From 041f3876bb83701b1c5a49d3c71f3fafc02a1f11 Mon Sep 17 00:00:00 2001 From: tomaioo Date: Sun, 10 May 2026 17:12:06 -0700 Subject: [PATCH] fix(create-plugin): weak rsa key size The generatePrivateKey function uses RSA with 1024-bit key size (b: 1024), which is considered cryptographically weak by modern standards. NIST recommends at least 2048-bit keys for RSA. Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com> --- packages/create-plugin/src/privateKey.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/create-plugin/src/privateKey.ts b/packages/create-plugin/src/privateKey.ts index 973df8ef47..8207ec9acf 100644 --- a/packages/create-plugin/src/privateKey.ts +++ b/packages/create-plugin/src/privateKey.ts @@ -6,6 +6,6 @@ import RSA from "node-rsa"; * Create a private key for a kintone plugin */ export const generatePrivateKey = () => { - const key = new RSA({ b: 1024 }); + const key = new RSA({ b: 2048 }); return key.exportKey("pkcs1-private"); };