Commit b4b23d05 authored by Emilia Kasper's avatar Emilia Kasper
Browse files

RT 3854: Update apps/req 



Change the default keysize to 2048 bits, and the minimum to 512 bits.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(cherry picked from commit a7626557)
parent 10c639a8

CHANGES

+5 −1
Original line number Diff line number Diff line
@@ -4,7 +4,11 @@ 


 Changes between 1.0.2f and 1.0.2g [xx XXX xxxx]



  *)

  *) Change the req app to generate a 2048-bit RSA/DSA key by default,

     if no keysize is specified with default_bits. This fixes an

     omission in an earlier change that changed all RSA/DSA key generation

     apps to use 2048 bits by default.

     [Emilia Käsper]



 Changes between 1.0.2e and 1.0.2f [28 Jan 2016]

apps/req.c

+2 −2
Original line number Diff line number Diff line
@@ -101,8 +101,8 @@ 
#define STRING_MASK     "string_mask"

#define UTF8_IN         "utf8"



#define DEFAULT_KEY_LENGTH      512

#define MIN_KEY_LENGTH          384

#define DEFAULT_KEY_LENGTH      2048

#define MIN_KEY_LENGTH          512



#undef PROG

#define PROG    req_main

doc/apps/req.pod

+6 −3
Original line number Diff line number Diff line
@@ -347,9 +347,12 @@ configuration file values. 


=item B<default_bits>



This specifies the default key size in bits. If not specified then

512 is used. It is used if the B<-new> option is used. It can be

overridden by using the B<-newkey> option.

Specifies the default key size in bits.



This option is used in conjunction with the B<-new> option to generate

a new key. It can be overridden by specifying an explicit key size in

the B<-newkey> option. The smallest accepted key size is 512 bits. If

no key size is specified then 2048 bits is used.



=item B<default_keyfile>