diff options
author | relyea%netscape.com <devnull@localhost> | 2003-11-07 03:36:33 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2003-11-07 03:36:33 +0000 |
commit | 9a798bb113b53227353dbd47a2542c300cd6abbf (patch) | |
tree | 5438bd9cfe922b6986f4d61ac01e47becb982034 | |
parent | 2efbae923ae4d278fb90c05742eaa1a7b75307dd (diff) | |
download | nss-hg-9a798bb113b53227353dbd47a2542c300cd6abbf.tar.gz |
Add defines for DH and RSA key limits
-rw-r--r-- | security/nss/lib/freebl/blapit.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h index af2867d5c..6ef924902 100644 --- a/security/nss/lib/freebl/blapit.h +++ b/security/nss/lib/freebl/blapit.h @@ -106,6 +106,16 @@ #define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048 /* + * these values come from the intial key size limits from the PKCS #11 + * module. They may be aribitarily adjusted to any value freebl supports + * RSA_MAX_MODULUS_BITS is not defined since there is only memory constraints + * on the largest RSA Modulus that PKCS #11 or freebl may support. + */ +#define RSA_MIN_MODULUS_BITS 128 +#define DH_MIN_P_BITS 128 +#define DH_MAX_P_BITS 1024 + +/* * The FIPS 186 algorithm for generating primes P and Q allows only 9 * distinct values for the length of P, and only one value for the * length of Q. |