[Botan-devel] DSA p-bits check
lloyd at randombit.net
Fri May 28 09:57:12 EDT 2010
On Fri, May 28, 2010 at 03:43:10PM +0200, Rickard Bellgrim wrote:
> Shouldn't line 75 in dl_group.cpp be like this:
> qbits = qbits ? qbits : ((pbits <= 1024) ? 160 : 256);
> and not
> qbits = qbits ? qbits : ((pbits == 1024) ? 160 : 256);
> Otherwise you cannot use pbits = 512 or 768, because fips186_3_valid_size() will return false.
Yes you're right. Fixed.
In the meantime, you can work around this by explicitly specifying
qbits to be the right size.
(Also I can't say using 768 bit DSA keys is a very good idea anymore)
More information about the botan-devel