From d72b516c29e21f07e2dac2612d9571614172a304 Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Tue, 23 Jan 2018 13:19:27 -0500 Subject: Make 2048-bit modulus default for DSA (GH #571) --- gfpcrypt.h | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) (limited to 'gfpcrypt.h') diff --git a/gfpcrypt.h b/gfpcrypt.h index 20ecd8d8..1b26a56b 100644 --- a/gfpcrypt.h +++ b/gfpcrypt.h @@ -628,9 +628,27 @@ struct DL_Keys_DSA /// \brief DSA signature scheme /// \tparam H HashTransformation derived class -/// \details The class is named DSA2 instead of DSA for backwards compatibility because DSA was a non-template class. -/// \sa DSA, as specified in FIPS 186-3 -/// \since Crypto++ 1.0 for DSA, Crypto++ 5.6.2 for DSA2 +/// \details The class is named DSA2 instead of DSA for backwards compatibility because +/// DSA was a non-template class. +/// \details DSA default method GenerateRandom uses a 2048-bit modulus and a 224-bit subgoup by default. +/// The modulus can be changed using the following code: +/// 
+///   DSA::PrivateKey privateKey;
+///   privateKey.GenerateRandomWithKeySize(prng, 2048);
+///
+/// \details The subgroup order can be changed using the following code: +/// 
+///   AlgorithmParameters params = MakeParameters
+///     (Name::ModulusSize(), 2048)
+///     (Name::SubgroupOrderSize(), 256);
+///
+///   DSA::PrivateKey privateKey;
+///   privateKey.GenerateRandom(prng, params);
+///
+/// \sa DSA, as specified in FIPS 186-3, +/// Digital Signature Algorithm on the wiki, and +/// NameValuePairs on the wiki. +/// \since Crypto++ 1.0 for DSA, Crypto++ 5.6.2 for DSA2, Crypto++ 6.1 for 2048-bit modulus. template class DSA2 : public DL_SS< DL_Keys_DSA, -- cgit v1.2.1