Add functions returning security bits.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 18 Jan 2014 14:51:40 +0000 (14:51 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 28 Mar 2014 14:49:04 +0000 (14:49 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 18 Jan 2014 14:51:40 +0000 (14:51 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 28 Mar 2014 14:49:04 +0000 (14:49 +0000)
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c

index 5fff22612010cb7bd069d35f24e1e28f980c414b..f317204d9cf21b672e02ba6873fff5447e2465f0 100644 (file)
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -462,3 +462,10 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
         {
         ameth->pkey_ctrl = pkey_ctrl;
         }
+
+void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pkey_security_bits)(const EVP_PKEY *pk))
+       {
+       ameth->pkey_security_bits = pkey_security_bits;
+       }
+
diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h

index a1035cd46e25f41b4786f41261a5fd2da2279b6f..023934bb2beb7e2b0862c9a41d88ee5e33528924 100644 (file)
--- a/crypto/asn1/asn1_locl.h
+++ b/crypto/asn1/asn1_locl.h
@@ -122,6 +122,7 @@ struct evp_pkey_asn1_method_st
  
         int (*pkey_size)(const EVP_PKEY *pk);
         int (*pkey_bits)(const EVP_PKEY *pk);
+       int (*pkey_security_bits)(const EVP_PKEY *pk);
  
         int (*param_decode)(EVP_PKEY *pkey,
                                 const unsigned char **pder, int derlen);
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h

index b3518cb3bad848d11aafe9d776bebbfe9dc67437..f4c8cc0124f6acab5b380aa00b2197ee7d5a932a 100644 (file)
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -420,6 +420,7 @@ int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
  int    BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
  int    BN_num_bits(const BIGNUM *a);
  int    BN_num_bits_word(BN_ULONG l);
+int    BN_security_bits(int L, int N);
  BIGNUM *BN_new(void);
  void   BN_init(BIGNUM *);
  void   BN_clear_free(BIGNUM *a);
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c

index 72da0735fd83ada70265c1dac87fba13fd931321..b1e224bb4dc19bbcfec662057179b8860ea67c05 100644 (file)
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -880,3 +880,28 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
         }
  #undef BN_CONSTTIME_SWAP
  }
+
+/* Bits of security, see SP800-57 */
+
+int BN_security_bits(int L, int N)
+       {
+       int secbits, bits;
+       if (L >= 15360)
+               secbits = 256;
+       else if (L >= 7690)
+               secbits = 192;
+       else if (L >= 3072)
+               secbits = 128;
+       else if (L >= 2048)
+               secbits = 112;
+       else if (L >= 1024)
+               secbits = 80;
+       else
+               return 0;
+       if (N == -1)
+               return secbits;
+       bits = N / 2;
+       if (bits < 80)
+               return 0;
+       return bits >= secbits ? secbits : bits;
+       }
diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c

index 0b8e5670b0ec7b0ef09bb04929306293346ca570..455c5602d99e955f8dcc27d635a9cef8b38c3ded 100644 (file)
--- a/crypto/cmac/cm_ameth.c
+++ b/crypto/cmac/cm_ameth.c
@@ -87,7 +87,7 @@ const EVP_PKEY_ASN1_METHOD cmac_asn1_meth =
         0,0,0,
  
         cmac_size,
-       0,
+       0, 0,
         0,0,0,0,0,0,0,
  
         cmac_key_free,
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h

index 0cbb32e3362d0278936b7e74caddf428ddef107e..8e8f87dfdceceed10ad9a733074b658a73dbe1fc 100644 (file)
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -202,6 +202,7 @@ DH *        DH_new(void);
  void   DH_free(DH *dh);
  int    DH_up_ref(DH *dh);
  int    DH_size(const DH *dh);
+int    DH_security_bits(const DH *dh);
  int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
  int DH_set_ex_data(DH *d, int idx, void *arg);
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c

index 2b0035cd0a00d9056c575ae9aaf99b3c43d7ae16..ce1edcb0d92c6a5999a825fd846256a9cbf19f0a 100644 (file)
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -448,6 +448,11 @@ static int dh_bits(const EVP_PKEY *pkey)
         return BN_num_bits(pkey->pkey.dh->p);
         }
  
