Public bug reported:
The SAML plugin creates RSA keys with a length of 1024 bits which is
considered insecure. Some services, such as the Swiss academic network
SWITCH, maintaining a Shibboleth-based infrastructure, don't accept RSA
1024 keys anymore.
Ideally, this should be configurable, but I would suggest to raise
default to 2048 bits:
auth/saml/lib.php, line 639
Replace
$privkey = openssl_pkey_new();
with
$privkey = openssl_pkey_new(['private_key_bits' => 2048]);
Affected version: 21.04.01
** Affects: mahara
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: mahara-contributors
https://bugs.launchpad.net/bugs/1939963
Title:
SAML plugin creates RSA 1024 key/certificate
Status in Mahara:
New
Bug description:
The SAML plugin creates RSA keys with a length of 1024 bits which is
considered insecure. Some services, such as the Swiss academic network
SWITCH, maintaining a Shibboleth-based infrastructure, don't accept
RSA 1024 keys anymore.
Ideally, this should be configurable, but I would suggest to raise
default to 2048 bits:
auth/saml/lib.php, line 639
Replace
$privkey = openssl_pkey_new();
with
$privkey = openssl_pkey_new(['private_key_bits' => 2048]);
Affected version: 21.04.01
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1939963/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : [email protected]
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
