From 088a50b2fc66418294166b61f31925426b1a9c54 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt <jengelh@inai.de> Date: Mon, 15 Sep 2014 10:52:32 +0200 Subject: [PATCH 12/66] net/cert: increase default key length for newly-generated RSA keys Should we add something for chrome://settings, or just leave it as hidden as it was before? --- net/cert/x509_util.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: chromium-127.0.6533.88/net/cert/x509_util.cc =================================================================== --- chromium-127.0.6533.88.orig/net/cert/x509_util.cc +++ chromium-127.0.6533.88/net/cert/x509_util.cc @@ -304,7 +304,7 @@ bool GetTLSServerEndPointChannelBinding( } // RSA keys created by CreateKeyAndSelfSignedCert will be of this length. -static const uint16_t kRSAKeyLength = 1024; +static const uint16_t kRSAKeyLength = 2048; // Certificates made by CreateKeyAndSelfSignedCert will be signed using this // digest algorithm.