artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7422d82)
switch RSA key generation default to 2048 bits (matching ssh); ok miod@
authorsthen <sthen@openbsd.org>
Sat, 17 May 2014 12:12:05 +0000 (12:12 +0000)
committersthen <sthen@openbsd.org>
Sat, 17 May 2014 12:12:05 +0000 (12:12 +0000)
lib/libcrypto/rsa/rsa_pmeth.c patch | blob | history
lib/libssl/src/apps/genrsa.c patch | blob | history
lib/libssl/src/crypto/rsa/rsa_pmeth.c patch | blob | history
lib/libssl/src/doc/apps/genpkey.pod patch | blob | history
lib/libssl/src/doc/apps/genrsa.pod patch | blob | history

diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c
index 09ef090..5580b77 100644 (file)
--- a/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/lib/libcrypto/rsa/rsa_pmeth.c
@@ -96,7 +96,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
        rctx = malloc(sizeof(RSA_PKEY_CTX));
        if (!rctx)
                return 0;
-       rctx->nbits = 1024;
+       rctx->nbits = 2048;
        rctx->pub_exp = NULL;
        rctx->pad_mode = RSA_PKCS1_PADDING;
        rctx->md = NULL;
diff --git a/lib/libssl/src/apps/genrsa.c b/lib/libssl/src/apps/genrsa.c
index c658828..88c80f2 100644 (file)
--- a/lib/libssl/src/apps/genrsa.c
+++ b/lib/libssl/src/apps/genrsa.c
@@ -78,7 +78,7 @@
 #include <openssl/pem.h>
 #include <openssl/rand.h>
 
-#define DEFBITS        1024
+#define DEFBITS        2048
 
 static int genrsa_cb(int p, int n, BN_GENCB * cb);
 
diff --git a/lib/libssl/src/crypto/rsa/rsa_pmeth.c b/lib/libssl/src/crypto/rsa/rsa_pmeth.c
index 09ef090..5580b77 100644 (file)
--- a/lib/libssl/src/crypto/rsa/rsa_pmeth.c
+++ b/lib/libssl/src/crypto/rsa/rsa_pmeth.c
@@ -96,7 +96,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
        rctx = malloc(sizeof(RSA_PKEY_CTX));
        if (!rctx)
                return 0;
-       rctx->nbits = 1024;
+       rctx->nbits = 2048;
        rctx->pub_exp = NULL;
        rctx->pad_mode = RSA_PKCS1_PADDING;
        rctx->md = NULL;
diff --git a/lib/libssl/src/doc/apps/genpkey.pod b/lib/libssl/src/doc/apps/genpkey.pod
index 80e91ed..1870e30 100644 (file)
--- a/lib/libssl/src/doc/apps/genpkey.pod
+++ b/lib/libssl/src/doc/apps/genpkey.pod
@@ -97,7 +97,7 @@ below.
 
 =item B<rsa_keygen_bits:numbits>
 
-The number of bits in the generated key. If not specified 1024 is used.
+The number of bits in the generated key. If not specified 2048 is used.
 
 =item B<rsa_keygen_pubexp:value>
 
diff --git a/lib/libssl/src/doc/apps/genrsa.pod b/lib/libssl/src/doc/apps/genrsa.pod
index 608f237..35fd5d4 100644 (file)
--- a/lib/libssl/src/doc/apps/genrsa.pod
+++ b/lib/libssl/src/doc/apps/genrsa.pod
@@ -65,7 +65,7 @@ for all available algorithms.
 =item B<numbits>
 
 the size of the private key to generate in bits. This must be the last option
-specified. The default is 512.
+specified. The default is 2048.
 
 =back
 
OpenBSD src
by Ahmet Artu Yildirim