diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-01-18 14:51:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-03-28 14:49:04 +0000 |
commit | 2514fa79acba998c2a8d4e5a8288a5b3ae990377 (patch) | |
tree | 28f4391dc3e8fc22197e53b75360800f182d9b19 /crypto/dh | |
parent | 4563da1d7c53e969e8d092d018795179bb648a7c (diff) | |
download | openssl-2514fa79acba998c2a8d4e5a8288a5b3ae990377.tar.gz |
Add functions returning security bits.
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
Diffstat (limited to 'crypto/dh')
-rw-r--r-- | crypto/dh/dh.h | 1 | ||||
-rw-r--r-- | crypto/dh/dh_ameth.c | 7 | ||||
-rw-r--r-- | crypto/dh/dh_lib.c | 12 |
3 files changed, 20 insertions, 0 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 0cbb32e336..8e8f87dfdc 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -202,6 +202,7 @@ DH * DH_new(void); void DH_free(DH *dh); int DH_up_ref(DH *dh); int DH_size(const DH *dh); +int DH_security_bits(const DH *dh); int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 2b0035cd0a..ce1edcb0d9 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -448,6 +448,11 @@ static int dh_bits(const EVP_PKEY *pkey) return BN_num_bits(pkey->pkey.dh->p); } +static int dh_security_bits(const EVP_PKEY *pkey) + { + return DH_security_bits(pkey->pkey.dh); + } + static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { if ( BN_cmp(a->pkey.dh->p,b->pkey.dh->p) || @@ -620,6 +625,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = int_dh_size, dh_bits, + dh_security_bits, dh_param_decode, dh_param_encode, @@ -653,6 +659,7 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = int_dh_size, dh_bits, + dh_security_bits, dh_param_decode, dh_param_encode, diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 7aef080e7a..83b3dc50c1 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -245,3 +245,15 @@ int DH_size(const DH *dh) { return(BN_num_bytes(dh->p)); } + +int DH_security_bits(const DH *dh) + { + int N; + if (dh->q) + N = BN_num_bits(dh->q); + else if (dh->length) + N = dh->length; + else + N = -1; + return BN_security_bits(BN_num_bits(dh->p), N); + } |