X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=include%2Fopenssl%2Fdsa.h;h=822eff347a293abf4c1291ab7c4d76850495bb68;hb=d4f4fcabec16933bbd6572e17ba272a0e2852749;hp=e1be0ad82ec2d272add2ba3f61e8326b2d39b9d6;hpb=e6f35b5768d8810644f1f2cc9ca8294d97688343;p=oweals%2Fopenssl.git

diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index e1be0ad82e..822eff347a 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -99,7 +99,7 @@ int DSA_size(const DSA *);
 int DSA_bits(const DSA *d);
 int DSA_security_bits(const DSA *d);
         /* next 4 return -1 on error */
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
+DEPRECATEDIN_1_2_0(int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp))
 int DSA_sign(int type, const unsigned char *dgst, int dlen,
              unsigned char *sig, unsigned int *siglen, DSA *dsa);
 int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
@@ -141,10 +141,12 @@ int DSAparams_print_fp(FILE *fp, const DSA *x);
 int DSA_print_fp(FILE *bp, const DSA *x, int off);
 # endif
 
-# define DSS_prime_checks 50
+# define DSS_prime_checks 64
 /*
- * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
- * Rabin-Miller
+ * Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only
+ * have one value here we set the number of checks to 64 which is the 128 bit
+ * security level that is the highest level and valid for creating a 3072 bit
+ * DSA key.
  */
 # define DSA_is_prime(n, callback, cb_arg) \
         BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)