test: use stronger curves for keygen

This commit updates the named curves P-192 (prime192v1), and secp192k1 to 256 bit versions. The motivation for this is that in Red Hat Enterprise Linux (RHEL) all ECC curves < 224 bits are removed from OpenSSL provided by the system. I'm not sure if other distributions do this but these 256 bit curves are availalbe in OpenSSL 1.1.0j (current version on master) and OpenSSL 1.1.1 so as far as I can tell it should be safe change to make. PR-URL: #25564 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
nodejs · May 16, 2019 · 7bae3d8 · 7bae3d8
1 parent b8b5853
commit 7bae3d8
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
@@ -279,7 +279,7 @@ function convertDERToPEM(label, der) {
   // Test async elliptic curve key generation, e.g. for ECDSA, with an encrypted
   // private key.
   generateKeyPair('ec', {
-    namedCurve: 'P-192',
+    namedCurve: 'P-256',
     paramEncoding: 'named',
     publicKeyEncoding: {
       type: 'spki',
@@ -643,15 +643,15 @@ function convertDERToPEM(label, der) {
 
   // It should recognize both NIST and standard curve names.
   generateKeyPair('ec', {
-    namedCurve: 'P-192',
+    namedCurve: 'P-256',
     publicKeyEncoding: { type: 'spki', format: 'pem' },
     privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
   }, common.mustCall((err, publicKey, privateKey) => {
     assert.ifError(err);
   }));
 
   generateKeyPair('ec', {
-    namedCurve: 'secp192k1',
+    namedCurve: 'secp256k1',
     publicKeyEncoding: { type: 'spki', format: 'pem' },
     privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
   }, common.mustCall((err, publicKey, privateKey) => {