Richard Levitte via RT schrieb:
> Well, that depends on what you mean with number of bits. Take a number
> like 0x0432, how many bits does it have? You could view it as a word,
> and say it has 16 bits, or you could look at it more closely, and find
> out that it has 11 *significant* bits.
>
> BN_num_bits() counts significant bits.
OK, now I get it...
> Another way to find this out is to add the following line to your
> program:
>
> printf ("The number: "); BN_print_fp(stdout, pPubKey); printf ("\n");
>
> Looking at the output, I counted 511 hex characters. 511 * 4 = 2044.
>
> I don't think this is a bug. If you want to know the size of pPubKey in
> byte increments, use BN_num_bytes() and multiply with 8.
I'd suggest to clarify the man page of 'BN_num_bits':
People (such as me) are tempted to use 'BN_num_bits' to get the key size
(class) of a private or public key, and expect that its size matches the
size (class) of its counterpart (public or private key). With "size
class" I mean 512, 1024, 2048 bit etc.
Now what I experience is that the size of the public key that was
generated from a given private key (e.g. with 'DH_generate_key') does
not always match the size of the private key, which is confusing...
Michael
>
> [EMAIL PROTECTED] - Thu Jul 1 10:03:21 2004]:
>
>
>>Hi,
>>
>>I think I've encountered a problem with BN_num_bits. I have
>
> experienced
>
>>that BN_num_bits often returns 1 (sometimes more) bits less than the
>>actual key size of a BIGNUM. With 2048 bit DH key pairs, I've often
>
> seen
>
>>2047 bit returned by BN_num_bits (checking the public key). I'm seeing
>
> a
>
>>case now where it returns 2044 bit only.
>>
>>My environment:
>>OpenSSL 0.9.7d
>>SuSE Linux 9.0
>>compiled with gcc 3.3.1
>>
>>I have attached a test case (actually more or less a fragment of an
>>application of mine) which shows the 2044 bit case. Also, the output
>
> of
>
>>'make report' is attached.
>>
>>Please e-mail me directly in case of any questions or comments, since
>>I'm not subscribed to any openssl-related mailing lists.
>>
>>
>>Michael
>>
--
=================================================
Michael Schmidt
-------------------------------------------------
Institute for Data Communications Systems
University of Siegen, Germany
-------------------------------------------------
http: www.nue.et-inf.uni-siegen.de
e-mail: [EMAIL PROTECTED]
mobile: +49 179 7810214
=================================================
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