+static int dh_security_bits(const EVP_PKEY *pkey)
+       {
+       return DH_security_bits(pkey->pkey.dh);
+       }
+
  static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
         {
         if (    BN_cmp(a->pkey.dh->p,b->pkey.dh->p) ||
@@ -620,6 +625,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
  
         int_dh_size,
         dh_bits,
+       dh_security_bits,
  
         dh_param_decode,
         dh_param_encode,
@@ -653,6 +659,7 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth =
  
         int_dh_size,
         dh_bits,
+       dh_security_bits,
  
         dh_param_decode,
         dh_param_encode,
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c

index 7aef080e7abb998eac1435000e60ea14c0f1414d..83b3dc50c15a0a288ffcf2e5fa1a18d7dc3f4bb3 100644 (file)
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -245,3 +245,15 @@ int DH_size(const DH *dh)
         {
         return(BN_num_bytes(dh->p));
         }
+
+int DH_security_bits(const DH *dh)
+       {
+       int N;
+       if (dh->q)
+               N = BN_num_bits(dh->q);
+       else if (dh->length)
+               N = dh->length;
+       else
+               N = -1;
+       return BN_security_bits(BN_num_bits(dh->p), N);
+       }
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h

index 6010a954f0c700d051315e6ba3426fd056e28363..add452b27c8940011a8074e8edd8dee69eea69b0 100644 (file)
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -234,6 +234,7 @@ void        DSA_free (DSA *r);
  /* "up" the DSA object's reference count */
  int    DSA_up_ref(DSA *r);
  int    DSA_size(const DSA *);
+int    DSA_security_bits(const DSA *d);
         /* next 4 return -1 on error */
  int    DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
  int    DSA_sign(int type,const unsigned char *dgst,int dlen,
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c

index 6b1d52fab292a64ca0bc5613d91264a67f57eafe..aa3f55e2185e1bf5820d5ef6aef5848d6f7f95e2 100644 (file)
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -368,6 +368,11 @@ static int dsa_bits(const EVP_PKEY *pkey)
         return BN_num_bits(pkey->pkey.dsa->p);
         }
  
+static int dsa_security_bits(const EVP_PKEY *pkey)
+       {
+       return DSA_security_bits(pkey->pkey.dsa);
+       }
+
  static int dsa_missing_parameters(const EVP_PKEY *pkey)
         {
         DSA *dsa;
@@ -696,6 +701,7 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] =
  
                 int_dsa_size,
                 dsa_bits,
+               dsa_security_bits,
  
                 dsa_param_decode,
                 dsa_param_encode,
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c

index c9b25a05612bd331d6296e19ddf9aeccac66684e..b78fadd46792b8be65cc95073f8f6ae76503a843 100644 (file)
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -272,6 +272,11 @@ void *DSA_get_ex_data(DSA *d, int idx)
         return(CRYPTO_get_ex_data(&d->ex_data,idx));
         }
  
+int DSA_security_bits(const DSA *d)
+       {
+       return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q));
+       }
+
  #ifndef OPENSSL_NO_DH
  DH *DSA_dup_DH(const DSA *r)
         {
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c

index f024f904975e9a7fe542d6ed6dbd634c307f38d4..ae9d5319a368578e84f225952311539cf10b363a 100644 (file)
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -395,6 +395,22 @@ static int ec_bits(const EVP_PKEY *pkey)
         return ret;
         }
  
+static int ec_security_bits(const EVP_PKEY *pkey)
+       {
+       int ecbits = ec_bits(pkey);
+       if (ecbits >= 512)
+               return 256;
+       if (ecbits >= 384)
+               return 192;
+       if (ecbits >= 256)
+               return 128;
+       if (ecbits >= 224)
+               return 112;
+       if (ecbits >= 160)
+               return 80;
+       return ecbits / 2;
+       }
+
  static int ec_missing_parameters(const EVP_PKEY *pkey)
         {
         if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
@@ -659,6 +675,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth =
  
         int_ec_size,
         ec_bits,
+       ec_security_bits,
  
         eckey_param_decode,
         eckey_param_encode,
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h

index 94d1dc863b2b3a298d05032597bfb83f97a10e5b..ea92aa28d86d13993a575d2d4ca911d0530d8e4e 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -957,6 +957,7 @@ int         EVP_PKEY_type(int type);
  int            EVP_PKEY_id(const EVP_PKEY *pkey);
  int            EVP_PKEY_base_id(const EVP_PKEY *pkey);
  int            EVP_PKEY_bits(EVP_PKEY *pkey);
+int            EVP_PKEY_security_bits(const EVP_PKEY *pkey);
  int            EVP_PKEY_size(EVP_PKEY *pkey);
  int            EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
  int            EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
@@ -1115,6 +1116,9 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
                 int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
                                                         long arg1, void *arg2));
  
+void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*pkey_security_bits)(const EVP_PKEY *pk));
+
  
