• From: Texas
  • Registered: 2020-08-17
  • Posts: 65

Topic: Question on Key Size.

Hello.

This article
https://www.wolfssl.com/strengthening-r … 2048-bits/
Says the new min is 2048...

And it applies to wc_MakeRsaKey()

Question:

Which version did that happen?

-and-

Is that part of the handshake, and even if the user has supplied a cert/key that is 1024, it will create the asymmetrical key of 2048?
-or-
Is this only for creating NEW cert/keys?
-or-
does this mean it will fail to load a certificate that was made with a 1024 bit key pair?

I ask because there are existing customers supplying certs that are 1024.  So a firmware update which contains the newer version would (or would not) break any stored key they have currently loaded into the device?

-Scott
<Code shown is not to scale>

Share

  • Registered: 2021-08-12
  • Posts: 131

Re: Question on Key Size.

Hi Scott,

That happened in the following pull request: https://github.com/wolfSSL/wolfssl/pull/7923 and that made it into wolfSSL Release 5.7.4 (Oct 24, 2024).  Note that the previous value was 1024 which would allow RSA-512 keys.  Now that it is set to 2048 is will no longer allow RSA-512 but will allow RSA-1024.  I understand if this is somewhat confusing.  Sorry about that.


This affects, both keys that are generated and loaded.  Note that you can override this default by defining RSA_MIN_SIZE yourself.

If you have further questions, please do send to support@wolfssl.com as I can see you are a commercial customer of wolfSSL.

Warm regards, Anthony

Share

  • From: Texas
  • Registered: 2020-08-17
  • Posts: 65

Re: Question on Key Size.

Andy,
I'll continue to post here since this isn't confidential material, and it will help others who are searching.
Also it's not a priority question.

So,

This affects, both keys that are generated and loaded

I'm asking only from the point of view of certificates that customers already have saved on a device.

So this means it would reject a cert that is created with a small key?  And fail a handshake?

Also, reject a cert that is loaded locally (as a server loads from storage) and/or sent to a client during a TLS handshake?

And I see it can also be updated with

wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits);

So if not already setting a size, this would be added updating to 5-7-4.

This RAS-512 = 1024 is a bit confusing... Is that explained in an RFC somewhere?

Lastly what is the ECC (elliptic) key size for?  It's not a certificate key.  Where is it used?

wolfSSL_CTX_SetMinEccKey_Sz(...)

I assume this is not certificate based, so updating to the next version having this restriction would not affect customer certificates already on the device?

Thanks.

-Scott
<Code shown is not to scale>

Share