are closed if the underlying wrap closes nodejs/node#49327 * test: deflake test-tls-socket-close nodejs/node#49575 * net: fix crash due to simultaneous close/shutdown on JS Stream Sockets nodejs/node#49400 * net: use asserts in JS Socket Stream to catch races in future nodejs/node#49400 * lib: fix BroadcastChannel initialization location nodejs/node#46864 * src: create BaseObject with node::Realm nodejs/node#44348 * src: implement DataQueue and non-memory resident Blob nodejs/node#45258 * sea: add support for V8 bytecode-only caching nodejs/node#48191 * chore: fixup patch indices * gyp: put filenames in variables nodejs/node#46965 * build: modify js2c.py into GN executable * fix: (WIP) handle string replacement of fs -> original-fs * [v20.x] backport vm-related memory fixes nodejs/node#49874 * src: make BuiltinLoader threadsafe and non-global nodejs/node#45942 * src: avoid copying string in fs_permission nodejs/node#47746 * look upon my works ye mighty and dispair * chore: patch cleanup * [api] Remove AllCan Read/Write https://chromium-review.googlesource.com/c/v8/v8/+/5006387 * fix: missing include for NODE_EXTERN * chore: fixup patch indices * fix: fail properly when js2c fails in Node.js * build: fix js2c root_gen_dir * fix: lib/fs.js -> lib/original-fs.js * build: fix original-fs file xforms * fixup! module: make CJS load from ESM loader * build: get rid of CppHeap for now * build: add patch to prevent extra fs lookup on esm load * build: greatly simplify js2c modifications Moves our original-fs modifications back into a super simple python script action, wires up the output of that action into our call to js2c * chore: update to handle moved internal/modules/helpers file * test: update @types/node test * feat: enable preventing cppgc heap creation * feat: optionally prevent calling V8::EnableWebAssemblyTrapHandler * fix: no cppgc initialization in the renderer * gyp: put filenames in variables nodejs/node#46965 * test: disable single executable tests * fix: nan tests failing on node headers missing file * tls,http2: send fatal alert on ALPN mismatch nodejs/node#44031 * test: disable snapshot tests * nodejs/node#47887 * nodejs/node#49684 * nodejs/node#44193 * build: use deps/v8 for v8/tools Node.js hard depends on these in their builtins * test: fix edge snapshot stack traces nodejs/node#49659 * build: remove js2c //base dep * build: use electron_js2c_toolchain to build node_js2c * fix: don't create SafeSet outside packageResolve Fixes failure in parallel/test-require-delete-array-iterator: === release test-require-delete-array-iterator === Path: parallel/test-require-delete-array-iterator node:internal/per_context/primordials:426 constructor(i) { super(i); } // eslint-disable-line no-useless-constructor ^ TypeError: object is not iterable (cannot read property Symbol(Symbol.iterator)) at new Set (<anonymous>) at new SafeSet (node:internal/per_context/primordials:426:22) * fix: failing crashReporter tests on Linux These were failing because our change from node::InitializeNodeWithArgs to node::InitializeOncePerProcess meant that we now inadvertently called PlatformInit, which reset signal handling. This meant that our intentional crash function ElectronBindings::Crash no longer worked and the renderer process no longer crashed when process.crash() was called. We don't want to use Node.js' default signal handling in the renderer process, so we disable it by passing kNoDefaultSignalHandling to node::InitializeOncePerProcess. * build: only create cppgc heap on non-32 bit platforms * chore: clean up util:CompileAndCall * src: fix compatility with upcoming V8 12.1 APIs nodejs/node#50709 * fix: use thread_local BuiltinLoader * chore: fixup v8 patch indices --------- Co-authored-by: Keeley Hammond <vertedinde@electronjs.org> Co-authored-by: Samuel Attard <marshallofsound@electronjs.org>
MrHuangJser pushed a commit to MrHuangJser/electron that referenced this pull request
Dec 11, 2023* chore: upgrade to Node.js v20 * src: allow embedders to override NODE_MODULE_VERSION nodejs/node#49279 * src: fix missing trailing , nodejs/node#46909 * src,tools: initialize cppgc nodejs/node#45704 * tools: allow passing absolute path of config.gypi in js2c nodejs/node#49162 * tools: port js2c.py to C++ nodejs/node#46997 * doc,lib: disambiguate the old term, NativeModule nodejs/node#45673 * chore: fixup Node.js BSSL tests * nodejs/node#49492 * nodejs/node#44498 * deps: upgrade to libuv 1.45.0 nodejs/node#48078 * deps: update V8 to 10.7 nodejs/node#44741 * test: use gcUntil() in test-v8-serialize-leak nodejs/node#49168 * module: make CJS load from ESM loader nodejs/node#47999 * src: make BuiltinLoader threadsafe and non-global nodejs/node#45942 * chore: address changes to CJS/ESM loading * module: make CJS load from ESM loader (nodejs/node#47999) * lib: improve esm resolve performance (nodejs/node#46652) * bootstrap: optimize modules loaded in the built-in snapshot nodejs/node#45849 * test: mark test-runner-output as flaky nodejs/node#49854 * lib: lazy-load deps in modules/run_main.js nodejs/node#45849 * url: