diff options
Diffstat (limited to 'patches/openssl-1.0.1j/0013-Change-default-bit-size-and-digest.patch')
-rw-r--r-- | patches/openssl-1.0.1j/0013-Change-default-bit-size-and-digest.patch | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/patches/openssl-1.0.1j/0013-Change-default-bit-size-and-digest.patch b/patches/openssl-1.0.1j/0013-Change-default-bit-size-and-digest.patch new file mode 100644 index 000000000..7c8a6bc53 --- /dev/null +++ b/patches/openssl-1.0.1j/0013-Change-default-bit-size-and-digest.patch @@ -0,0 +1,131 @@ +From: Kurt Roeckx <kurt@roeckx.be> +Date: Fri, 1 Nov 2013 20:47:14 +0100 +Subject: [PATCH] Change default bit size and digest + +Imported from openssl_1.0.1j-1.debian.tar.xz + +Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de> +--- + apps/dhparam.c | 4 ++-- + apps/gendh.c | 2 +- + apps/genrsa.c | 2 +- + apps/openssl.cnf | 2 +- + crypto/dsa/dsa_ameth.c | 2 +- + crypto/ec/ec_ameth.c | 2 +- + crypto/hmac/hm_ameth.c | 2 +- + crypto/rsa/rsa_ameth.c | 2 +- + 8 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/apps/dhparam.c b/apps/dhparam.c +index 1297d6fb5ec9..b0c05befc8bb 100644 +--- a/apps/dhparam.c ++++ b/apps/dhparam.c +@@ -130,7 +130,7 @@ + #undef PROG + #define PROG dhparam_main + +-#define DEFBITS 512 ++#define DEFBITS 2048 + + /* -inform arg - input format - default PEM (DER or PEM) + * -outform arg - output format - default PEM +@@ -253,7 +253,7 @@ bad: + BIO_printf(bio_err," -C Output C code\n"); + BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); + BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); +- BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); ++ BIO_printf(bio_err," numbits number of bits in to generate (default 2048)\n"); + #ifndef OPENSSL_NO_ENGINE + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); + #endif +diff --git a/apps/gendh.c b/apps/gendh.c +index 4ec776ba9399..8df8c62f8aa3 100644 +--- a/apps/gendh.c ++++ b/apps/gendh.c +@@ -78,7 +78,7 @@ + #include <openssl/x509.h> + #include <openssl/pem.h> + +-#define DEFBITS 512 ++#define DEFBITS 2048 + #undef PROG + #define PROG gendh_main + +diff --git a/apps/genrsa.c b/apps/genrsa.c +index ece114c876a6..7a8c6c58ad62 100644 +--- a/apps/genrsa.c ++++ b/apps/genrsa.c +@@ -78,7 +78,7 @@ + #include <openssl/pem.h> + #include <openssl/rand.h> + +-#define DEFBITS 1024 ++#define DEFBITS 2048 + #undef PROG + #define PROG genrsa_main + +diff --git a/apps/openssl.cnf b/apps/openssl.cnf +index 18760c6e673d..1eb86c401263 100644 +--- a/apps/openssl.cnf ++++ b/apps/openssl.cnf +@@ -103,7 +103,7 @@ emailAddress = optional + + #################################################################### + [ req ] +-default_bits = 1024 ++default_bits = 2048 + default_keyfile = privkey.pem + distinguished_name = req_distinguished_name + attributes = req_attributes +diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c +index 5af76eade59a..0a7520221690 100644 +--- a/crypto/dsa/dsa_ameth.c ++++ b/crypto/dsa/dsa_ameth.c +@@ -634,7 +634,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) + #endif + + case ASN1_PKEY_CTRL_DEFAULT_MD_NID: +- *(int *)arg2 = NID_sha1; ++ *(int *)arg2 = NID_sha256; + return 2; + + default: +diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c +index 11283769b939..6b24725db608 100644 +--- a/crypto/ec/ec_ameth.c ++++ b/crypto/ec/ec_ameth.c +@@ -618,7 +618,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) + #endif + + case ASN1_PKEY_CTRL_DEFAULT_MD_NID: +- *(int *)arg2 = NID_sha1; ++ *(int *)arg2 = NID_sha256; + return 2; + + default: +diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c +index e03f24aedab9..9fe6505bd5a0 100644 +--- a/crypto/hmac/hm_ameth.c ++++ b/crypto/hmac/hm_ameth.c +@@ -89,7 +89,7 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) + switch (op) + { + case ASN1_PKEY_CTRL_DEFAULT_MD_NID: +- *(int *)arg2 = NID_sha1; ++ *(int *)arg2 = NID_sha256; + return 1; + + default: +diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c +index 4c8ecd9233e1..92cc15c2c730 100644 +--- a/crypto/rsa/rsa_ameth.c ++++ b/crypto/rsa/rsa_ameth.c +@@ -435,7 +435,7 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) + #endif + + case ASN1_PKEY_CTRL_DEFAULT_MD_NID: +- *(int *)arg2 = NID_sha1; ++ *(int *)arg2 = NID_sha256; + return 1; + + default: |