From: Richard Levitte Date: Thu, 1 Jul 2004 12:33:39 +0000 (+0000) Subject: Explain a little better what BN_num_bits() and BN_num_bits_word() do. X-Git-Tag: BEN_FIPS_TEST_6~42^2~155 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=70696f4525d0af89c527a1f84e9a4bc8bb3bdd88;p=openssl Explain a little better what BN_num_bits() and BN_num_bits_word() do. Add a note as to how these functions do not always return the key size, and how one can deal with that. PR: 907 --- diff --git a/doc/crypto/BN_num_bytes.pod b/doc/crypto/BN_num_bytes.pod index 61589fb9ac..a6a2e3f819 100644 --- a/doc/crypto/BN_num_bytes.pod +++ b/doc/crypto/BN_num_bytes.pod @@ -16,8 +16,14 @@ BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size =head1 DESCRIPTION -These functions return the size of a B in bytes or bits, -and the size of an unsigned integer in bits. +BN_num_bytes() returns the size of a B in bytes. + +BN_num_bits_word() returns the number of significant bits in a word. +If we take 0x00000432 as an example, it returns 11, not 16, not 32. +Basically, except for a zero, it returns I. + +BN_num_bits() returns the number of significant bits in a B, +following the same principle as BN_num_bits_word(). BN_num_bytes() is a macro. @@ -25,9 +31,23 @@ BN_num_bytes() is a macro. The size. +=head1 NOTES + +Some have tried using BN_num_bits() on individual numbers in RSA keys, +DH keys and DSA keys, and found that they don't always come up with +the number of bits they expected (something like 512, 1024, 2048, +...). This is because generating a number with some specific number +of bits doesn't always set the highest bits, thereby making the number +of I bits a little lower. If you want to know the "key +size" of such a key, either use functions like RSA_size(), DH_size() +and DSA_size(), or use BN_num_bytes() and multiply with 8 (although +there's no real guarantee that will match the "key size", just a lot +more probability). + =head1 SEE ALSO -L +L, L, L, +L =head1 HISTORY