Add Public_Key::estimated_strength which gives an approximation of how

hard that key is to break. Use it in cert path validation, rejecting keys with estimated strength less than 80 bits.
author: lloyd <[email protected]> 2012-07-27 17:30:13 +0000
committer: lloyd <[email protected]> 2012-07-27 17:30:13 +0000
commit: 4d0008edca9d3c0a119518e7d9b49c81d7dbe33c (patch)
tree: c359b14f9f0a0a495fea6eb241cb082fd0dc0717 /src/pubkey/ecc_key
parent: 16ccb3c130ad29aee2e640d498606314ac486f55 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index 367b27584..22bc41249 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -18,6 +18,11 @@
 
 namespace Botan {
 
+size_t EC_PublicKey::estimated_strength() const
+   {
+   return domain().get_curve().get_p().bits() / 2;
+   }
+
 EC_PublicKey::EC_PublicKey(const EC_Group& dom_par,
                            const PointGFp& pub_point) :
    domain_params(dom_par), public_key(pub_point),
diff --git a/src/pubkey/ecc_key/ecc_key.h b/src/pubkey/ecc_key/ecc_key.h
index 76a63a7e4..de980608a 100644
--- a/src/pubkey/ecc_key/ecc_key.h
+++ b/src/pubkey/ecc_key/ecc_key.h
@@ -78,6 +78,9 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
       */
       EC_Group_Encoding domain_format() const
          { return domain_encoding; }
+
+      size_t estimated_strength() const override;
+
    protected:
       EC_PublicKey() : domain_encoding(EC_DOMPAR_ENC_EXPLICIT) {}
author	lloyd <[email protected]>	2012-07-27 17:30:13 +0000
committer	lloyd <[email protected]>	2012-07-27 17:30:13 +0000
commit	4d0008edca9d3c0a119518e7d9b49c81d7dbe33c (patch)
tree	c359b14f9f0a0a495fea6eb241cb082fd0dc0717 /src/pubkey/ecc_key
parent	16ccb3c130ad29aee2e640d498606314ac486f55 (diff)