generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Return security strength for supported DSA parameters: will be used

Browse Source 
later.
This commit is contained in:
Dr. Stephen Henson 2011-02-11 14:38:39 +00:00
parent a1a5885b64
commit 16a7fcc447
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
crypto/dsa/dsa_gen.c
View File

@ -369,18 +369,21 @@ err:
return ok;
}
/* Permissible parameter values for (L,N): see FIPS186-3 4.2 */
/* Security strength of parameter values for (L,N): see FIPS186-3 4.2
* and SP800-131A
*/
static int dsa2_check_params(size_t L, size_t N)
static int dsa2_security_strength(size_t L, size_t N)
{
if (L == 1024 && N == 160)
return 1;
return 80;
if (L == 2048 && N == 224)
return 1;
return 112;
if (L == 2048 && N == 256)
return 1;
return 112;
if (L == 3072 && N == 256)
return 1;
return 112;
return 0;
}
@ -414,7 +417,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
goto err;
}
#endif
if (!dsa2_check_params(L, N))
if (!dsa2_security_strength(L, N))
{
DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
ok = 0;