From 78d8fb3d77cc0054229f951324f77610b91e0e9a Mon Sep 17 00:00:00 2001 From: Never Date: Mon, 13 Feb 2017 14:00:39 +0100 Subject: increase miller-rabin iterations for dsa primes (FIPS-186-4) --- src/lib/math/numbertheory/dsa_gen.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/math/numbertheory/dsa_gen.cpp b/src/lib/math/numbertheory/dsa_gen.cpp index 2f952356f..e8d620f4c 100644 --- a/src/lib/math/numbertheory/dsa_gen.cpp +++ b/src/lib/math/numbertheory/dsa_gen.cpp @@ -81,7 +81,7 @@ bool generate_dsa_primes(RandomNumberGenerator& rng, q.set_bit(qbits-1); q.set_bit(0); - if(!is_prime(q, rng)) + if(!is_prime(q, rng, 126)) return false; const size_t n = (pbits-1) / (HASH_SIZE * 8), @@ -107,7 +107,7 @@ bool generate_dsa_primes(RandomNumberGenerator& rng, p = X - (X % (2*q) - 1); - if(p.bits() == pbits && is_prime(p, rng)) + if(p.bits() == pbits && is_prime(p, rng, 126)) return true; } } -- cgit v1.2.3 From 31a360b4335d23b0e83aba23033d556b2188d013 Mon Sep 17 00:00:00 2001 From: Never Date: Mon, 13 Feb 2017 14:04:44 +0100 Subject: increase miller-rabin iterations for RSA strong check_key. We call is_prime with prob=128 during sampling and we should check with the same prob --- src/lib/pubkey/rsa/rsa.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib') diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp index 46192c558..1a287473a 100644 --- a/src/lib/pubkey/rsa/rsa.cpp +++ b/src/lib/pubkey/rsa/rsa.cpp @@ -167,7 +167,7 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const if(m_d1 != m_d % (m_p - 1) || m_d2 != m_d % (m_q - 1) || m_c != inverse_mod(m_q, m_p)) return false; - const size_t prob = (strong) ? 56 : 12; + const size_t prob = (strong) ? 128 : 12; if(!is_prime(m_p, rng, prob) || !is_prime(m_q, rng, prob)) return false; -- cgit v1.2.3