Add functions returning security bits.

Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.

3 files changed, 12 insertions, 0 deletions

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 41a052a3ee..543deaf572 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -307,6 +307,7 @@ struct rsa_st
 RSA *	RSA_new(void);
 RSA *	RSA_new_method(ENGINE *engine);
 int	RSA_size(const RSA *rsa);
+int	RSA_security_bits(const RSA *rsa);
 
 /* Deprecated version */
 #ifndef OPENSSL_NO_DEPRECATED
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 929193b4fa..04d9f62dd0 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -170,6 +170,11 @@ static int rsa_bits(const EVP_PKEY *pkey)
 	return BN_num_bits(pkey->pkey.rsa->n);
 	}
 
+static int rsa_security_bits(const EVP_PKEY *pkey)
+	{
+	return RSA_security_bits(pkey->pkey.rsa);
+	}
+
 static void int_rsa_free(EVP_PKEY *pkey)
 	{
 	RSA_free(pkey->pkey.rsa);
@@ -993,6 +998,7 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] =
 
 		int_rsa_size,
 		rsa_bits,
+		rsa_security_bits,
 
 		0,0,0,0,0,0,
 
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 9e3f7dafcd..ba277cacd8 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -320,3 +320,8 @@ int RSA_memory_lock(RSA *r)
 	r->bignum_data=p;
 	return(1);
 	}
+
+int RSA_security_bits(const RSA *rsa)
+	{
+	return BN_security_bits(BN_num_bits(rsa->n), -1);
+	}