Add functions returning security bits.
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 6010a95..add452b 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -234,6 +234,7 @@
/* "up" the DSA object's reference count */
int DSA_up_ref(DSA *r);
int DSA_size(const DSA *);
+int DSA_security_bits(const DSA *d);
/* next 4 return -1 on error */
int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
int DSA_sign(int type,const unsigned char *dgst,int dlen,
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index 6b1d52f..aa3f55e 100644
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -368,6 +368,11 @@
return BN_num_bits(pkey->pkey.dsa->p);
}
+static int dsa_security_bits(const EVP_PKEY *pkey)
+ {
+ return DSA_security_bits(pkey->pkey.dsa);
+ }
+
static int dsa_missing_parameters(const EVP_PKEY *pkey)
{
DSA *dsa;
@@ -696,6 +701,7 @@
int_dsa_size,
dsa_bits,
+ dsa_security_bits,
dsa_param_decode,
dsa_param_encode,
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index c9b25a0..b78fadd 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -272,6 +272,11 @@
return(CRYPTO_get_ex_data(&d->ex_data,idx));
}
+int DSA_security_bits(const DSA *d)
+ {
+ return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q));
+ }
+
#ifndef OPENSSL_NO_DH
DH *DSA_dup_DH(const DSA *r)
{
