projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
492bc35
)
DSA_generate_parameters_ex: use the old method for all small keys
author
Tomas Mraz
<tomas@openssl.org>
Tue, 30 Mar 2021 11:23:12 +0000
(13:23 +0200)
committer
Tomas Mraz
<tomas@openssl.org>
Thu, 1 Apr 2021 13:50:45 +0000
(15:50 +0200)
Fixes #14733
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14744)
crypto/dsa/dsa_gen.c
patch
|
blob
|
history
diff --git
a/crypto/dsa/dsa_gen.c
b/crypto/dsa/dsa_gen.c
index 3c46673984b9b503c5ab6c06bdc62ec880083a95..a450921412811e4caa260e42ebcebc29415149c0 100644
(file)
--- a/
crypto/dsa/dsa_gen.c
+++ b/
crypto/dsa/dsa_gen.c
@@
-58,7
+58,7
@@
int DSA_generate_parameters_ex(DSA *dsa, int bits,
return 0;
/* The old code used FIPS 186-2 DSA Parameter generation */
- if (bits <
= 1024 && seed_len =
= 20) {
+ if (bits <
2048 && seed_len <
= 20) {
if (!ossl_dsa_generate_ffc_parameters(dsa, DSA_PARAMGEN_TYPE_FIPS_186_2,
bits, 160, cb))
return 0;