diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2014-09-08 17:14:36 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2014-09-08 17:21:04 -0400 |
commit | 44e0c2bae4bfd87d770480902618dbccde84fd81 (patch) | |
tree | fec922dd02ccada0d46acea1710604171a5633d8 /apps/dhparam.c | |
parent | 5f855569c452262a8770ed822c7f98f5fac3e3d6 (diff) | |
download | openssl-44e0c2bae4bfd87d770480902618dbccde84fd81.tar.gz |
RT2626: Change default_bits from 1K to 2K
This is a more comprehensive fix. It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1. This is from
Kurt's upstream Debian changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Diffstat (limited to 'apps/dhparam.c')
-rw-r--r-- | apps/dhparam.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/dhparam.c b/apps/dhparam.c index f5d7126af7..606365e180 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -130,7 +130,7 @@ #undef PROG #define PROG dhparam_main -#define DEFBITS 512 +#define DEFBITS 2048 /* -inform arg - input format - default PEM (DER or PEM) * -outform arg - output format - default PEM @@ -253,7 +253,7 @@ bad: BIO_printf(bio_err," -C Output C code\n"); BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); - BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); + BIO_printf(bio_err," numbits number of bits in to generate (default 2048)\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); #endif |