openssl icon indicating copy to clipboard operation
openssl copied to clipboard

Published 20 hours ago verified publisher icon ruby

Feature request: OpenSSL::PKey::RSA#size

Open tarcieri opened this issue 10 years ago • 14 comments

It would be nice to be able to introspect on the sizes of RSA keys:

pry(main)> key.size
NoMethodError: undefined method `size' for #<OpenSSL::PKey::RSA:0x007fa4292cafe0>

Here is an ugly way to implement it in pure Ruby using the existing API:

Integer(key.to_text[/\((\d+) bit/, 1], 10)

tarcieri avatar Feb 03 '15 22:02 tarcieri

Patches welcome :)

zzak avatar Feb 10 '15 01:02 zzak

Awesome! We found a better implementation:

key.n.num_bits

tarcieri avatar Feb 10 '15 01:02 tarcieri

Would you like to update the documentation?

zzak avatar Feb 10 '15 01:02 zzak

I can send you a PR that adds the method in pure Ruby! :open_mouth:

tarcieri avatar Feb 10 '15 01:02 tarcieri

@tarcieri Ahh! I misunderstood, i think for this key we would need to patch the capi.

btw what is n?

zzak avatar Feb 10 '15 01:02 zzak

n is the RSA modulus, which should match the key length.

Also I know C, so I'd be happy to add this to the C API. But what about jruby-openssl?

tarcieri avatar Feb 10 '15 01:02 tarcieri

Let's decide on a Ruby api we like for it before we write the C, but for merging into the gem we will need to write the capi.

We can hopefully use a similar patch for jruby-openssl

zzak avatar Feb 12 '15 20:02 zzak

I can give it a try on the C level. Iirc OpenSSL exposes something that would work for DSA and EC keys, too. Definitely a useful feature to have!

emboss avatar Feb 12 '15 22:02 emboss

I ran into this, too and realized that OpenSSL::PKey::DSA and OpenSSL::PKey::EC need a different strategy each. Should we add these, too?

phillipp avatar Feb 09 '16 16:02 phillipp

Yes please. And I'd love to know when this would be released.

mouse07410 avatar May 16 '16 21:05 mouse07410

Out of curiosity, is #n — and its friends, #d, #e, #p, and #q — documented anywhere?

aryeh-looker avatar Jan 16 '18 03:01 aryeh-looker

Any movement on this? I took a stab at writing a proxy object to provide this functionality. Would appreciate some feedback, especially wrt EC keys. https://github.com/trailofbits/ruby-sslyze/blob/d2cffe53764ad6e48bef65553730716336dd0a4a/lib/sslyze/x509/public_key.rb#L39-L49

postmodern avatar Mar 24 '18 22:03 postmodern

@aryeh-looker feel free to make a PR to improve docuemntation

@postmodern do you want to take a stab at making a PR regarding this functionality?

ioquatix avatar Oct 13 '19 04:10 ioquatix

Regarding EC keys, it is correct do the following: private_key.group.degree which will return bit size of the curve that was used for private key generation

nickshatilo avatar Sep 07 '20 14:09 nickshatilo