From 9420c525db20719682ea4aeca41e7af058309ecb Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 7 Sep 2017 18:41:10 -0400 Subject: gpg: default to 3072-bit RSA keys. * agent/command.c (hlp_genkey): update help text to suggest the use of 3072 bits. * doc/wks.texi: Make example match default generation. * g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment, (gen_rsa, get_keysize_range): update default from 2048 to 3072). * g10/keyid.c (pubkey_string): update comment so that first example is the default 3072-bit RSA. -- 3072-bit RSA is widely considered to be 128-bit-equivalent security. This is a sensible default in 2017. Signed-off-by: Daniel Kahn Gillmor (cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c) Gbp-Pq: Topic from-master Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch --- agent/command.c | 2 +- doc/wks.texi | 4 ++-- g10/keygen.c | 9 ++++----- g10/keyid.c | 4 ++-- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/agent/command.c b/agent/command.c index c24fc80fd..72b597318 100644 --- a/agent/command.c +++ b/agent/command.c @@ -843,7 +843,7 @@ static const char hlp_genkey[] = "\n" " C: GENKEY\n" " S: INQUIRE KEYPARAM\n" - " C: D (genkey (rsa (nbits 2048)))\n" + " C: D (genkey (rsa (nbits 3072)))\n" " C: END\n" " S: D (public-key\n" " S: D (rsa (n 326487324683264) (e 10001)))\n" diff --git a/doc/wks.texi b/doc/wks.texi index 119e31ca9..ae6c310fa 100644 --- a/doc/wks.texi +++ b/doc/wks.texi @@ -412,10 +412,10 @@ the submission address: The output of the last command looks similar to this: @example - sec rsa2048 2016-08-30 [SC] + sec rsa3072 2016-08-30 [SC] C0FCF8642D830C53246211400346653590B3795B uid [ultimate] key-submission@@example.net - ssb rsa2048 2016-08-30 [E] + ssb rsa3072 2016-08-30 [E] @end example Take the fingerprint from that output and manually publish the key: diff --git a/g10/keygen.c b/g10/keygen.c index 6042226e2..aa45ff385 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -46,11 +46,10 @@ #include "../common/mbox-util.h" -/* The default algorithms. If you change them remember to change them - also in gpg.c:gpgconf_list. You should also check that the value +/* The default algorithms. If you change them, you should ensure the value is inside the bounds enforced by ask_keysize and gen_xxx. See also get_keysize_range which encodes the allowed ranges. */ -#define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr" +#define DEFAULT_STD_KEY_PARAM "rsa3072/cert,sign+rsa3072/encr" #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" /* When generating keys using the streamlined key generation dialog, @@ -1652,7 +1651,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, if (nbits < 1024) { - nbits = 2048; + nbits = 3072; log_info (_("keysize invalid; using %u bits\n"), nbits ); } else if (nbits > maxsize) @@ -2121,7 +2120,7 @@ get_keysize_range (int algo, unsigned int *min, unsigned int *max) default: *min = opt.compliance == CO_DE_VS ? 2048: 1024; *max = 4096; - def = 2048; + def = 3072; break; } diff --git a/g10/keyid.c b/g10/keyid.c index 5b868cd9c..af9be0761 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -73,7 +73,7 @@ pubkey_letter( int algo ) is copied to the supplied buffer up a length of BUFSIZE-1. Examples for the output are: - "rsa2048" - RSA with 2048 bit + "rsa3072" - RSA with 3072 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". @@ -83,7 +83,7 @@ pubkey_letter( int algo ) If the option --legacy-list-mode is active, the output use the legacy format: - "2048R" - RSA with 2048 bit + "3072R" - RSA with 3072 bit "1024g" - Elgamal with 1024 bit "256E" - ECDSA using a curve with 256 bit -- cgit v1.2.3