[protocol] Increases minimum and recommended RSA key size.

freelan-developers · Dec 20, 2018 · c710aa7 · c710aa7
1 parent 76cb76b
commit c710aa7
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/fscp.txt b/fscp.txt
@@ -112,7 +112,7 @@ Abstract
    satisfy the key usage requirements or if it doesn't support pre-shared key
    encryption.
 
-   The minimum RSA key size is 1024 bits. The RECOMMENDED RSA key size is 2048
+   The minimum RSA key size is 2048 bits. The RECOMMENDED RSA key size is 3072
    bits or higher, with an exponent of 2^16 + 1. A strict implementation MAY
    reject PRESENTATION messages with a low RSA key size.
 
@@ -501,7 +501,7 @@ Abstract
    The underlying hash algorithm is SHA256. The salt len for PSS is the size
    of the hash digest.
 
-   The minimum key size is 1024. The RECOMMENDED key size is 2048.
+   The minimum key size is 2048. The RECOMMENDED key size is 3072.
 
 3.3. Key derivation
 

diff --git a/libs/freelan/include/freelan/tools.hpp b/libs/freelan/include/freelan/tools.hpp
@@ -61,11 +61,11 @@ namespace freelan
 
 	/**
 	 * \brief Generate a private key.
-	 * \param size The size of the key. Defaults to 2048.
+	 * \param size The size of the key. Defaults to 3072.
 	 * \param prime A prime number to generate the key. Defaults to 17.
 	 * \return The private key.
 	 */
-	cryptoplus::pkey::pkey generate_private_key(unsigned int size = 2048, unsigned int prime = 17);
+	cryptoplus::pkey::pkey generate_private_key(unsigned int size = 3072, unsigned int prime = 17);
 
 	/**
 	 * \brief Generate a certificate request.