From 74ee379651fb2bb12c6f7eb9fa10e70be89ac7c8 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Wed, 25 Apr 2018 21:47:20 +0200 Subject: [PATCH] Change the number of Miller-Rabin test for DSA generation to 64 This changes the security level from 100 to 128 bit. We only have 1 define, this sets it to the highest level supported for DSA, and needed for keys larger than 3072 bit. Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre Reviewed-by: Paul Dale GH: #6075 --- CHANGES | 3 +++ include/openssl/dsa.h | 8 +++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 3cf312a98f..d6f0c94bd4 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,9 @@ Changes between 1.1.0h and 1.1.1 [xx XXX xxxx] + *) Increase the number of Miller-Rabin rounds for DSA key generating to 64. + [Kurt Roeckx] + *) The 'tsget' script is renamed to 'tsget.pl', to avoid confusion when moving between systems, and to avoid confusion when a Windows build is done with mingw vs with MSVC. For POSIX installs, there's still a diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index f347f71421..822eff347a 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -141,10 +141,12 @@ int DSAparams_print_fp(FILE *fp, const DSA *x); int DSA_print_fp(FILE *bp, const DSA *x, int off); # endif -# define DSS_prime_checks 50 +# define DSS_prime_checks 64 /* - * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of - * Rabin-Miller + * Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only + * have one value here we set the number of checks to 64 which is the 128 bit + * security level that is the highest level and valid for creating a 3072 bit + * DSA key. */ # define DSA_is_prime(n, callback, cb_arg) \ BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg) -- 2.25.1