From 44e0c2bae4bfd87d770480902618dbccde84fd81 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Mon, 8 Sep 2014 17:14:36 -0400 Subject: RT2626: Change default_bits from 1K to 2K This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: Rich Salz Reviewed-by: Kurt Roeckx --- apps/dhparam.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apps/dhparam.c') diff --git a/apps/dhparam.c b/apps/dhparam.c index f5d7126af7..606365e180 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -130,7 +130,7 @@ #undef PROG #define PROG dhparam_main -#define DEFBITS 512 +#define DEFBITS 2048 /* -inform arg - input format - default PEM (DER or PEM) * -outform arg - output format - default PEM @@ -253,7 +253,7 @@ bad: BIO_printf(bio_err," -C Output C code\n"); BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); - BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); + BIO_printf(bio_err," numbits number of bits in to generate (default 2048)\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); #endif -- cgit v1.2.3