openssl: Report correct key length for EC keys when not using NIST curves
authorTobias Brunner <tobias@strongswan.org>
Tue, 26 Aug 2014 16:26:33 +0000 (18:26 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 2 Sep 2014 06:15:17 +0000 (08:15 +0200)
Fixes #688.

src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
src/libstrongswan/plugins/openssl/openssl_ec_public_key.c

index 12f2642..bc7884c 100644 (file)
@@ -181,17 +181,7 @@ METHOD(private_key_t, decrypt, bool,
 METHOD(private_key_t, get_keysize, int,
        private_openssl_ec_private_key_t *this)
 {
 METHOD(private_key_t, get_keysize, int,
        private_openssl_ec_private_key_t *this)
 {
-       switch (EC_GROUP_get_curve_name(EC_KEY_get0_group(this->ec)))
-       {
-               case NID_X9_62_prime256v1:
-                       return 256;
-               case NID_secp384r1:
-                       return 384;
-               case NID_secp521r1:
-                       return 521;
-               default:
-                       return 0;
-       }
+       return EC_GROUP_get_degree(EC_KEY_get0_group(this->ec));
 }
 
 METHOD(private_key_t, get_type, key_type_t,
 }
 
 METHOD(private_key_t, get_type, key_type_t,
index 382c554..21dcb01 100644 (file)
@@ -179,17 +179,7 @@ METHOD(public_key_t, encrypt, bool,
 METHOD(public_key_t, get_keysize, int,
        private_openssl_ec_public_key_t *this)
 {
 METHOD(public_key_t, get_keysize, int,
        private_openssl_ec_public_key_t *this)
 {
-       switch (EC_GROUP_get_curve_name(EC_KEY_get0_group(this->ec)))
-       {
-               case NID_X9_62_prime256v1:
-                       return 256;
-               case NID_secp384r1:
-                       return 384;
-               case NID_secp521r1:
-                       return 521;
-               default:
-                       return 0;
-       }
+       return EC_GROUP_get_degree(EC_KEY_get0_group(this->ec));
 }
 
 /**
 }
 
 /**