use private properties for brand check nodejs/node#46904 * test: refactor `test-node-output-errors` nodejs/node#48992 * assert: deprecate callTracker nodejs/node#47740 * src: cast v8::Object::GetInternalField() return value to v8::Value nodejs/node#48943 * test: adapt test-v8-stats for V8 update nodejs/node#45230 * tls: ensure TLS Sockets are closed if the underlying wrap closes nodejs/node#49327 * test: deflake test-tls-socket-close nodejs/node#49575 * net: fix crash due to simultaneous close/shutdown on JS Stream Sockets nodejs/node#49400 * net: use asserts in JS Socket Stream to catch races in future nodejs/node#49400 * lib: fix BroadcastChannel initialization location nodejs/node#46864 * src: create BaseObject with node::Realm nodejs/node#44348 * src: implement DataQueue and non-memory resident Blob nodejs/node#45258 * sea: add support for V8 bytecode-only caching nodejs/node#48191 * chore: fixup patch indices * gyp: put filenames in variables nodejs/node#46965 * build: modify js2c.py into GN executable * fix: (WIP) handle string replacement of fs -> original-fs * [v20.x] backport vm-related memory fixes nodejs/node#49874 * src: make BuiltinLoader threadsafe and non-global nodejs/node#45942 * src: avoid copying string in fs_permission nodejs/node#47746 * look upon my works ye mighty and dispair * chore: patch cleanup * [api] Remove AllCan Read/Write https://chromium-review.googlesource.com/c/v8/v8/+/5006387 * fix: missing include for NODE_EXTERN * chore: fixup patch indices * fix: fail properly when js2c fails in Node.js * build: fix js2c root_gen_dir * fix: lib/fs.js -> lib/original-fs.js * build: fix original-fs file xforms * fixup! module: make CJS load from ESM loader * build: get rid of CppHeap for now * build: add patch to prevent extra fs lookup on esm load * build: greatly simplify js2c modifications Moves our original-fs modifications back into a super simple python script action, wires up the output of that action into our call to js2c * chore: update to handle moved internal/modules/helpers file * test: update @types/node test * feat: enable preventing cppgc heap creation * feat: optionally prevent calling V8::EnableWebAssemblyTrapHandler * fix: no cppgc initialization in the renderer * gyp: put filenames in variables nodejs/node#46965 * test: disable single executable tests * fix: nan tests failing on node headers missing file * tls,http2: send fatal alert on ALPN mismatch nodejs/node#44031 * test: disable snapshot tests * nodejs/node#47887 * nodejs/node#49684 * nodejs/node#44193 * build: use deps/v8 for v8/tools Node.js hard depends on these in their builtins * test: fix edge snapshot stack traces nodejs/node#49659 * build: remove js2c //base dep * build: use electron_js2c_toolchain to build node_js2c * fix: don't create SafeSet outside packageResolve Fixes failure in parallel/test-require-delete-array-iterator: === release test-require-delete-array-iterator === Path: parallel/test-require-delete-array-iterator node:internal/per_context/primordials:426 constructor(i) { super(i); } // eslint-disable-line no-useless-constructor ^ TypeError: object is not iterable (cannot read property Symbol(Symbol.iterator)) at new Set (<anonymous>) at new SafeSet (node:internal/per_context/primordials:426:22) * fix: failing crashReporter tests on Linux These were failing because our change from node::InitializeNodeWithArgs to node::InitializeOncePerProcess meant that we now inadvertently called PlatformInit, which reset signal handling. This meant that our intentional crash function ElectronBindings::Crash no longer worked and the renderer process no longer crashed when process.crash() was called. We don't want to use Node.js' default signal handling in the renderer process, so we disable it by passing kNoDefaultSignalHandling to node::InitializeOncePerProcess. * build: only create cppgc heap on non-32 bit platforms * chore: clean up util:CompileAndCall * src: fix compatility with upcoming V8 12.1 APIs nodejs/node#50709 * fix: use thread_local BuiltinLoader * chore: fixup v8 patch indices --------- Co-authored-by: Keeley Hammond <vertedinde@electronjs.org> Co-authored-by: Samuel Attard <marshallofsound@electronjs.org>
mhdawson added a commit to mhdawson/io.js that referenced this pull request
Aug 27, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com>
nodejs-github-bot pushed a commit that referenced this pull request
Aug 29, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
RafaelGSS pushed a commit that referenced this pull request
Aug 30, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
RafaelGSS pushed a commit that referenced this pull request
Aug 30, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
RafaelGSS pushed a commit that referenced this pull request
Aug 30, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
sendoru pushed a commit to sendoru/node that referenced this pull request
Sep 1, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
RafaelGSS pushed a commit that referenced this pull request
Sep 1, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request
