diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-01-18 14:51:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-03-28 14:49:04 +0000 |
commit | 2514fa79acba998c2a8d4e5a8288a5b3ae990377 (patch) | |
tree | 28f4391dc3e8fc22197e53b75360800f182d9b19 /crypto/dsa | |
parent | 4563da1d7c53e969e8d092d018795179bb648a7c (diff) | |
download | openssl-2514fa79acba998c2a8d4e5a8288a5b3ae990377.tar.gz |
Add functions returning security bits.
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
Diffstat (limited to 'crypto/dsa')
-rw-r--r-- | crypto/dsa/dsa.h | 1 | ||||
-rw-r--r-- | crypto/dsa/dsa_ameth.c | 6 | ||||
-rw-r--r-- | crypto/dsa/dsa_lib.c | 5 |
3 files changed, 12 insertions, 0 deletions
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 6010a954f0..add452b27c 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -234,6 +234,7 @@ void DSA_free (DSA *r); /* "up" the DSA object's reference count */ int DSA_up_ref(DSA *r); int DSA_size(const DSA *); +int DSA_security_bits(const DSA *d); /* next 4 return -1 on error */ int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); int DSA_sign(int type,const unsigned char *dgst,int dlen, diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 6b1d52fab2..aa3f55e218 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -368,6 +368,11 @@ static int dsa_bits(const EVP_PKEY *pkey) return BN_num_bits(pkey->pkey.dsa->p); } +static int dsa_security_bits(const EVP_PKEY *pkey) + { + return DSA_security_bits(pkey->pkey.dsa); + } + static int dsa_missing_parameters(const EVP_PKEY *pkey) { DSA *dsa; @@ -696,6 +701,7 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = int_dsa_size, dsa_bits, + dsa_security_bits, dsa_param_decode, dsa_param_encode, diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index c9b25a0561..b78fadd467 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -272,6 +272,11 @@ void *DSA_get_ex_data(DSA *d, int idx) return(CRYPTO_get_ex_data(&d->ex_data,idx)); } +int DSA_security_bits(const DSA *d) + { + return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q)); + } + #ifndef OPENSSL_NO_DH DH *DSA_dup_DH(const DSA *r) { |