aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-04-19 20:25:49 +0000
committerlloyd <[email protected]>2012-04-19 20:25:49 +0000
commit3d28b24668c59c70537d4cf842abfa61b800f539 (patch)
tree59296f30d6589288aee5015098cc5f1263c19d66 /src/tls
parent82246a67d00088e02137095af72d6104d76408dc (diff)
Put the implementation of Policy::dh_group in source so it's easier to
update. Increase DHE group size from 1536 to 2048 bits, which per NIST/ECRYPT should be good to 2030 or so.
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/tls_policy.cpp5
-rw-r--r--src/tls/tls_policy.h2
2 files changed, 6 insertions, 1 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp
index c42a6904c..1e019d33e 100644
--- a/src/tls/tls_policy.cpp
+++ b/src/tls/tls_policy.cpp
@@ -102,6 +102,11 @@ std::string Policy::choose_curve(const std::vector<std::string>& curve_names) co
return ""; // no shared curve
}
+virtual DL_Group Policy::dh_group() const
+ {
+ return DL_Group("modp/ietf/2048");
+ }
+
/*
* Return allowed compression algorithms
*/
diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h
index 288be62bd..c3a0fc29e 100644
--- a/src/tls/tls_policy.h
+++ b/src/tls/tls_policy.h
@@ -82,7 +82,7 @@ class BOTAN_DLL Policy
/**
* Return the group to use for ephemeral Diffie-Hellman key agreement
*/
- virtual DL_Group dh_group() const { return DL_Group("modp/ietf/1536"); }
+ virtual DL_Group dh_group() const;
/**
* If this function returns false, unknown SRP/PSK identifiers