/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
- OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER,
+ OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER, OPT_VERBOSE,
OPT_R_ENUM
} OPTION_CHOICE;
# ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif
+ {"verbose", OPT_VERBOSE, '-', "Verbose output"},
{NULL}
};
char *dsaparams = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o;
- int ret = 1, private = 0;
+ int ret = 1, private = 0, verbose = 0;
const BIGNUM *p = NULL;
prog = opt_init(argc, argv, gendsa_options);
if (!opt_cipher(opt_unknown(), &enc))
goto end;
break;
+ case OPT_VERBOSE:
+ verbose = 1;
+ break;
}
}
argc = opt_num_rest();
goto end2;
DSA_get0_pqg(dsa, &p, NULL, NULL);
- BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p));
+
+ if (BN_num_bits(p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+ BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit for DSA keys.\n"
+ " Your key size is %d! Larger key size may behave not as expected.\n",
+ OPENSSL_DSA_MAX_MODULUS_BITS, BN_num_bits(p));
+
+ if (verbose)
+ BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p));
if (!DSA_generate_key(dsa))
goto end;
projects / openssl.git / blobdiff