Skip to content

Update cert utils #1143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 27, 2025
Merged

Update cert utils #1143

merged 1 commit into from
Jun 27, 2025

Conversation

oCHRISo
Copy link
Collaborator

@oCHRISo oCHRISo commented Jun 25, 2025

Potential fix for https://github.com/nginx/agent/security/code-scanning/164

To fix the issue, the bits constant should be updated to use a secure key size of at least 2048 bits. This change ensures compliance with modern cryptographic standards and mitigates the risk of brute-force attacks. The fix involves modifying the bits constant definition and ensuring that the updated value is used in the rsa.GenerateKey function.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@oCHRISo @github-advanced-security
Update cert utils
1147dc1 
Increase to 2048 bits for RSA key

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@github-actions github-actions bot added bug Something isn't working chore Pull requests for routine tasks labels Jun 25, 2025
@oCHRISo oCHRISo changed the title Potential fix for code scanning alert no. 164: Use of a weak cryptographic key Update cert utils Jun 25, 2025
@oCHRISo oCHRISo added the v3.x Issues and Pull Requests related to the major version v3 label Jun 25, 2025
@oCHRISo oCHRISo marked this pull request as ready for review June 25, 2025 14:46
@oCHRISo oCHRISo requested a review from a team as a code owner June 25, 2025 14:46
@dhurley dhurley removed the bug Something isn't working label Jun 27, 2025
@dhurley dhurley merged commit ce964d4 into main Jun 27, 2025
24 checks passed
@dhurley dhurley deleted the update-cert-utils branch June 27, 2025 10:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhurley dhurley dhurley approved these changes

@aphralG aphralG aphralG approved these changes

@john-david3 john-david3 john-david3 approved these changes

Assignees
No one assigned
Labels
chore Pull requests for routine tasks v3.x Issues and Pull Requests related to the major version v3
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@oCHRISo @dhurley @aphralG @john-david3