Commit 74ee3796 authored Apr 25, 2018 by Kurt Roeckx

Change the number of Miller-Rabin test for DSA generation to 64



This changes the security level from 100 to 128 bit.
We only have 1 define, this sets it to the highest level supported for
DSA, and needed for keys larger than 3072 bit.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
GH: #6075

parent 7c226dfc

CHANGES

+3 −0

Original line number	Diff line number	Diff line
		@@ -9,6 +9,9 @@

		Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]

		*) Increase the number of Miller-Rabin rounds for DSA key generating to 64.
		[Kurt Roeckx]

		*) The 'tsget' script is renamed to 'tsget.pl', to avoid confusion when
		moving between systems, and to avoid confusion when a Windows build is
		done with mingw vs with MSVC. For POSIX installs, there's still a

include/openssl/dsa.h

+5 −3

Original line number	Diff line number	Diff line
		@@ -141,10 +141,12 @@ int DSAparams_print_fp(FILE fp, const DSA x);
		int DSA_print_fp(FILE bp, const DSA x, int off);
		# endif

		# define DSS_prime_checks 50
		# define DSS_prime_checks 64
		/*
		* Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
		* Rabin-Miller
		* Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only
		* have one value here we set the number of checks to 64 which is the 128 bit
		* security level that is the highest level and valid for creating a 3072 bit
		* DSA key.
		*/
		# define DSA_is_prime(n, callback, cb_arg) \
		BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)