DSA and RSA key sizes should be configurable, and should have higher default values. (OF-377)

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11782 b35dd754-fafc-0310-a699-88a17e54d16e

DSA and RSA key sizes should be configurable, and should have higher default values. (OF-377)
git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11782 b35dd754-fafc-0310-a699-88a17e54d16e
eb10cb16 · guus · 4908903b · eb10cb16
Commit eb10cb16 authored Jul 27, 2010 by guus
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

CertificateManager.java src/java/org/jivesoftware/util/CertificateManager.java +2 -2

No files found.
--- a/src/java/org/jivesoftware/util/CertificateManager.java
+++ b/src/java/org/jivesoftware/util/CertificateManager.java
@@ -123,7 +123,7 @@ public class CertificateManager {
                                                String subjectDN, String domain)
            throws GeneralSecurityException, IOException {
        // Generate public and private keys
-        KeyPair keyPair = generateKeyPair("DSA", 1024);
+        KeyPair keyPair = generateKeyPair("DSA", JiveGlobals.getIntProperty("cert.dsa.keysize", 1024));
        // Create X509 certificate with keys and specified domain
        X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1withDSA");
        // Store new certificate and private key in the keystore
@@ -161,7 +161,7 @@ public class CertificateManager {
                                                String subjectDN, String domain)
            throws GeneralSecurityException, IOException {
        // Generate public and private keys
-        KeyPair keyPair = generateKeyPair("RSA", 1024);
+        KeyPair keyPair = generateKeyPair("RSA", JiveGlobals.getIntProperty("cert.rsa.keysize", 2048));
        // Create X509 certificate with keys and specified domain
        X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1WITHRSAENCRYPTION");
        // Store new certificate and private key in the keystore