Change default RSA, DSA and DH size to 2048 bit

Fixes: #8737 Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #8741 (cherry picked from commit 70b0b977f73cd70e17538af3095d18e0cf59132e)
author: Kurt Roeckx <kurt@roeckx.be> 2019-04-13 12:32:48 +0200
committer: Kurt Roeckx <kurt@roeckx.be> 2019-05-21 16:47:13 +0200
commit: 408cb4c88875e70dcb6acfceb8e1a74714e26be4 (patch)
tree: c907231bcdb1bf7018cc0f17845ab58db51d0287 /crypto/dsa
parent: 3ae3c38825d16fc1fb68abed1fa65975c0e73377 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index b4ee5a7571..dedbe5eb2e 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -20,8 +20,8 @@
 
 typedef struct {
     /* Parameter gen parameters */
-    int nbits;                  /* size of p in bits (default: 1024) */
-    int qbits;                  /* size of q in bits (default: 160) */
+    int nbits;                  /* size of p in bits (default: 2048) */
+    int qbits;                  /* size of q in bits (default: 224) */
     const EVP_MD *pmd;          /* MD for parameter generation */
     /* Keygen callback info */
     int gentmp[2];
@@ -35,8 +35,8 @@ static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
 
     if (dctx == NULL)
         return 0;
-    dctx->nbits = 1024;
-    dctx->qbits = 160;
+    dctx->nbits = 2048;
+    dctx->qbits = 224;
     dctx->pmd = NULL;
     dctx->md = NULL;
author	Kurt Roeckx <kurt@roeckx.be>	2019-04-13 12:32:48 +0200
committer	Kurt Roeckx <kurt@roeckx.be>	2019-05-21 16:47:13 +0200
commit	408cb4c88875e70dcb6acfceb8e1a74714e26be4 (patch)
tree	c907231bcdb1bf7018cc0f17845ab58db51d0287 /crypto/dsa
parent	3ae3c38825d16fc1fb68abed1fa65975c0e73377 (diff)