rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0040-Increase-the-default-token-key-size.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   8558a77fe59d76a1811343ed58693967cc7a5ec7
  2.   SOURCES
  3.   0040-Increase-the-default-token-key-size.patch
Blob History Raw
8558a7 
From ab2eaf607dd3746dd239595315dbaaebade06320 Mon Sep 17 00:00:00 2001
8558a7 
From: Nathaniel McCallum <npmccallum@redhat.com>
8558a7 
Date: Thu, 22 Feb 2018 14:04:10 -0500
8558a7 
Subject: [PATCH] Increase the default token key size
8558a7
8558a7 
The previous default token key size would fail in FIPS mode for the sha384
8558a7 
and sha512 algorithms. With the updated key size, the default will work in
8558a7 
all cases.
8558a7
8558a7 
https://pagure.io/freeipa/issue/7168
8558a7
8558a7 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
8558a7 
Reviewed-By: Christian Heimes <cheimes@redhat.com>
8558a7 
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
8558a7 
---
8558a7 
 ipaserver/plugins/otptoken.py | 2 +-
8558a7 
 1 file changed, 1 insertion(+), 1 deletion(-)
8558a7
8558a7 
diff --git a/ipaserver/plugins/otptoken.py b/ipaserver/plugins/otptoken.py
8558a7 
index c66f0980f0fc2ed49b4224be40a18ce528a6da7b..a6e423f949659d8157c8471d0fbc3ee8a299ac98 100644
8558a7 
--- a/ipaserver/plugins/otptoken.py
8558a7 
+++ b/ipaserver/plugins/otptoken.py
8558a7 
@@ -72,7 +72,7 @@ TOKEN_TYPES = {
8558a7 
 }
8558a7
8558a7 
 # NOTE: For maximum compatibility, KEY_LENGTH % 5 == 0
8558a7 
-KEY_LENGTH = 20
8558a7 
+KEY_LENGTH = 35
8558a7
8558a7 
 class OTPTokenKey(Bytes):
8558a7 
     """A binary password type specified in base32."""
8558a7 
--
8558a7 
2.14.3
8558a7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation