evp: add EVP_PKEY_get_security_category function

author Pauli <ppzgs1@gmail.com>

Wed, 7 May 2025 02:10:11 +0000 (12:10 +1000)

committer Pauli <ppzgs1@gmail.com>

Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)
author Pauli <ppzgs1@gmail.com>
Wed, 7 May 2025 02:10:11 +0000 (12:10 +1000)
committer Pauli <ppzgs1@gmail.com>
Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)
diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c

index 9ed0ba3caea9de4628154f8e7f9a7a36e7bee2c6..d72674ff1574904dbcb3e1be03d27b032f9d5236 100644 (file)
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -296,18 +296,22 @@ void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk)
      if (pk->keydata != NULL) {
          int bits = 0;
          int security_bits = 0;
+        int security_category = -1;
          int size = 0;
-        OSSL_PARAM params[4];
+        OSSL_PARAM params[5];
  
          params[0] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_BITS, &bits);
          params[1] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_SECURITY_BITS,
                                               &security_bits);
-        params[2] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_MAX_SIZE, &size);
-        params[3] = OSSL_PARAM_construct_end();
+        params[2] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_SECURITY_CATEGORY,
+                                             &security_category);
+        params[3] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_MAX_SIZE, &size);
+        params[4] = OSSL_PARAM_construct_end();
          if (evp_keymgmt_get_params(pk->keymgmt, pk->keydata, params)) {
              pk->cache.size = size;
              pk->cache.bits = bits;
              pk->cache.security_bits = security_bits;
+            pk->cache.security_category = security_category;
          }
      }
  }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c

index 7f4508169dfa75d92576d245839361b70f01c20c..09c36b944db0b0518d9270cb358ec97cd7dcf6c9 100644 (file)
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -90,6 +90,11 @@ int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey)
      return size;
  }
  
+int EVP_PKEY_get_security_category(const EVP_PKEY *pkey)
+{
+    return pkey != NULL ? pkey->cache.security_category : -1;
+}
+
  int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
  {
  # ifndef OPENSSL_NO_DSA
diff --git a/include/crypto/evp.h b/include/crypto/evp.h

index 3f1eed3ff63229d69e69638f7847ebeb858b5e3f..8623b487632d463a40e317de4c3df87c78dc4fd0 100644 (file)
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -730,6 +730,7 @@ struct evp_pkey_st {
      struct {
          int bits;
          int security_bits;
+        int security_category;
          int size;
      } cache;
  }; /* EVP_PKEY */
diff --git a/include/openssl/evp.h b/include/openssl/evp.h

index 4fe841da35ed50b1e0ef6ccbeccdad4fa081df70..0321cfca6c0188a6d4c2d04df6cbe33800f95604 100644 (file)
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1371,6 +1371,7 @@ int EVP_PKEY_get_bits(const EVP_PKEY *pkey);
  # define EVP_PKEY_bits EVP_PKEY_get_bits
  int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey);
  # define EVP_PKEY_security_bits EVP_PKEY_get_security_bits
+int EVP_PKEY_get_security_category(const EVP_PKEY *pkey);
  int EVP_PKEY_get_size(const EVP_PKEY *pkey);
  # define EVP_PKEY_size EVP_PKEY_get_size
  int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
author	Pauli <ppzgs1@gmail.com>
	Wed, 7 May 2025 02:10:11 +0000 (12:10 +1000)
committer	Pauli <ppzgs1@gmail.com>
	Tue, 27 May 2025 08:01:44 +0000 (18:01 +1000)
crypto/evp/keymgmt_lib.c		patch \| blob \| blame \| history
crypto/evp/p_lib.c		patch \| blob \| blame \| history
include/crypto/evp.h		patch \| blob \| blame \| history
include/openssl/evp.h		patch \| blob \| blame \| history