diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/pubkey/dl_algo/dl_algo.cpp | 5 | ||||
-rw-r--r-- | src/lib/pubkey/dl_group/dl_group.cpp | 11 | ||||
-rw-r--r-- | src/lib/pubkey/dl_group/dl_group.h | 8 | ||||
-rw-r--r-- | src/tests/test_dl_group.cpp | 5 |
4 files changed, 25 insertions, 4 deletions
diff --git a/src/lib/pubkey/dl_algo/dl_algo.cpp b/src/lib/pubkey/dl_algo/dl_algo.cpp index d31f927d7..f9d6178b0 100644 --- a/src/lib/pubkey/dl_algo/dl_algo.cpp +++ b/src/lib/pubkey/dl_algo/dl_algo.cpp @@ -7,7 +7,6 @@ #include <botan/dl_algo.h> #include <botan/numthry.h> -#include <botan/workfactor.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> @@ -15,12 +14,12 @@ namespace Botan { size_t DL_Scheme_PublicKey::key_length() const { - return m_group.get_p().bits(); + return m_group.p_bits(); } size_t DL_Scheme_PublicKey::estimated_strength() const { - return dl_work_factor(key_length()); + return m_group.estimated_strength(); } AlgorithmIdentifier DL_Scheme_PublicKey::algorithm_identifier() const diff --git a/src/lib/pubkey/dl_group/dl_group.cpp b/src/lib/pubkey/dl_group/dl_group.cpp index 7d2ad15e9..a1003f508 100644 --- a/src/lib/pubkey/dl_group/dl_group.cpp +++ b/src/lib/pubkey/dl_group/dl_group.cpp @@ -23,7 +23,8 @@ class DL_Group_Data final m_p(p), m_q(q), m_g(g), m_mod_p(p), m_monty(monty_precompute(m_g, m_p, m_mod_p, /*window bits=*/4)), - m_p_bits(p.bits()) + m_p_bits(p.bits()), + m_estimated_strength(dl_work_factor(m_p_bits)) {} ~DL_Group_Data() = default; @@ -45,6 +46,8 @@ class DL_Group_Data final size_t p_bits() const { return m_p_bits; } size_t p_bytes() const { return (m_p_bits + 7) / 8; } + size_t estimated_strength() const { return m_estimated_strength; } + BigInt power_g_p(const BigInt& k) const { return monty_execute(*m_monty, k); } private: @@ -54,6 +57,7 @@ class DL_Group_Data final Modular_Reducer m_mod_p; std::shared_ptr<const Montgomery_Exponentation_State> m_monty; size_t m_p_bits; + size_t m_estimated_strength; }; //static @@ -394,6 +398,11 @@ size_t DL_Group::p_bytes() const return data().p_bytes(); } +size_t DL_Group::estimated_strength() const + { + return data().estimated_strength(); + } + BigInt DL_Group::inverse_mod_p(const BigInt& x) const { // precompute?? diff --git a/src/lib/pubkey/dl_group/dl_group.h b/src/lib/pubkey/dl_group/dl_group.h index b9a7bb992..a3dcfbdf0 100644 --- a/src/lib/pubkey/dl_group/dl_group.h +++ b/src/lib/pubkey/dl_group/dl_group.h @@ -199,6 +199,14 @@ class BOTAN_PUBLIC_API(2,0) DL_Group final size_t p_bytes() const; /** + * Return an estimate of the strength of this group against + * discrete logarithm attacks (eg NFS). Warning: since this only + * takes into account known attacks it is by necessity an + * overestimate of the actual strength. + */ + size_t estimated_strength() const; + + /** * Decode a DER/BER encoded group into this instance. * @param ber a vector containing the DER/BER encoded group * @param format the format of the encoded group diff --git a/src/tests/test_dl_group.cpp b/src/tests/test_dl_group.cpp index 36ae02531..c513bcd55 100644 --- a/src/tests/test_dl_group.cpp +++ b/src/tests/test_dl_group.cpp @@ -195,6 +195,11 @@ class DL_Group_Tests final : public Test result.test_ne("DL_Group p is set", group.get_p(), 0); result.test_ne("DL_Group g is set", group.get_g(), 0); + const size_t strength = group.estimated_strength(); + + // 8192 bit ~~ 2**202 strength + result.confirm("Plausible strength", strength >= 80 && strength < 210); + if(name.find("modp/srp/") == std::string::npos) { result.test_ne("DL_Group q is set", group.get_q(), 0); |