On Wed, 1 Oct 2014, Stuart Henderson wrote: > On 2014/10/01 19:05, Joel Sing wrote: > > The following does this, however note that the default_bits of 1024 from > > openssl.cnf trumps the 2048 in the define... we probably should also stop > > making EVP_des_ede3_cbc() the default cipher... > > I think I prefer it this way (changing usr.bin/openssl rather than > the library) as there's less risk of impact in unpredictable areas.
Agreed, although I think it is probably worth considering both in the longer term. > How about this one? Looks good to me - ok jsing@ > Index: usr.bin/openssl/req.c > =================================================================== > RCS file: /cvs/src/usr.bin/openssl/req.c,v > retrieving revision 1.2 > diff -u -p -r1.2 req.c > --- usr.bin/openssl/req.c 28 Aug 2014 14:23:52 -0000 1.2 > +++ usr.bin/openssl/req.c 1 Oct 2014 09:51:37 -0000 > @@ -97,7 +97,7 @@ > #define STRING_MASK "string_mask" > #define UTF8_IN "utf8" > > -#define DEFAULT_KEY_LENGTH 512 > +#define DEFAULT_KEY_LENGTH 2048 > #define MIN_KEY_LENGTH 384 > > > @@ -184,9 +184,8 @@ req_main(int argc, char **argv) > unsigned long chtype = MBSTRING_ASC; > > req_conf = NULL; > -#ifndef OPENSSL_NO_DES > - cipher = EVP_des_ede3_cbc(); > -#endif > + cipher = EVP_aes_256_cbc(); > + digest = EVP_sha256(); > > infile = NULL; > outfile = NULL; > > Index: lib/libcrypto/openssl.cnf > =================================================================== > RCS file: /cvs/src/lib/libcrypto/openssl.cnf,v > retrieving revision 1.1 > diff -u -p -r1.1 openssl.cnf > --- lib/libcrypto/openssl.cnf 11 Apr 2014 22:51:53 -0000 1.1 > +++ lib/libcrypto/openssl.cnf 1 Oct 2014 09:51:36 -0000 > @@ -1,41 +1,20 @@ > -# > -# OpenSSL example configuration file. > -# This is mostly being used for generation of certificate requests. > -# > - > -RANDFILE = /dev/arandom > - > -#################################################################### > [ req ] > -default_bits = 1024 > -default_keyfile = privkey.pem > +#default_bits = 2048 > +#default_md = sha256 > +#default_keyfile = privkey.pem > distinguished_name = req_distinguished_name > attributes = req_attributes > > [ req_distinguished_name ] > countryName = Country Name (2 letter code) > -#countryName_default = AU > countryName_min = 2 > countryName_max = 2 > - > stateOrProvinceName = State or Province Name (full name) > -#stateOrProvinceName_default = Some-State > - > localityName = Locality Name (eg, city) > - > 0.organizationName = Organization Name (eg, company) > -#0.organizationName_default = Internet Widgits Pty Ltd > - > -# we can do this but it is not needed normally :-) > -#1.organizationName = Second Organization Name (eg, company) > -#1.organizationName_default = CryptSoft Pty Ltd > - > organizationalUnitName = Organizational Unit Name (eg, section) > -#organizationalUnitName_default = > - > commonName = Common Name (eg, fully qualified host name) > commonName_max = 64 > - > emailAddress = Email Address > emailAddress_max = 64 > > @@ -43,23 +22,3 @@ emailAddress_max = 64 > challengePassword = A challenge password > challengePassword_min = 4 > challengePassword_max = 20 > - > -unstructuredName = An optional company name > - > -[ x509v3_extensions ] > - > -nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem > -nsComment = "This is a comment" > - > -# under ASN.1, the 0 bit would be encoded as 80 > -nsCertType = 0x40 > - > -#nsBaseUrl > -#nsRevocationUrl > -#nsRenewalUrl > -#nsCaPolicyUrl > -#nsSslServerName > -#nsCertSequence > -#nsCertExt > -#nsDataType > - > Index: usr.bin/openssl/openssl.1 > =================================================================== > RCS file: /cvs/src/usr.bin/openssl/openssl.1,v > retrieving revision 1.3 > diff -u -p -r1.3 openssl.1 > --- usr.bin/openssl/openssl.1 16 Sep 2014 16:05:44 -0000 1.3 > +++ usr.bin/openssl/openssl.1 1 Oct 2014 09:51:37 -0000 > @@ -5583,7 +5583,7 @@ This gives the > to write the newly created private key to. > If this option is not specified, the filename present in the > configuration file is used. > -.It Fl md4 | md5 | sha1 > +.It Fl md5 | sha1 | sha256 > This specifies the message digest to sign the request with. > This overrides the digest algorithm specified in the configuration file. > .Pp > @@ -5774,7 +5774,7 @@ They are currently ignored by > request signing utilities, but some CAs might want them. > .It Ar default_bits > This specifies the default key size in bits. > -If not specified, 512 is used. > +If not specified, 2048 is used. > It is used if the > .Fl new > option is used. > @@ -5790,10 +5790,11 @@ option. > .It Ar default_md > This option specifies the digest algorithm to use. > Possible values include > -.Ar md5 > +.Ar md5 , > +.Ar sha1 > and > -.Ar sha1 . > -If not present, MD5 is used. > +.Ar sha256 . > +If not present, SHA256 is used. > This option can be overridden on the command line. > .It Ar distinguished_name > This specifies the section containing the distinguished name fields to -- "Action without study is fatal. Study without action is futile." -- Mary Ritter Beard
