Returns keysize in bits

[chrisliaw]

There are some situation the actual key size in bits are required, for example for display or analysis.

For EC/RSA etc, the key size is fixed which is not really useful. However recently I've been working on X25519 key and the key size is at odd 253, not at byte boundary. Projected there will more situation like this in coming use cases where key size in bit is more desirable especially when PQ key get involved.

The method keysize_in_bits() attached to OpenSSL::PKey class shall be available to all PKey type and it is just returning the key size in bits.

[rhenium]

GitHub Actions is failing because EVP_PKEY_get_bits() exists only in OpenSSL >= 3.0. It apparently had a different name in older versions according to the manpage.

The manpage of EVP_PKEY_get_bits() seems to deliberately avoid "key size". Probably this is because it's not a very well defined term.

EVP_PKEY_get_bits() returns the cryptographic length of the cryptosystem to which the key in pkey belongs, in bits. Note that the definition of cryptographic length is specific to the key cryptosystem. This length corresponds to the provider parameter OSSL_PKEY_PARAM_BITS.

I prefer not to name this method keysize_in_bits in that case. bits is probably good enough.

[chrisliaw]

Thanks for the time Kazuki San. Is it acceptable I put the #ifdef to make it only support when it is compiled with OpenSSL >= 3.0 or I need to support OpenSSL < 3.0?

Thanks!

Regards

[rhenium]

The manpage says EVP_PKEY_get_bits() was called EVP_PKEY_bits() in older versions than 3.0. It seems that the old name exists in all OpenSSL/LibreSSL versions we support.