diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-09-19 06:50:45 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-09-21 14:18:01 +0200 |
| commit | 65289276ab11a8768a1f1eaabadbd0c51ce38fae (patch) | |
| tree | e543a71ac0dd6ac6ebecb12a4010748e64ab65ad | |
| parent | c7b3e268e863f6a0f91d735ab5c4b7f0c87d5ac7 (diff) | |
| download | gnutls-65289276ab11a8768a1f1eaabadbd0c51ce38fae.tar.gz | |
certtool: switched the default level to HIGH for key generation
That requires 3072 bits for RSA and DSA keys.
| -rw-r--r-- | src/certtool-common.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/certtool-common.c b/src/certtool-common.c index e092ef20b6..cbf4876db9 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -697,10 +697,7 @@ get_bits(gnutls_pk_algorithm_t key_type, int info_bits, } else { if (info_sec_param == 0) { /* For ECDSA keys use 256 bits or better, as they are widely supported */ - if (key_type == GNUTLS_PK_EC) - info_sec_param = "HIGH"; - else - info_sec_param = "MEDIUM"; + info_sec_param = "HIGH"; } bits = gnutls_sec_param_to_pk_bits(key_type, |