[openssl-commits] [openssl] master update
Emilia Kasper
emilia at openssl.org
Fri Feb 12 13:14:41 UTC 2016
The branch master has been updated
via a76265574398944d686d2d0de9bacca162f555ca (commit)
from 04f171c09624cd2e9c00152a30cb22637c694ac1 (commit)
- Log -----------------------------------------------------------------
commit a76265574398944d686d2d0de9bacca162f555ca
Author: Emilia Kasper <emilia at openssl.org>
Date: Tue Feb 2 17:12:45 2016 +0100
RT 3854: Update apps/req
Change the default keysize to 2048 bits, and the minimum to 512 bits.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/req.c | 4 ++--
doc/apps/req.pod | 9 ++++++---
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/apps/req.c b/apps/req.c
index 3ced170..66bcabc 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -89,8 +89,8 @@
#define STRING_MASK "string_mask"
#define UTF8_IN "utf8"
-#define DEFAULT_KEY_LENGTH 512
-#define MIN_KEY_LENGTH 384
+#define DEFAULT_KEY_LENGTH 2048
+#define MIN_KEY_LENGTH 512
static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *dn, int mutlirdn,
int attribs, unsigned long chtype);
diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index 9593dec..12a0687 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -324,9 +324,12 @@ configuration file values.
=item B<default_bits>
-This specifies the default key size in bits. If not specified then
-512 is used. It is used if the B<-new> option is used. It can be
-overridden by using the B<-newkey> option.
+Specifies the default key size in bits.
+
+This option is used in conjunction with the B<-new> option to generate
+a new key. It can be overridden by specifying an explicit key size in
+the B<-newkey> option. The smallest accepted key size is 512 bits. If
+no key size is specified then 2048 bits is used.
=item B<default_keyfile>
More information about the openssl-commits
mailing list