From 617b09baa68f588d63c5e74ef19700aebf439469 Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Wed, 22 Sep 2021 11:32:27 -0700
Subject: [PATCH] RSA: Deprecate and replace `RsaKeyPair::public_modulus_len`.

---
 src/rsa/public/modulus.rs |  3 ++-
 src/rsa/signing.rs        | 12 ++++++++----
 src/signature.rs          |  2 +-
 tests/rsa_tests.rs        |  8 +++++---
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/src/rsa/public/modulus.rs b/src/rsa/public/modulus.rs
index 39a01074c..50cfcb26c 100644
--- a/src/rsa/public/modulus.rs
+++ b/src/rsa/public/modulus.rs
@@ -48,8 +48,9 @@ impl Modulus {
         Ok(Self { value, bits })
     }
 
+    /// The length of the modulus in bits.
     #[inline]
-    pub(crate) fn len_bits(&self) -> bits::BitLength {
+    pub fn len_bits(&self) -> bits::BitLength {
         self.bits
     }
 
diff --git a/src/rsa/signing.rs b/src/rsa/signing.rs
index f8c038a89..331564d15 100644
--- a/src/rsa/signing.rs
+++ b/src/rsa/signing.rs
@@ -373,14 +373,18 @@ impl RsaKeyPair {
         })
     }
 
+    /// Returns a reference to the public key.
+    pub fn public(&self) -> &public::Key {
+        &self.public
+    }
+
     /// Returns the length in bytes of the key pair's public modulus.
     ///
     /// A signature has the same length as the public modulus.
+    #[deprecated = "Use `public().n().len_bits().as_usize_bits()`"]
+    #[inline]
     pub fn public_modulus_len(&self) -> usize {
-        self.public_key
-            .modulus()
-            .big_endian_without_leading_zero()
-            .len()
+        self.public().n().len_bits().as_usize_bits()
     }
 }
 
diff --git a/src/signature.rs b/src/signature.rs
index a6e2185a3..d8917d97d 100644
--- a/src/signature.rs
+++ b/src/signature.rs
@@ -207,7 +207,7 @@
 //! // SHA256 digest algorithm.
 //! const MESSAGE: &'static [u8] = b"hello, world";
 //! let rng = rand::SystemRandom::new();
-//! let mut signature = vec![0; key_pair.public_modulus_len()];
+//! let mut signature = vec![0; key_pair.public().n().len().as_usize_bytes_rounded_up()];
 //! key_pair.sign(&signature::RSA_PKCS1_SHA256, &rng, MESSAGE, &mut signature)
 //!     .map_err(|_| MyError::OOM)?;
 //!
diff --git a/tests/rsa_tests.rs b/tests/rsa_tests.rs
index ab4d5702e..329f91b44 100644
--- a/tests/rsa_tests.rs
+++ b/tests/rsa_tests.rs
@@ -82,7 +82,8 @@ fn test_signature_rsa_pkcs1_sign() {
 
             // XXX: This test is too slow on Android ARM Travis CI builds.
             // TODO: re-enable these tests on Android ARM.
-            let mut actual = vec![0u8; key_pair.public_modulus_len()];
+            let mut actual =
+                vec![0u8; key_pair.public().n().len_bits().as_usize_bytes_rounded_up()];
             key_pair
                 .sign(alg, &rng, &msg, actual.as_mut_slice())
                 .unwrap();
@@ -121,7 +122,8 @@ fn test_signature_rsa_pss_sign() {
 
             let rng = test::rand::FixedSliceRandom { bytes: &salt };
 
-            let mut actual = vec![0u8; key_pair.public_modulus_len()];
+            let mut actual =
+                vec![0u8; key_pair.public().n().len_bits().as_usize_bytes_rounded_up()];
             key_pair.sign(alg, &rng, &msg, actual.as_mut_slice())?;
             assert_eq!(actual.as_slice() == &expected[..], result == "Pass");
             Ok(())
@@ -143,7 +145,7 @@ fn test_signature_rsa_pkcs1_sign_output_buffer_len() {
     let key_pair = signature::RsaKeyPair::from_der(PRIVATE_KEY_DER).unwrap();
 
     // The output buffer is one byte too short.
-    let mut signature = vec![0; key_pair.public_modulus_len() - 1];
+    let mut signature = vec![0; key_pair.public().n().len_bits().as_usize_bytes_rounded_up() - 1];
 
     assert!(key_pair
         .sign(&signature::RSA_PKCS1_SHA256, &rng, MESSAGE, &mut signature)