4 files changed, 8 insertions, 10 deletions

diff --git a/src/pluto/certs.c b/src/pluto/certs.c
index 414f2430a..a9179c449 100644
--- a/src/pluto/certs.c
+++ b/src/pluto/certs.c
@@ -232,7 +232,7 @@ void list_pgp_end_certs(bool utc)
 
 				whack_log(RC_COMMENT, "  pubkey:    %N %4d bits%s",
 						key_type_names, key->get_type(key),
-						key->get_keysize(key) * BITS_PER_BYTE,
+						key->get_keysize(key),
 						has_private_key(cert)? ", has private key" : "");
 				if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid))
 				{
diff --git a/src/pluto/ike_alg.c b/src/pluto/ike_alg.c
index 7521dd33b..08353907e 100644
--- a/src/pluto/ike_alg.c
+++ b/src/pluto/ike_alg.c
@@ -194,18 +194,16 @@ struct db_context *ike_alg_db_new(connection_t *c, lset_t policy)
 
 		if (policy & POLICY_PUBKEY)
 		{
-			int auth_method = 0;
-			size_t key_size = 0;
+			int auth_method = 0, key_size = 0;
 			key_type_t key_type = KEY_ANY;
 
-
 			if (c->spd.this.cert)
 			{
 				certificate_t *certificate = c->spd.this.cert->cert;
 				public_key_t *key = certificate->get_public_key(certificate);
 
 				if (key == NULL)
-				{				
+				{
 					plog("ike alg: unable to retrieve my public key");
 					continue;
 				}
@@ -233,13 +231,13 @@ struct db_context *ike_alg_db_new(connection_t *c, lset_t policy)
 				case KEY_ECDSA:
 					switch (key_size)
 					{
-						case 32:
+						case 256:
 							auth_method = OAKLEY_ECDSA_256;
 							break;
-						case 48:
+						case 384:
 							auth_method = OAKLEY_ECDSA_384;
 							break;
-						case 66:
+						case 521:
 							auth_method = OAKLEY_ECDSA_521;
 							break;
 						default:
diff --git a/src/pluto/keys.c b/src/pluto/keys.c
index 12a3ccfc9..a79c2c0d2 100644
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@@ -1449,7 +1449,7 @@ void list_public_keys(bool utc)
 		whack_log(RC_COMMENT, "  identity: '%Y'", key->id);
 		whack_log(RC_COMMENT, "  pubkey:    %N %4d bits, until %T %s",
 			key_type_names, public->get_type(public),
-			public->get_keysize(public) * BITS_PER_BYTE,
+			public->get_keysize(public),
 			&key->until_time, utc,
 			check_expiry(key->until_time, PUBKEY_WARNING_INTERVAL, TRUE));
 		if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
diff --git a/src/pluto/x509.c b/src/pluto/x509.c
index 2b8681246..d717beb15 100644
--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@@ -427,7 +427,7 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
 			{
 				whack_log(RC_COMMENT, "  pubkey:    %N %4d bits%s",
 					key_type_names, key->get_type(key),
-					key->get_keysize(key) * BITS_PER_BYTE,
+					key->get_keysize(key),
 					cert->smartcard ? ", on smartcard" :
 					(has_private_key(cert)? ", has private key" : ""));