Add defines for DH and RSA key limits

author: relyea%netscape.com <devnull@localhost> 2003-11-07 03:36:33 +0000
committer: relyea%netscape.com <devnull@localhost> 2003-11-07 03:36:33 +0000
commit: 9a798bb113b53227353dbd47a2542c300cd6abbf (patch)
tree: 5438bd9cfe922b6986f4d61ac01e47becb982034
parent: 2efbae923ae4d278fb90c05742eaa1a7b75307dd (diff)
download: nss-hg-9a798bb113b53227353dbd47a2542c300cd6abbf.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h
index af2867d5c..6ef924902 100644
--- a/security/nss/lib/freebl/blapit.h
+++ b/security/nss/lib/freebl/blapit.h
@@ -106,6 +106,16 @@
 #define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
 
 /*
+ * these values come from the intial key size limits from the PKCS #11
+ * module. They may be aribitarily adjusted to any value freebl supports
+ * RSA_MAX_MODULUS_BITS is not defined since there is only memory constraints
+ * on the largest RSA Modulus that PKCS #11 or freebl may support.
+ */
+#define RSA_MIN_MODULUS_BITS   128
+#define DH_MIN_P_BITS	       128
+#define DH_MAX_P_BITS         1024
+
+/*
  * The FIPS 186 algorithm for generating primes P and Q allows only 9
  * distinct values for the length of P, and only one value for the
  * length of Q.
author	relyea%netscape.com <devnull@localhost>	2003-11-07 03:36:33 +0000
committer	relyea%netscape.com <devnull@localhost>	2003-11-07 03:36:33 +0000
commit	9a798bb113b53227353dbd47a2542c300cd6abbf (patch)
tree	5438bd9cfe922b6986f4d61ac01e47becb982034
parent	2efbae923ae4d278fb90c05742eaa1a7b75307dd (diff)
download	nss-hg-9a798bb113b53227353dbd47a2542c300cd6abbf.tar.gz