Sep 22, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
aduh95 pushed a commit to aduh95/node that referenced this pull request
Sep 24, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request
Sep 26, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
richardlau pushed a commit to aduh95/node that referenced this pull request
Sep 27, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
maitrungduc1410 pushed a commit to maitrungduc1410/webrtc that referenced this pull request
Oct 1, 2024
since 1024 is already deprecated by OpenSSL and causes "too small key" issues on systems enforcing a minimum size. Similar issue here: nodejs/node#44498 The minimum key size is not yet changed from 1024, this will require more effort for deprecation. BUG=webrtc:364338811 Change-Id: Id4b24a2c289ec5e3f112288d32b8ac697ba1cfed Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/361128 Reviewed-by: David Benjamin <davidben@webrtc.org> Reviewed-by: Harald Alvestrand <hta@webrtc.org> Commit-Queue: Philipp Hancke <phancke@meta.com> Cr-Commit-Position: refs/heads/main@{#43110}
targos pushed a commit that referenced this pull request
Oct 2, 2024
Refs: #44498 Refs: #53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in #53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
louwers pushed a commit to louwers/node that referenced this pull request
Nov 2, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
tpoisseau pushed a commit to tpoisseau/node that referenced this pull request
Nov 21, 2024
Refs: nodejs#44498 Refs: nodejs#53382 Key sizes were increased to 2048 in PR 44498 including the configuration file for the generation of ca2-cert.pem. However, it seems like updating ca2-cert.pem and related files themselves were missed as they were not updated in the PR and the ca2-cert.pem reported as being associated with a 1024 bit key. I believe that was the cause of some of the failures mentioned in nodejs#53382 as OpenSSL 3.2 increased the default security level from 1 to 2 and that would mean that certificates associated with keys of 1024 bits would no longer be accepted. This PR updates the key size for ca2-cert.pem. It was not necessary to change the config, only run the generation for the ca2-cert.pem and related files. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#54599 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified-and-comments-removed that referenced this pull request
Nov 26, 2024
Upstream commit: https://webrtc.googlesource.com/src/+/d79a1859e058b6a030177b24ed8e4bb14525af79 ssl: increase default RSA key size to 2048 bits since 1024 is already deprecated by OpenSSL and causes "too small key" issues on systems enforcing a minimum size. Similar issue here: nodejs/node#44498 The minimum key size is not yet changed from 1024, this will require more effort for deprecation. BUG=webrtc:364338811 Change-Id: Id4b24a2c289ec5e3f112288d32b8ac697ba1cfed Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/361128 Reviewed-by: David Benjamin <davidbenwebrtc.org> Reviewed-by: Harald Alvestrand <htawebrtc.org> Commit-Queue: Philipp Hancke <phanckemeta.com> Cr-Commit-Position: refs/heads/main{#43110} UltraBlame original commit: a674447f7a1f2d87718780cf2311b324c10f5384
gecko-dev-updater pushed a commit to marco-c/gecko-dev-comments-removed that referenced this pull request
Nov 27, 2024
Upstream commit: https://webrtc.googlesource.com/src/+/d79a1859e058b6a030177b24ed8e4bb14525af79 ssl: increase default RSA key size to 2048 bits since 1024 is already deprecated by OpenSSL and causes "too small key" issues on systems enforcing a minimum size. Similar issue here: nodejs/node#44498 The minimum key size is not yet changed from 1024, this will require more effort for deprecation. BUG=webrtc:364338811 Change-Id: Id4b24a2c289ec5e3f112288d32b8ac697ba1cfed Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/361128 Reviewed-by: David Benjamin <davidbenwebrtc.org> Reviewed-by: Harald Alvestrand <htawebrtc.org> Commit-Queue: Philipp Hancke <phanckemeta.com> Cr-Commit-Position: refs/heads/main{#43110} UltraBlame original commit: a674447f7a1f2d87718780cf2311b324c10f5384
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified that referenced this pull request
Nov 27, 2024
Upstream commit: https://webrtc.googlesource.com/src/+/d79a1859e058b6a030177b24ed8e4bb14525af79 ssl: increase default RSA key size to 2048 bits since 1024 is already deprecated by OpenSSL and causes "too small key" issues on systems enforcing a minimum size. Similar issue here: nodejs/node#44498 The minimum key size is not yet changed from 1024, this will require more effort for deprecation. BUG=webrtc:364338811 Change-Id: Id4b24a2c289ec5e3f112288d32b8ac697ba1cfed Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/361128 Reviewed-by: David Benjamin <davidbenwebrtc.org> Reviewed-by: Harald Alvestrand <htawebrtc.org> Commit-Queue: Philipp Hancke <phanckemeta.com> Cr-Commit-Position: refs/heads/main{#43110} UltraBlame original commit: a674447f7a1f2d87718780cf2311b324c10f5384
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters