Could you describe purpose of cert fixtures and their cryptokey lengths.

[lolgear]

You have several pem files inside certs folder.
They are algorithm_length_wrong_privacy.

But you have rsa keys which are longer than esa keys.
Could you describe why they are longer?

Also, could you share script that generate keys?

Thanks!

[excpt]

The pem files are there just for the tests. To avoid creating new certs on the fly every time when running the tests.

RSA keys with a size smaller than 1024 bit are insecure and can be recomputed.
RSA keys are always bigger in size on the same level of security than ECDSA keys.

ECDSA is a much more sophisticated algorithm that is based on elliptic curves and super large numbers and mathematics and unicorns and dragons and black wizards practising black magic and is currently nearly unbreakable and requires less space.

The keys are "standard" sized. I don't have the script any longer due to a disk crash a few months ago and incomplete backups.

If I may find the script anywhere I will let you know and post the answer here.

A little more about RSA vs. ECDSA:
http://crypto.stackexchange.com/questions/3216/signatures-rsa-compared-to-ecdsa?answertab=votes#tab-top

[lolgear]

@excpt thanks for information!