diff options
| author | jakemas <jakemas@amazon.com> | 2021-09-13 14:45:13 +0100 |
|---|---|---|
| committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2021-09-13 15:42:36 +0000 |
| commit | 019cc625bd5ea80174a5ab7b2528e8953563dd0d (patch) | |
| tree | 073e7f7d4f082428a03178cefd9697a1dd9e0bd1 /include | |
| parent | 0446b59427f82d0138abe87fee05b10c696ab621 (diff) | |
| download | boringssl-019cc625bd5ea80174a5ab7b2528e8953563dd0d.zip boringssl-019cc625bd5ea80174a5ab7b2528e8953563dd0d.tar.gz boringssl-019cc625bd5ea80174a5ab7b2528e8953563dd0d.tar.bz2 | |
Fix BN_prime_checks_for_validation to align with false-positive rate.
This doesn't affect RSA key generation, which uses
BN_prime_checks_for_generation.
Change-Id: Ibf32c0c4bc9fed369e8f8a1efea72c5bd39185a9
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49426
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/bn.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/include/openssl/bn.h b/include/openssl/bn.h index 295ca62..5ca8b85 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -687,9 +687,9 @@ OPENSSL_EXPORT int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, // BN_prime_checks_for_validation can be used as the |checks| argument to the // primarily testing functions when validating an externally-supplied candidate // prime. It gives a false positive rate of at most 2^{-128}. (The worst case -// false positive rate for a single iteration is 1/4, so we perform 32 -// iterations.) -#define BN_prime_checks_for_validation 32 +// false positive rate for a single iteration is 1/4 per +// https://eprint.iacr.org/2018/749. (1/4)^64 = 2^{-128}.) +#define BN_prime_checks_for_validation 64 // BN_prime_checks_for_generation can be used as the |checks| argument to the // primality testing functions when generating random primes. It gives a false |