From bb3399a61c033323f0d465094d6674b7432addee Mon Sep 17 00:00:00 2001 From: SHIBATA Hiroshi Date: Fri, 15 Jan 2016 16:00:40 +0900 Subject: [PATCH] support 2048 bit length DH-key --- lib/openssl/pkey.rb | 12 ++++++++++++ test/test_pkey_dh.rb | 14 ++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb index 89563b653..df126fd9f 100644 --- a/lib/openssl/pkey.rb +++ b/lib/openssl/pkey.rb @@ -9,6 +9,17 @@ class DH MIGHAoGBAJ0lOVy0VIr/JebWn0zDwY2h+rqITFOpdNr6ugsgvkDXuucdcChhYExJ AV/ZD2AWPbrTqV76mGRgJg4EddgT1zG0jq3rnFdMj2XzkBYx3BVvfR0Arnby0RHR T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC +-----END DH PARAMETERS----- + _end_of_pem_ + + DEFAULT_2048 = new <<-_end_of_pem_ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY +JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab +VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6 +YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 +1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD +7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg== -----END DH PARAMETERS----- _end_of_pem_ end @@ -17,6 +28,7 @@ class DH warn "using default DH parameters." if $VERBOSE case keylen when 1024 then OpenSSL::PKey::DH::DEFAULT_1024 + when 2048 then OpenSSL::PKey::DH::DEFAULT_2048 else nil end diff --git a/test/test_pkey_dh.rb b/test/test_pkey_dh.rb index 95e0e014d..74060f62b 100644 --- a/test/test_pkey_dh.rb +++ b/test/test_pkey_dh.rb @@ -17,6 +17,20 @@ def test_DEFAULT_1024 assert_equal params, OpenSSL::PKey::DH::DEFAULT_1024.to_s end + def test_DEFAULT_2048 + params = <<-eop +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY +JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab +VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6 +YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 +1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD +7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg== +-----END DH PARAMETERS----- + eop + assert_equal params, OpenSSL::PKey::DH::DEFAULT_2048.to_s + end + def test_new dh = OpenSSL::PKey::DH.new(NEW_KEYLEN) assert_key(dh)