WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.

Commit b4b23d05 authored Feb 02, 2016 by Emilia Kasper

RT 3854: Update apps/req



Change the default keysize to 2048 bits, and the minimum to 512 bits.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a7626557)

parent 10c639a8

CHANGES

+5 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,11 @@

		Changes between 1.0.2f and 1.0.2g [xx XXX xxxx]

		*)
		*) Change the req app to generate a 2048-bit RSA/DSA key by default,
		if no keysize is specified with default_bits. This fixes an
		omission in an earlier change that changed all RSA/DSA key generation
		apps to use 2048 bits by default.
		[Emilia Käsper]

		Changes between 1.0.2e and 1.0.2f [28 Jan 2016]

apps/req.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -101,8 +101,8 @@
		#define STRING_MASK "string_mask"
		#define UTF8_IN "utf8"

		#define DEFAULT_KEY_LENGTH 512
		#define MIN_KEY_LENGTH 384
		#define DEFAULT_KEY_LENGTH 2048
		#define MIN_KEY_LENGTH 512

		#undef PROG
		#define PROG req_main

doc/apps/req.pod

+6 −3

Original line number	Diff line number	Diff line
		@@ -347,9 +347,12 @@ configuration file values.

		=item B<default_bits>

		This specifies the default key size in bits. If not specified then
		512 is used. It is used if the B<-new> option is used. It can be
		overridden by using the B<-newkey> option.
		Specifies the default key size in bits.

		This option is used in conjunction with the B<-new> option to generate
		a new key. It can be overridden by specifying an explicit key size in
		the B<-newkey> option. The smallest accepted key size is 512 bits. If
		no key size is specified then 2048 bits is used.

		=item B<default_keyfile>