TLS: Increase RSA keysize of autogen selfsign cert

author: Jeremy Harris <jgh146exb@wizmail.org> 2018-11-28 19:45:24 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2018-11-28 21:41:01 +0000
commit: 6aac3239b4ce9638c2c5647684dc4ff2a6afbb42 (patch)
tree: 26bd52d2d9ed2a04d5d50eabb6a39202c4460fb8 /src
parent: f94aac30115bc94f2a1c8e3536ad7d40e7e4f302 (diff)
2 files changed, 3 insertions, 3 deletions
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 3e7e8f932..25fe2f406 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -787,9 +787,9 @@ if ((rc = gnutls_x509_crt_init(&cert))) goto err;
 where = US"generating pkey";
 if ((rc = gnutls_x509_privkey_generate(pkey, GNUTLS_PK_RSA,
 #ifdef SUPPORT_PARAM_TO_PK_BITS
-	    gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_LOW),
+	    gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_MEDIUM),
 #else
-	    1024,
+	    2048,
 #endif
 	    0)))
   goto err;
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 3299c2046..cd11f65df 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1174,7 +1174,7 @@ if (!(x509 = X509_new()))
   goto err;
 
 where = US"generating pkey";
-if (!(rsa = rsa_callback(NULL, 0, 1024)))
+if (!(rsa = rsa_callback(NULL, 0, 2048)))
   goto err;
 
 where = US"assigning pkey";
author	Jeremy Harris <jgh146exb@wizmail.org>	2018-11-28 19:45:24 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2018-11-28 21:41:01 +0000
commit	6aac3239b4ce9638c2c5647684dc4ff2a6afbb42 (patch)
tree	26bd52d2d9ed2a04d5d50eabb6a39202c4460fb8 /src
parent	f94aac30115bc94f2a1c8e3536ad7d40e7e4f302 (diff)