Change default RSA, DSA and DH size to 2048 bit
Fixes: #8737
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #8741
(cherry picked from commit 70b0b977f73cd70e17538af3095d18e0cf59132e)
Kurt Roeckx
4 years ago
| 8 | 8 |
|
| 9 | 9 |
Changes between 1.1.1b and 1.1.1c [xx XXX xxxx]
|
| 10 | 10 |
|
| 11 | |
*)
|
|
11 |
*) Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
|
|
12 |
This changes the size when using the genpkey app when no size is given. It
|
|
13 |
fixes an omission in earlier changes that changed all RSA, DSA and DH
|
|
14 |
generation apps to use 2048 bits by default.
|
|
15 |
[Kurt Roeckx]
|
| 12 | 16 |
|
| 13 | 17 |
Changes between 1.1.1a and 1.1.1b [26 Feb 2019]
|
| 14 | 18 |
|
| 53 | 53 |
DHerr(DH_F_PKEY_DH_INIT, ERR_R_MALLOC_FAILURE);
|
| 54 | 54 |
return 0;
|
| 55 | 55 |
}
|
| 56 | |
dctx->prime_len = 1024;
|
|
56 |
dctx->prime_len = 2048;
|
| 57 | 57 |
dctx->subprime_len = -1;
|
| 58 | 58 |
dctx->generator = 2;
|
| 59 | 59 |
dctx->kdf_type = EVP_PKEY_DH_KDF_NONE;
|
| 19 | 19 |
|
| 20 | 20 |
typedef struct {
|
| 21 | 21 |
/* Parameter gen parameters */
|
| 22 | |
int nbits; /* size of p in bits (default: 1024) */
|
| 23 | |
int qbits; /* size of q in bits (default: 160) */
|
|
22 |
int nbits; /* size of p in bits (default: 2048) */
|
|
23 |
int qbits; /* size of q in bits (default: 224) */
|
| 24 | 24 |
const EVP_MD *pmd; /* MD for parameter generation */
|
| 25 | 25 |
/* Keygen callback info */
|
| 26 | 26 |
int gentmp[2];
|
|
| 34 | 34 |
|
| 35 | 35 |
if (dctx == NULL)
|
| 36 | 36 |
return 0;
|
| 37 | |
dctx->nbits = 1024;
|
| 38 | |
dctx->qbits = 160;
|
|
37 |
dctx->nbits = 2048;
|
|
38 |
dctx->qbits = 224;
|
| 39 | 39 |
dctx->pmd = NULL;
|
| 40 | 40 |
dctx->md = NULL;
|
| 41 | 41 |
|
| 55 | 55 |
|
| 56 | 56 |
if (rctx == NULL)
|
| 57 | 57 |
return 0;
|
| 58 | |
rctx->nbits = 1024;
|
|
58 |
rctx->nbits = 2048;
|
| 59 | 59 |
rctx->primes = RSA_DEFAULT_PRIME_NUM;
|
| 60 | 60 |
if (pkey_ctx_is_pss(ctx))
|
| 61 | 61 |
rctx->pad_mode = RSA_PKCS1_PSS_PADDING;
|
| 117 | 117 |
|
| 118 | 118 |
=item B<rsa_keygen_bits:numbits>
|
| 119 | 119 |
|
| 120 | |
The number of bits in the generated key. If not specified 1024 is used.
|
|
120 |
The number of bits in the generated key. If not specified 2048 is used.
|
| 121 | 121 |
|
| 122 | 122 |
=item B<rsa_keygen_primes:numprimes>
|
| 123 | 123 |
|
|
| 184 | 184 |
|
| 185 | 185 |
=item B<dsa_paramgen_bits:numbits>
|
| 186 | 186 |
|
| 187 | |
The number of bits in the generated prime. If not specified 1024 is used.
|
|
187 |
The number of bits in the generated prime. If not specified 2048 is used.
|
| 188 | 188 |
|
| 189 | 189 |
=item B<dsa_paramgen_q_bits:numbits>
|
| 190 | 190 |
|
| 191 | 191 |
The number of bits in the q parameter. Must be one of 160, 224 or 256. If not
|
| 192 | |
specified 160 is used.
|
|
192 |
specified 224 is used.
|
| 193 | 193 |
|
| 194 | 194 |
=item B<dsa_paramgen_md:digest>
|
| 195 | 195 |
|
|
| 208 | 208 |
|
| 209 | 209 |
=item B<dh_paramgen_prime_len:numbits>
|
| 210 | 210 |
|
| 211 | |
The number of bits in the prime parameter B<p>. The default is 1024.
|
|
211 |
The number of bits in the prime parameter B<p>. The default is 2048.
|
| 212 | 212 |
|
| 213 | 213 |
=item B<dh_paramgen_subprime_len:numbits>
|
| 214 | 214 |
|