From a544fe4b38dc3edff78a24be6c3e0d72d017b885 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Tue, 16 Aug 2016 15:44:54 -0700 Subject: [PATCH] Vendor swarmkit to change root key to P-256 Signed-off-by: Tibor Vass --- hack/vendor.sh | 2 +- vendor/src/github.com/docker/swarmkit/ca/certificates.go | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/hack/vendor.sh b/hack/vendor.sh index fcf71c97b2..665aa079ce 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -139,7 +139,7 @@ clone git github.com/docker/docker-credential-helpers v0.3.0 clone git github.com/docker/containerd 0ac3cd1be170d180b2baed755e8f0da547ceb267 # cluster -clone git github.com/docker/swarmkit 3708fb309aacfff321759bcdcc99b0f57806d27f +clone git github.com/docker/swarmkit bfbec9f2b6a487100a80027f6ee16cc0c646a8f5 clone git github.com/golang/mock bd3c8e81be01eef76d4b503f5e687d2d1354d2d9 clone git github.com/gogo/protobuf 43a2e0b1c32252bfbbdf81f7faa7a88fb3fa4028 clone git github.com/cloudflare/cfssl b895b0549c0ff676f92cf09ba971ae02bb41367b diff --git a/vendor/src/github.com/docker/swarmkit/ca/certificates.go b/vendor/src/github.com/docker/swarmkit/ca/certificates.go index 2264026f52..2d0fe24f66 100644 --- a/vendor/src/github.com/docker/swarmkit/ca/certificates.go +++ b/vendor/src/github.com/docker/swarmkit/ca/certificates.go @@ -37,13 +37,14 @@ import ( const ( // Security Strength Equivalence //----------------------------------- - //| Key-type | ECC | DH/DSA/RSA | - //| Node | 256 | 3072 | - //| Root | 384 | 7680 | + //| ECC | DH/DSA/RSA | + //| 256 | 3072 | + //| 384 | 7680 | //----------------------------------- // RootKeySize is the default size of the root CA key - RootKeySize = 384 + // It would be ideal for the root key to use P-384, but in P-384 is not optimized in go yet :( + RootKeySize = 256 // RootKeyAlgo defines the default algorithm for the root CA Key RootKeyAlgo = "ecdsa" // PassphraseENVVar defines the environment variable to look for the