Skip to content

Commit b307ba4

Browse files
JakujeJakuje
committed
tests: Generate larger keys for compatibility with FIPS Mode
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
1 parent 5b5a42e commit b307ba4

File tree

2 files changed

+8
-8
lines changed

2 files changed

+8
-8
lines changed

cryptoki/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ let pub_key_template = vec![
7373
Attribute::Token(true),
7474
Attribute::Private(false),
7575
Attribute::PublicExponent(vec![0x01, 0x00, 0x01]),
76-
Attribute::ModulusBits(1024.into()),
76+
Attribute::ModulusBits(2048.into()),
7777
];
7878

7979
let priv_key_template = vec![Attribute::Token(true)];

cryptoki/tests/basic.rs

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ fn sign_verify() -> TestResult {
4848
let mechanism = Mechanism::RsaPkcsKeyPairGen;
4949

5050
let public_exponent: Vec<u8> = vec![0x01, 0x00, 0x01];
51-
let modulus_bits = 1024;
51+
let modulus_bits = 2048;
5252

5353
// pub key template
5454
let pub_key_template = vec![
@@ -234,7 +234,7 @@ fn sign_verify_multipart() -> TestResult {
234234

235235
// Define parameters for keypair
236236
let public_exponent = vec![0x01, 0x00, 0x01];
237-
let modulus_bits = 1024;
237+
let modulus_bits = 2048;
238238

239239
let pub_key_template = vec![
240240
Attribute::Token(true),
@@ -343,7 +343,7 @@ fn sign_verify_multipart_already_initialized() -> TestResult {
343343

344344
// Define parameters for keypair
345345
let public_exponent = vec![0x01, 0x00, 0x01];
346-
let modulus_bits = 1024;
346+
let modulus_bits = 2048;
347347

348348
let pub_key_template = vec![
349349
Attribute::Token(true),
@@ -408,7 +408,7 @@ fn encrypt_decrypt() -> TestResult {
408408
let mechanism = Mechanism::RsaPkcsKeyPairGen;
409409

410410
let public_exponent: Vec<u8> = vec![0x01, 0x00, 0x01];
411-
let modulus_bits = 1024;
411+
let modulus_bits = 2048;
412412

413413
// pub key template
414414
let pub_key_template = vec![
@@ -1310,7 +1310,7 @@ fn wrap_and_unwrap_key() {
13101310
Attribute::Token(true),
13111311
Attribute::Private(true),
13121312
Attribute::PublicExponent(vec![0x01, 0x00, 0x01]),
1313-
Attribute::ModulusBits(1024.into()),
1313+
Attribute::ModulusBits(2048.into()),
13141314
// key needs to have "wrap" attribute to wrap other keys
13151315
Attribute::Wrap(true),
13161316
];
@@ -1329,7 +1329,7 @@ fn wrap_and_unwrap_key() {
13291329
let wrapped_key = session
13301330
.wrap_key(&Mechanism::RsaPkcs, wrapping_key, key_to_be_wrapped)
13311331
.unwrap();
1332-
assert_eq!(wrapped_key.len(), 128);
1332+
assert_eq!(wrapped_key.len(), 256);
13331333

13341334
let unwrapped_key = session
13351335
.unwrap_key(
@@ -1950,7 +1950,7 @@ fn update_attributes_key() -> TestResult {
19501950
Attribute::Token(true),
19511951
Attribute::Private(true),
19521952
Attribute::PublicExponent(vec![0x01, 0x00, 0x01]),
1953-
Attribute::ModulusBits(1024.into()),
1953+
Attribute::ModulusBits(2048.into()),
19541954
];
19551955

19561956
// priv key template

0 commit comments

Comments
 (0)