generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Return security strength for supported DSA parameters: will be used

Browse Source 
later.
This commit is contained in:
Dr. Stephen Henson 2011-02-11 14:38:39 +00:00
parent a1a5885b64
commit 16a7fcc447
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
crypto/dsa/dsa_gen.c
View File

@ -369,18 +369,21 @@ err:
return ok; return ok;
} }
/* Permissible parameter values for (L,N): see FIPS186-3 4.2 */ /* Security strength of parameter values for (L,N): see FIPS186-3 4.2
* and SP800-131A
*/
static int dsa2_check_params(size_t L, size_t N)
static int dsa2_security_strength(size_t L, size_t N)
{ {
if (L == 1024 && N == 160) if (L == 1024 && N == 160)
return 1; return 80;
if (L == 2048 && N == 224) if (L == 2048 && N == 224)
return 1; return 112;
if (L == 2048 && N == 256) if (L == 2048 && N == 256)
return 1; return 112;
if (L == 3072 && N == 256) if (L == 3072 && N == 256)
return 1; return 112;
return 0; return 0;
} }
@ -414,7 +417,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
goto err; goto err;
} }
#endif #endif
if (!dsa2_check_params(L, N)) if (!dsa2_security_strength(L, N))
{ {
DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS); DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
ok = 0; ok = 0;