  #define EVP_PKEY_OP_UNDEFINED          0
  #define EVP_PKEY_OP_PARAMGEN           (1<<1)
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c

index 109188c45b50e95c8faeaa11d36a6ad2cf4d771e..42a8be1bb8afd6c4bc94d9936309e92abb133bdc 100644 (file)
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -89,6 +89,15 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
         return 0;
         }
  
+int EVP_PKEY_security_bits(const EVP_PKEY *pkey)
+       {
+       if (pkey == NULL)
+               return 0;
+       if (!pkey->ameth || !pkey->ameth->pkey_security_bits)
+               return -2;
+       return pkey->ameth->pkey_security_bits(pkey);
+       }
+
  int EVP_PKEY_size(EVP_PKEY *pkey)
         {
         if (pkey && pkey->ameth && pkey->ameth->pkey_size)
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c

index e03f24aedab983b26fb4eb995fdf5ae511c69449..a6aa7931108c6d5ab4d222da1de53edb3782977c 100644 (file)
--- a/crypto/hmac/hm_ameth.c
+++ b/crypto/hmac/hm_ameth.c
@@ -152,7 +152,7 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth =
         0,0,0,
  
         hmac_size,
-       0,
+       0, 0,
         0,0,0,0,0,0,0,
  
         hmac_key_free,
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h

index 41a052a3ee634d5aa89e21a3db651f7391a2f5a9..543deaf572d2e381b740d8eddacc06d9f636637d 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -307,6 +307,7 @@ struct rsa_st
  RSA *  RSA_new(void);
  RSA *  RSA_new_method(ENGINE *engine);
  int    RSA_size(const RSA *rsa);
+int    RSA_security_bits(const RSA *rsa);
  
  /* Deprecated version */
  #ifndef OPENSSL_NO_DEPRECATED
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c

index 929193b4fa518ae5268d413dffbb25a183fa4c91..04d9f62dd0d11b122ecf4003f0113f740c497b9a 100644 (file)
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -170,6 +170,11 @@ static int rsa_bits(const EVP_PKEY *pkey)
         return BN_num_bits(pkey->pkey.rsa->n);
         }
  
+static int rsa_security_bits(const EVP_PKEY *pkey)
+       {
+       return RSA_security_bits(pkey->pkey.rsa);
+       }
+
  static void int_rsa_free(EVP_PKEY *pkey)
         {
         RSA_free(pkey->pkey.rsa);
@@ -993,6 +998,7 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] =
  
                 int_rsa_size,
                 rsa_bits,
+               rsa_security_bits,
  
                 0,0,0,0,0,0,
  
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c

index 9e3f7dafcda885a9c788952c31ad62aa3ba22c81..ba277cacd87bc1ae5896284afd1ce90c60ed7bf5 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -320,3 +320,8 @@ int RSA_memory_lock(RSA *r)
         r->bignum_data=p;
         return(1);
         }
+
+int RSA_security_bits(const RSA *rsa)
+       {
+       return BN_security_bits(BN_num_bits(rsa->n), -1);
+       }
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 18 Jan 2014 14:51:40 +0000 (14:51 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 28 Mar 2014 14:49:04 +0000 (14:49 +0000)
crypto/asn1/ameth_lib.c		patch \| blob \| blame \| history
crypto/asn1/asn1_locl.h		patch \| blob \| blame \| history
crypto/bn/bn.h		patch \| blob \| blame \| history
crypto/bn/bn_lib.c		patch \| blob \| blame \| history
crypto/cmac/cm_ameth.c		patch \| blob \| blame \| history
crypto/dh/dh.h		patch \| blob \| blame \| history
crypto/dh/dh_ameth.c		patch \| blob \| blame \| history
crypto/dh/dh_lib.c		patch \| blob \| blame \| history
crypto/dsa/dsa.h		patch \| blob \| blame \| history
crypto/dsa/dsa_ameth.c		patch \| blob \| blame \| history
crypto/dsa/dsa_lib.c		patch \| blob \| blame \| history
crypto/ec/ec_ameth.c		patch \| blob \| blame \| history
crypto/evp/evp.h		patch \| blob \| blame \| history
crypto/evp/p_lib.c		patch \| blob \| blame \| history
crypto/hmac/hm_ameth.c		patch \| blob \| blame \| history
crypto/rsa/rsa.h		patch \| blob \| blame \| history
crypto/rsa/rsa_ameth.c		patch \| blob \| blame \| history
crypto/rsa/rsa_lib.c		patch \| blob \| blame \| history