diff --git a/crypto-utils.spec b/crypto-utils.spec index 500c960..0cf2874 100644 --- a/crypto-utils.spec +++ b/crypto-utils.spec @@ -4,7 +4,7 @@ Summary: SSL certificate and key management utilities Name: crypto-utils Version: 2.4.1 -Release: 44%{?dist} +Release: 45%{?dist} Group: Applications/System # certwatch.c is GPLv2 # pemutil.c etc are (MPLv1.1+ or GPLv2+ or LPGLv2+) @@ -135,6 +135,10 @@ chmod -R u+w $RPM_BUILD_ROOT %{perl_vendorarch}/auto/Crypt %changelog +* Wed Jan 22 2014 Joe Orton - 2.4.1-45 +- keyutil: use SHA1 as default hash in created certs (#921117) +- genkey: default to 2048 bit keysize (#986788) + * Fri Aug 9 2013 Joe Orton - 2.4.1-44 - fix License, fix debuginfo generation (#915705) diff --git a/genkey.pl b/genkey.pl index 195c096..909f5d1 100644 --- a/genkey.pl +++ b/genkey.pl @@ -526,8 +526,8 @@ EOT my $listbox = Newt::Listbox(5, 0); my $text = Newt::Textbox(70, 6, 0, $title); my @listitems = ("512 (insecure)", - "1024 (medium-grade, fast speed) [RECOMMENDED]", - "2048 (high-security, medium speed)", + "1024 (medium-grade, fast speed)", + "2048 (high-security, medium speed) [RECOMMENDED]", "4096 (paranoid-security, tortoise speed)", "Choose your own"); @@ -537,7 +537,7 @@ EOT $panel->Add(0, 1, $listbox, 0, 0, 1); $panel->Add(0, 2, NextBackCancelButton()); - Newt::newtListboxSetCurrent($listbox->{co}, 1); + Newt::newtListboxSetCurrent($listbox->{co}, 2); $panel->Draw(); diff --git a/keyutil.c b/keyutil.c index 1f50d40..e996c51 100644 --- a/keyutil.c +++ b/keyutil.c @@ -1522,7 +1522,7 @@ static int keyutil_main( keyutil_extns[ext_policyConstr] = PR_FALSE; keyutil_extns[ext_inhibitAnyPolicy] = PR_FALSE; - hashAlgTag = SEC_OID_MD5; + hashAlgTag = SEC_OID_SHA1; /* Make a cert request */ rv = CertReq(privkey, pubkey, rsaKey, hashAlgTag, subject,