Change the number of Miller-Rabin test for DSA generation to 64

This changes the security level from 100 to 128 bit. We only have 1 define, this sets it to the highest level supported for DSA, and needed for keys larger than 3072 bit. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #6075 (cherry picked from commit 74ee379651fb2bb12c6f7eb9fa10e70be89ac7c8)
author: Kurt Roeckx <kurt@roeckx.be> 2018-04-25 21:47:20 +0200
committer: Kurt Roeckx <kurt@roeckx.be> 2018-07-26 06:29:20 +0200
commit: acaa6ae936194362cb8011a2c145eb87aae1d1fa (patch)
tree: 241e7081933dd99ce838aae7ecaa19a32b2c850a /include
parent: e18da726ed60b502f19fa35fca20201759f371d9 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index e75c839e89..3bd5f1709a 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -146,10 +146,12 @@ int DSAparams_print_fp(FILE *fp, const DSA *x);
 int DSA_print_fp(FILE *bp, const DSA *x, int off);
 # endif
 
-# define DSS_prime_checks 50
+# define DSS_prime_checks 64
 /*
- * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
- * Rabin-Miller
+ * Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only
+ * have one value here we set the number of checks to 64 which is the 128 bit
+ * security level that is the highest level and valid for creating a 3072 bit
+ * DSA key.
  */
 # define DSA_is_prime(n, callback, cb_arg) \
         BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
author	Kurt Roeckx <kurt@roeckx.be>	2018-04-25 21:47:20 +0200
committer	Kurt Roeckx <kurt@roeckx.be>	2018-07-26 06:29:20 +0200
commit	acaa6ae936194362cb8011a2c145eb87aae1d1fa (patch)
tree	241e7081933dd99ce838aae7ecaa19a32b2c850a /include
parent	e18da726ed60b502f19fa35fca20201759f371d9 (diff)