On Mon, Jan 03, 2022 at 01:01:23PM +0100, Michal Privoznik wrote:
Currently, we generate 2048 bits long DH keys. This may look
enough, but it's not very future proof. When system crypto policy
is tightened only 3072 or longer keys are valid. From
CRYPTO-POLICIES(7):
FUTURE
A conservative security policy that is believed to withstand
any near-term future attacks. ...
• DH params size: >= 3072
• RSA keys size: >= 3072
This policy corresponds to GNUTLS_SEC_PARAM_HIGH parameters.
Therefore, pass that to gnutls_sec_param_to_pk_bits() to get
longer key.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
Reviewed-by: Martin Kletzander <mkletzan@xxxxxxxxxx>
--- Technically, this is a v2 of: https://listman.redhat.com/archives/libvir-list/2021-December/msg00827.html and was already reviewed. I'm sending it here because I've split the original patch into two. The first one, which switches to gnutls_sec_param_to_pk_bits() usage is merged. The second one (this one) which lengthens the key is not. src/rpc/virnettlscontext.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c index 55da485f96..f0b1e8f9c1 100644 --- a/src/rpc/virnettlscontext.c +++ b/src/rpc/virnettlscontext.c @@ -718,7 +718,7 @@ static virNetTLSContext *virNetTLSContextNew(const char *cacert, if (isServer) { unsigned int bits = 0; - bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM); + bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH); if (bits == 0) { virReportError(VIR_ERR_SYSTEM_ERROR, "%s", _("Unable to get key length for diffie-hellman parameters")); -- 2.34.1
Attachment:
signature.asc
Description: PGP signature
