diff options
author | lloyd <[email protected]> | 2012-04-19 20:25:49 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-04-19 20:25:49 +0000 |
commit | 3d28b24668c59c70537d4cf842abfa61b800f539 (patch) | |
tree | 59296f30d6589288aee5015098cc5f1263c19d66 /src/tls | |
parent | 82246a67d00088e02137095af72d6104d76408dc (diff) |
Put the implementation of Policy::dh_group in source so it's easier to
update. Increase DHE group size from 1536 to 2048 bits, which per
NIST/ECRYPT should be good to 2030 or so.
Diffstat (limited to 'src/tls')
-rw-r--r-- | src/tls/tls_policy.cpp | 5 | ||||
-rw-r--r-- | src/tls/tls_policy.h | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index c42a6904c..1e019d33e 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -102,6 +102,11 @@ std::string Policy::choose_curve(const std::vector<std::string>& curve_names) co return ""; // no shared curve } +virtual DL_Group Policy::dh_group() const + { + return DL_Group("modp/ietf/2048"); + } + /* * Return allowed compression algorithms */ diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index 288be62bd..c3a0fc29e 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -82,7 +82,7 @@ class BOTAN_DLL Policy /** * Return the group to use for ephemeral Diffie-Hellman key agreement */ - virtual DL_Group dh_group() const { return DL_Group("modp/ietf/1536"); } + virtual DL_Group dh_group() const; /** * If this function returns false, unknown SRP/PSK identifiers |