mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Increase the default token key size
The previous default token key size would fail in FIPS mode for the sha384 and sha512 algorithms. With the updated key size, the default will work in all cases. https://pagure.io/freeipa/issue/7168 Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
committed by
Rob Crittenden
parent
c9c58f2d35
commit
a01a24ce5a
@@ -72,7 +72,7 @@ TOKEN_TYPES = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# NOTE: For maximum compatibility, KEY_LENGTH % 5 == 0
|
# NOTE: For maximum compatibility, KEY_LENGTH % 5 == 0
|
||||||
KEY_LENGTH = 20
|
KEY_LENGTH = 35
|
||||||
|
|
||||||
class OTPTokenKey(Bytes):
|
class OTPTokenKey(Bytes):
|
||||||
"""A binary password type specified in base32."""
|
"""A binary password type specified in base32."""
|
||||||
|
Reference in New Issue
Block a user