Change default key size for KRA storage unit to 128

Most of the research out there seems to indicate that AES-128 is more than sufficient for security. Use this as default. Change-Id: Ie333282eacc5ce628c90296561e4cd6a76dcbd8e
author: Ade Lee <alee@redhat.com> 2017-03-29 12:27:46 -0400
committer: Ade Lee <alee@redhat.com> 2017-04-03 13:12:37 -0400
commit: 2d77ca150ee17238f4b137e3987a69e888141d51 (patch)
tree: 35331b35a3b2f8814b3193f8c7257fc77b3ecdb5 /base/kra/shared/conf
parent: 136d22953d05c459986a98465e4266bac37b44dc (diff)
download: pki-2d77ca150ee17238f4b137e3987a69e888141d51.tar.gz
pki-2d77ca150ee17238f4b137e3987a69e888141d51.tar.xz
pki-2d77ca150ee17238f4b137e3987a69e888141d51.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/base/kra/shared/conf/CS.cfg b/base/kra/shared/conf/CS.cfg
index 045a8238b..bd49a8ded 100644
--- a/base/kra/shared/conf/CS.cfg
+++ b/base/kra/shared/conf/CS.cfg
@@ -279,7 +279,7 @@ kra.storageUnit.wrapping.0.payloadEncryptionIV=AQEBAQEBAQE=
 kra.storageUnit.wrapping.0.payloadWrapAlgorithm=DES3/CBC/Pad
 kra.storageUnit.wrapping.0.payloadWrapIV=AQEBAQEBAQE=
 kra.storageUnit.wrapping.0.sessionKeyType=DESede
-kra.storageUnit.wrapping.1.sessionKeyLength=256
+kra.storageUnit.wrapping.1.sessionKeyLength=128
 kra.storageUnit.wrapping.1.sessionKeyWrapAlgorithm=RSA
 kra.storageUnit.wrapping.1.payloadEncryptionPadding=PKCS5Padding
 kra.storageUnit.wrapping.1.sessionKeyKeyGenAlgorithm=AES
author	Ade Lee <alee@redhat.com>	2017-03-29 12:27:46 -0400
committer	Ade Lee <alee@redhat.com>	2017-04-03 13:12:37 -0400
commit	2d77ca150ee17238f4b137e3987a69e888141d51 (patch)
tree	35331b35a3b2f8814b3193f8c7257fc77b3ecdb5 /base/kra/shared/conf
parent	136d22953d05c459986a98465e4266bac37b44dc (diff)
download	pki-2d77ca150ee17238f4b137e3987a69e888141d51.tar.gz pki-2d77ca150ee17238f4b137e3987a69e888141d51.tar.xz pki-2d77ca150ee17238f4b137e3987a69e888141d51.zip