Exemple #1
0
int
get_bits(gnutls_pk_algorithm_t key_type, int info_bits,
	 const char *info_sec_param, int warn)
{
	int bits;

	if (info_bits != 0) {
		static int warned = 0;

		if (warned == 0 && warn != 0) {
			warned = 1;
			fprintf(stderr,
				"** Note: Please use the --sec-param instead of --bits\n");
		}
		bits = info_bits;
	} else {
		if (info_sec_param) {
			bits =
			    gnutls_sec_param_to_pk_bits(key_type,
							str_to_sec_param
							(info_sec_param));
		} else
			bits =
			    gnutls_sec_param_to_pk_bits(key_type,
							GNUTLS_SEC_PARAM_NORMAL);
	}

	return bits;
}
Exemple #2
0
int
get_bits(gnutls_pk_algorithm_t key_type, int info_bits,
	 const char *info_sec_param, int warn)
{
	int bits;

	if (info_bits != 0) {
		static int warned = 0;

		if (warned == 0 && warn != 0 && GNUTLS_BITS_ARE_CURVE(info_bits)==0) {
			warned = 1;
			fprintf(stderr,
				"** Note: You may use '--sec-param %s' instead of '--bits %d'\n",
				bits_to_sp(key_type, info_bits), info_bits);
		}
		bits = info_bits;
	} else {
		if (info_sec_param == 0) {
			/* For ECDSA keys use 256 bits or better, as they are widely supported */
			info_sec_param = "HIGH";
		}
		bits =
		    gnutls_sec_param_to_pk_bits(key_type,
						str_to_sec_param
						(info_sec_param));
	}

	return bits;
}