diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-01-18 14:51:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-03-28 14:49:04 +0000 |
commit | 2514fa79acba998c2a8d4e5a8288a5b3ae990377 (patch) | |
tree | 28f4391dc3e8fc22197e53b75360800f182d9b19 /crypto/ec/ec_ameth.c | |
parent | 4563da1d7c53e969e8d092d018795179bb648a7c (diff) | |
download | openssl-2514fa79acba998c2a8d4e5a8288a5b3ae990377.tar.gz |
Add functions returning security bits.
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
Diffstat (limited to 'crypto/ec/ec_ameth.c')
-rw-r--r-- | crypto/ec/ec_ameth.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index f024f90497..ae9d5319a3 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -395,6 +395,22 @@ static int ec_bits(const EVP_PKEY *pkey) return ret; } +static int ec_security_bits(const EVP_PKEY *pkey) + { + int ecbits = ec_bits(pkey); + if (ecbits >= 512) + return 256; + if (ecbits >= 384) + return 192; + if (ecbits >= 256) + return 128; + if (ecbits >= 224) + return 112; + if (ecbits >= 160) + return 80; + return ecbits / 2; + } + static int ec_missing_parameters(const EVP_PKEY *pkey) { if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) @@ -659,6 +675,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = int_ec_size, ec_bits, + ec_security_bits, eckey_param_decode, eckey_param_encode, |