Skip to content

update key-size for test certs to be ready for go 1.24#119

Merged
geofffranks merged 1 commit intomainfrom
keysize
Mar 21, 2025
Merged

update key-size for test certs to be ready for go 1.24#119
geofffranks merged 1 commit intomainfrom
keysize

Conversation

@ameowlia
Copy link
Copy Markdown
Member

@ameowlia ameowlia commented Mar 21, 2025

Summary

rsa.GenerateKey will fail if bitsize < 1024 in go 1.24. This is only used in tests.

From release notes:

GenerateKey now returns an error if a key of less than 1024 bits is requested. All Sign, Verify, Encrypt, and Decrypt methods now return an error if used with a key smaller than 1024 bits. Such keys are insecure and should not be used. GODEBUG setting rsa1024min=0 restores the old behavior, but we recommend doing so only if necessary and only in tests, for example by adding a //go:debug rsa1024min=0 line to a test file. A new GenerateKey example provides an easy-to-use standard 2048-bit test key.

Backward Compatibility

Breaking Change? No.

@ameowlia ameowlia requested a review from a team as a code owner March 21, 2025 15:56
@geofffranks geofffranks merged commit 4d0aa5b into main Mar 21, 2025
1 check passed
@ameowlia ameowlia deleted the keysize branch March 21, 2025 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@geofffranks geofffranks geofffranks approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ameowlia @geofffranks