replace 512 bit dh key with a 2014 bit one (closes #23844)

Patch by Cédric Krier.

replace 512 bit dh key with a 2014 bit one (closes #23844)
Patch by Cédric Krier.
df11d4cb · Benjamin Peterson · a5a44aba · df11d4cb · a5a44aba · df11d4cb
Commit df11d4cb authored Apr 02, 2015 by Benjamin Peterson
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 10 deletions

Lib/test/dh1024.pem Lib/test/dh1024.pem +7 -0

Lib/test/dh512.pem Lib/test/dh512.pem +0 -9

Lib/test/test_ssl.py Lib/test/test_ssl.py +1 -1

No files found.
--- a/Lib/test/dh1024.pem
+++ b/Lib/test/dh1024.pem
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAIbzw1s9CT8SV5yv6L7esdAdZYZjPi3qWFs61CYTFFQnf2s/d09NYaJt
+rrvJhIzWavqnue71qXCf83/J3nz3FEwUU/L0mGyheVbsSHiI64wUo3u50wK5Igo0
+RNs/LD0irs7m0icZ//hijafTU+JOBiuA8zMI+oZfU7BGuc9XrUprAgEC
+-----END DH PARAMETERS-----
+
+Generated with: openssl dhparam -out dh1024.pem  1024
--- a/Lib/test/dh512.pem
+++ b/Lib/test/dh512.pem
-----BEGIN DH PARAMETERS-----
-MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak
-XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC
-----END DH PARAMETERS-----
-
-These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -66,7 +66,7 @@ BADKEY = data_file("badkey.pem")
 NOKIACERT = data_file("nokia.pem")
 NULLBYTECERT = data_file("nullbytecert.pem")

-DHFILE = data_file("dh512.pem")
+DHFILE = data_file("dh1024.pem")
 BYTES_DHFILE = DHFILE.encode(sys.getfilesystemencoding())