From e2eaf3f2399f519f00d6624c4781f18a74571016 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 5 Dec 2024 19:34:46 +0000
Subject: Make the DSS_prime_checks macro internal

Rename it to DSA_prime_checks and add an XXX comment mentioning that
we could reduce the number of rounds thanks to BPSW. There are no
plans of changing that as DSA is on its way out.

discussed with miod
---
 src/lib/libcrypto/dsa/dsa.h | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

(limited to 'src/lib/libcrypto/dsa/dsa.h')

diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index 63e5cedb1c..9f3d561239 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa.h,v 1.45 2024/12/05 19:29:08 tb Exp $ */
+/* $OpenBSD: dsa.h,v 1.46 2024/12/05 19:34:46 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -177,13 +177,6 @@ int	DSA_print(BIO *bp, const DSA *x, int off);
 int	DSAparams_print_fp(FILE *fp, const DSA *x);
 int	DSA_print_fp(FILE *bp, const DSA *x, int off);
 
-/*
- * Primality test according to FIPS PUB 186-4, Appendix C.3. Set the number
- * to 64 rounds of Miller-Rabin, which corresponds to 128 bits of security.
- * This is necessary for keys of size >= 3072.
- */
-#define DSS_prime_checks 64
-
 #ifndef OPENSSL_NO_DH
 /* Convert DSA structure (key or just parameters) into DH structure
  * (be careful to avoid small subgroup attacks when using this!) */
-- 
cgit v1.2.3-55-g6feb