aboutsummaryrefslogtreecommitdiffstats
path: root/tests/integration
diff options
context:
space:
mode:
authormainboarder <git@mainboarder.de>2023-08-28 02:53:16 +0200
committerGitHub <noreply@github.com>2023-08-28 00:53:16 +0000
commitc533991519816313dfaa0ddcec183756a97b9348 (patch)
tree66ce0853585a3403c597ad40f40f4e7d28b6a3fa /tests/integration
parent2401e6e1210cb41481e7443ab256a0ee9bda44f4 (diff)
downloadgitea-c533991519816313dfaa0ddcec183756a97b9348.tar.gz
gitea-c533991519816313dfaa0ddcec183756a97b9348.zip
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits starting 2024, in the year 2023 3000bits as a recommendation. Gitea should request longer RSA Keys by default in favor of security and drop old clients which do not support longer keys. https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9 - Page 19, Table 1.2 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'tests/integration')
-rw-r--r--tests/integration/api_httpsig_test.go3
1 files changed, 3 insertions, 0 deletions
diff --git a/tests/integration/api_httpsig_test.go b/tests/integration/api_httpsig_test.go
index 4520364527..675ec54ff5 100644
--- a/tests/integration/api_httpsig_test.go
+++ b/tests/integration/api_httpsig_test.go
@@ -11,7 +11,9 @@ import (
"testing"
auth_model "code.gitea.io/gitea/models/auth"
+ "code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
+ "code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/tests"
"github.com/go-fed/httpsig"
@@ -52,6 +54,7 @@ fhTNAzWwZoQ91aHdAAAAFHUwMDIyMTQ2QGljdHMtcC1ueC03AQIDBAUG
func TestHTTPSigPubKey(t *testing.T) {
// Add our public key to user1
defer tests.PrepareTestEnv(t)()
+ defer test.MockVariableValue(&setting.SSH.MinimumKeySizeCheck, false)()
session := loginUser(t, "user1")
token := url.QueryEscape(getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteUser))
keysURL := fmt.Sprintf("/api/v1/user/keys?token=%s", token)