Apache/nifi
1
0
Fork 0
mirror of https://github.com/apache/nifi.git synced 2025-02-07 10:38:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

NIFI-12328 Updated OpenPGP test Key Generator Settings

Browse Source 
- Updated DSA Key Size from 1024 to 2048
- Updated Content Signer Algorithm from SHA-1 to SHA-256

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #7992.
This commit is contained in:
exceptionfactory 2023-11-06 21:16:43 -06:00 committed by Pierre Villard
parent 50e2fff05c
commit a89fb17f9f
No known key found for this signature in database
GPG Key ID: F92A93B30C07C6D5
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nifi-nar-bundles/nifi-pgp-bundle/nifi-pgp-test-utils/src/main/java/org/apache/nifi/pgp/util/PGPSecretKeyGenerator.java
View File

@ -47,7 +47,7 @@ public class PGPSecretKeyGenerator {
private static final String DSA_KEY_ALGORITHM = "DSA"; private static final String DSA_KEY_ALGORITHM = "DSA";
private static final int DSA_KEY_SIZE = 1024; private static final int DSA_KEY_SIZE = 2048;
private static final String ELGAMAL_KEY_ALGORITHM = "ELGAMAL"; private static final String ELGAMAL_KEY_ALGORITHM = "ELGAMAL";
@ -55,8 +55,6 @@ public class PGPSecretKeyGenerator {
private static final int KEY_ENCRYPTION_ALGORITHM = PGPEncryptedData.AES_256; private static final int KEY_ENCRYPTION_ALGORITHM = PGPEncryptedData.AES_256;
private static final int HASH_ALGORITHM = HashAlgorithmTags.SHA1;
/** /**
* Generate Secret Keyring containing DSA and ElGamal Key Pairs * Generate Secret Keyring containing DSA and ElGamal Key Pairs
* *
@ -122,10 +120,11 @@ public class PGPSecretKeyGenerator {
} }
private static PGPContentSignerBuilder getContentSignerBuilder(final int algorithm) { private static PGPContentSignerBuilder getContentSignerBuilder(final int algorithm) {
return new JcaPGPContentSignerBuilder(algorithm, HASH_ALGORITHM); return new JcaPGPContentSignerBuilder(algorithm, HashAlgorithmTags.SHA256);
} }
private static PGPDigestCalculator getDigestCalculator() throws PGPException { private static PGPDigestCalculator getDigestCalculator() throws PGPException {
return new JcaPGPDigestCalculatorProviderBuilder().build().get(HASH_ALGORITHM); // RFC 4880 Section 5.5.3 requires SHA-1 for Secret-Key hash calculation
return new JcaPGPDigestCalculatorProviderBuilder().build().get(HashAlgorithmTags.SHA1);
} }
} }