Prepare to provide BN_security_bits()

ok beck jsing
author: tb <> 2022-06-27 12:25:49 +0000
committer: tb <> 2022-06-27 12:25:49 +0000
commit: 16ca0c8007a31f667a8d7d21c1be44ec46656b42 (patch)
tree: 7b4a6abb880cf5d62bcb7e49bc31d80ddbaa539d /src
parent: 40e8890ed2aa70fe008b1a19f9c95c2acf708db2 (diff)
download: openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.tar.gz
openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.tar.bz2
openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.zip
2 files changed, 37 insertions, 2 deletions
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index abf8cfcf70..5abd489003 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn.h,v 1.52 2022/01/14 08:01:47 tb Exp $ */
+/* $OpenBSD: bn.h,v 1.53 2022/06/27 12:25:49 tb Exp $ */
 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -471,6 +471,10 @@ BIGNUM *BN_mod_sqrt(BIGNUM *ret,
 void    BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+#ifdef LIBRESSL_INTERNAL
+int     BN_security_bits(int L, int N);
+#endif
 /* Deprecated versions */
 #ifndef OPENSSL_NO_DEPRECATED
 BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 6e828f1e74..599a744822 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.53 2021/12/27 15:12:22 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.54 2022/06/27 12:25:49 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1105,6 +1105,37 @@ BN_is_negative(const BIGNUM *a)
        return a->neg != 0;
 }
+/*
+ * Bits of security, see SP800-57, section 5.6.11, table 2.
+ */
+int
+BN_security_bits(int L, int N)
+{
+        int secbits, bits;
+        if (L >= 15360)
+                secbits = 256;
+        else if (L >= 7680)
+                secbits = 192;
+        else if (L >= 3072)
+                secbits = 128;
+        else if (L >= 2048)
+                secbits = 112;
+        else if (L >= 1024)
+                secbits = 80;
+        else
+                return 0;
+        if (N == -1)
+                return secbits;
+        bits = N / 2;
+        if (bits < 80)
+                return 0;
+        return bits >= secbits ? secbits : bits;
+}
 BN_GENCB *
 BN_GENCB_new(void)
 {
author	tb <>	2022-06-27 12:25:49 +0000
committer	tb <>	2022-06-27 12:25:49 +0000
commit	16ca0c8007a31f667a8d7d21c1be44ec46656b42 (patch)
tree	7b4a6abb880cf5d62bcb7e49bc31d80ddbaa539d /src
parent	40e8890ed2aa70fe008b1a19f9c95c2acf708db2 (diff)
download	openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.tar.gz openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.tar.bz2 openbsd-16ca0c8007a31f667a8d7d21c1be44ec46656b42.zip

diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index abf8cfcf70..5abd489003 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn.h,v 1.52 2022/01/14 08:01:47 tb Exp $ */	1	/* $OpenBSD: bn.h,v 1.53 2022/06/27 12:25:49 tb Exp $ */
2	/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -471,6 +471,10 @@ BIGNUM BN_mod_sqrt(BIGNUM ret,
471		471
472	void BN_consttime_swap(BN_ULONG swap, BIGNUM a, BIGNUM b, int nwords);	472	void BN_consttime_swap(BN_ULONG swap, BIGNUM a, BIGNUM b, int nwords);
473		473
		474	#ifdef LIBRESSL_INTERNAL
		475	int BN_security_bits(int L, int N);
		476	#endif
		477
474	/* Deprecated versions */	478	/* Deprecated versions */
475	#ifndef OPENSSL_NO_DEPRECATED	479	#ifndef OPENSSL_NO_DEPRECATED
476	BIGNUM BN_generate_prime(BIGNUM ret, int bits, int safe,	480	BIGNUM BN_generate_prime(BIGNUM ret, int bits, int safe,


diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index 6e828f1e74..599a744822 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_lib.c,v 1.53 2021/12/27 15:12:22 jsing Exp $ */	1	/* $OpenBSD: bn_lib.c,v 1.54 2022/06/27 12:25:49 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1105,6 +1105,37 @@ BN_is_negative(const BIGNUM *a)
1105	return a->neg != 0;	1105	return a->neg != 0;
1106	}	1106	}
1107		1107
		1108	/*
		1109	* Bits of security, see SP800-57, section 5.6.11, table 2.
		1110	*/
		1111	int
		1112	BN_security_bits(int L, int N)
		1113	{
		1114	int secbits, bits;
		1115
		1116	if (L >= 15360)
		1117	secbits = 256;
		1118	else if (L >= 7680)
		1119	secbits = 192;
		1120	else if (L >= 3072)
		1121	secbits = 128;
		1122	else if (L >= 2048)
		1123	secbits = 112;
		1124	else if (L >= 1024)
		1125	secbits = 80;
		1126	else
		1127	return 0;
		1128
		1129	if (N == -1)
		1130	return secbits;
		1131
		1132	bits = N / 2;
		1133	if (bits < 80)
		1134	return 0;
		1135
		1136	return bits >= secbits ? secbits : bits;
		1137	}
		1138
1108	BN_GENCB *	1139	BN_GENCB *
1109	BN_GENCB_new(void)	1140	BN_GENCB_new(void)
1110	{	1141	{