| version 1.326, 2019/01/23 04:51:02 |
version 1.329, 2019/03/25 16:19:44 |
|
|
| # define DEFAULT_KEY_TYPE_NAME "ed25519" |
# define DEFAULT_KEY_TYPE_NAME "ed25519" |
| #endif |
#endif |
| |
|
| /* Number of bits in the RSA/DSA key. This value can be set on the command line. */ |
/* |
| #define DEFAULT_BITS 2048 |
* Default number of bits in the RSA, DSA and ECDSA keys. These value can be |
| |
* overridden on the command line. |
| |
* |
| |
* These values, with the exception of DSA, provide security equivalent to at |
| |
* least 128 bits of security according to NIST Special Publication 800-57: |
| |
* Recommendation for Key Management Part 1 rev 4 section 5.6.1. |
| |
* For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for |
| |
* which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only |
| |
* SHA1 we limit the DSA key size 1k bits. |
| |
*/ |
| |
#define DEFAULT_BITS 3072 |
| #define DEFAULT_BITS_DSA 1024 |
#define DEFAULT_BITS_DSA 1024 |
| #define DEFAULT_BITS_ECDSA 256 |
#define DEFAULT_BITS_ECDSA 256 |
| |
|
|
|
| fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; |
fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; |
| rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; |
| |
|
| pkcs11_init(0); |
pkcs11_init(1); |
| nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); |
nkeys = pkcs11_add_provider(pkcs11provider, NULL, &keys); |
| if (nkeys <= 0) |
if (nkeys <= 0) |
| fatal("cannot read public key from pkcs11"); |
fatal("cannot read public key from pkcs11"); |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh