[levitte - Thu Jul 1 15:32:14 2004]: > [steve - Thu Jul 1 15:17:46 2004]: > > > RSA, from memory, will always set the bits appropriately so the > > modulus > > size matches the number of bits in genrsa (et al). > > I assume you mean the OpenSSL implementation of RSA, or is that an > absolute rule? The bugdemo that is attached to the bug report comes > with a DH key produced by something else (or so I assume, since I > couldn't see anything OpenSSL-related in that key). This means that > someone might use BN routines with RSA keys coming from other sources as > well, and in that case, would it be possible to see small variances in > the number of significant bits?
Yes its OpenSSLs implementation that sets the two most significant bits when it generates primes. I've seen other implementations that do similar things too, though the odd one doesn't and can produce a modulus size less than that requested. With regard to the orginal query the way the key bits is defined (and indeed how meaningful the term is) is algorithm specific and isn't necessarily the number of bits in the public key component (or equivalent). EVP_PKEY_bits() covers DSA and RSA. For RSA it is the modulus size, for DSA the size of the 'p' parameter is used. DH isn't covered but the 'p' component is normally taken as the key size, though the use of the 'l' parameter can complicate this. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
