Richard Levitte via RT schrieb: > Well, that depends on what you mean with number of bits. Take a number > like 0x0432, how many bits does it have? You could view it as a word, > and say it has 16 bits, or you could look at it more closely, and find > out that it has 11 *significant* bits. > > BN_num_bits() counts significant bits.
OK, now I get it... > Another way to find this out is to add the following line to your > program: > > printf ("The number: "); BN_print_fp(stdout, pPubKey); printf ("\n"); > > Looking at the output, I counted 511 hex characters. 511 * 4 = 2044. > > I don't think this is a bug. If you want to know the size of pPubKey in > byte increments, use BN_num_bytes() and multiply with 8. I'd suggest to clarify the man page of 'BN_num_bits': People (such as me) are tempted to use 'BN_num_bits' to get the key size (class) of a private or public key, and expect that its size matches the size (class) of its counterpart (public or private key). With "size class" I mean 512, 1024, 2048 bit etc. Now what I experience is that the size of the public key that was generated from a given private key (e.g. with 'DH_generate_key') does not always match the size of the private key, which is confusing... Michael > > [EMAIL PROTECTED] - Thu Jul 1 10:03:21 2004]: > > >>Hi, >> >>I think I've encountered a problem with BN_num_bits. I have > > experienced > >>that BN_num_bits often returns 1 (sometimes more) bits less than the >>actual key size of a BIGNUM. With 2048 bit DH key pairs, I've often > > seen > >>2047 bit returned by BN_num_bits (checking the public key). I'm seeing > > a > >>case now where it returns 2044 bit only. >> >>My environment: >>OpenSSL 0.9.7d >>SuSE Linux 9.0 >>compiled with gcc 3.3.1 >> >>I have attached a test case (actually more or less a fragment of an >>application of mine) which shows the 2044 bit case. Also, the output > > of > >>'make report' is attached. >> >>Please e-mail me directly in case of any questions or comments, since >>I'm not subscribed to any openssl-related mailing lists. >> >> >>Michael >> -- ================================================= Michael Schmidt ------------------------------------------------- Institute for Data Communications Systems University of Siegen, Germany ------------------------------------------------- http: www.nue.et-inf.uni-siegen.de e-mail: [EMAIL PROTECTED] mobile: +49 179 7810214 ================================================= ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]