diff options
| -rw-r--r-- | doc/examples/vsnfd.prf | 1 | ||||
| -rw-r--r-- | g10/keygen.c | 9 |
2 files changed, 4 insertions, 6 deletions
diff --git a/doc/examples/vsnfd.prf b/doc/examples/vsnfd.prf index 2884fe71e..0c0ddd81e 100644 --- a/doc/examples/vsnfd.prf +++ b/doc/examples/vsnfd.prf @@ -6,7 +6,6 @@ [gpg] compliance de-vs -default-new-key-algo rsa3072/cert,sign+rsa3072/encr [gpgsm] compliance de-vs diff --git a/g10/keygen.c b/g10/keygen.c index e2eab87b1..471f52a5a 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -46,11 +46,10 @@ #include "../common/mbox-util.h" -/* The default algorithms. If you change them remember to change them - also in gpg.c:gpgconf_list. You should also check that the value +/* The default algorithms. You should also check that the value is inside the bounds enforced by ask_keysize and gen_xxx. See also get_keysize_range which encodes the allowed ranges. */ -#define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr" +#define DEFAULT_STD_KEY_PARAM "rsa3072/cert,sign+rsa3072/encr" #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" /* When generating keys using the streamlined key generation dialog, @@ -1653,7 +1652,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, if (nbits < 1024) { - nbits = 2048; + nbits = 3072; log_info (_("keysize invalid; using %u bits\n"), nbits ); } else if (nbits > maxsize) @@ -2264,7 +2263,7 @@ get_keysize_range (int algo, unsigned int *min, unsigned int *max) default: *min = opt.compliance == CO_DE_VS ? 2048: 1024; *max = 4096; - def = 2048; + def = 3072; break; } |