[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Mon Oct 23 13:02:06 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via 84a85b5755befabd450fbb7cc63d5e23a268ddb0 (commit)
from 8efce5badd2f3bdd2d15e4aacd6b04f6ee69cf60 (commit)
- Log -----------------------------------------------------------------
commit 84a85b5755befabd450fbb7cc63d5e23a268ddb0
Author: Matt Caswell <matt at openssl.org>
Date: Wed Oct 18 10:23:33 2017 +0100
Correct value for BN_security_bits()
The function BN_security_bits() uses the values from SP800-57 to assign
security bit values for different FF key sizes. However the value for 192
security bits is wrong. SP800-57 has it as 7680 but the code had it as
7690.
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4546)
(cherry picked from commit c9fe362303fc54ff19bde7511475f28663f7d554)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_lib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index c2dff7d..d7c5fc3 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -897,7 +897,7 @@ int BN_security_bits(int L, int N)
int secbits, bits;
if (L >= 15360)
secbits = 256;
- else if (L >= 7690)
+ else if (L >= 7680)
secbits = 192;
else if (L >= 3072)
secbits = 128;
More information about the openssl-commits
mailing list