tls: include RSA bit size in X.509 public key info

For symmetricality with the EC public key info, and because its useful.

PR-URL: #24358
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>

Author: sam-github

doc/api/tls.md

@@ -688,6 +688,7 @@ The certificate may contain information about the public key, depending on
 the key type.
 
 For RSA keys, the following properties may be defined:
+* `bits` {number} The RSA bit size. Example: `1024`.
 * `exponent` {string} The RSA exponent, as a string in hexadecimal number
   notation.  Example: `'0x010001'`.
 * `modulus` {string} The RSA modulus, as a hexadecimal string. Example:

src/node_crypto.cc

@@ -1662,6 +1662,10 @@ static Local<Object> X509ToObject(Environment* env, X509* cert) {
                                   mem->length).ToLocalChecked()).FromJust();
     USE(BIO_reset(bio.get()));
 
+    int bits = BN_num_bits(n);
+    info->Set(context, env->bits_string(),
+              Integer::New(env->isolate(), bits)).FromJust();
+
     uint64_t exponent_word = static_cast<uint64_t>(BN_get_word(e));
     uint32_t lo = static_cast<uint32_t>(exponent_word);
     uint32_t hi = static_cast<uint32_t>(exponent_word >> 32);

test/parallel/test-tls-peer-certificate.js

@@ -55,6 +55,11 @@ connect({
   assert.strictEqual(peerCert.subject.emailAddress, 'ry@tinyclouds.org');
   assert.strictEqual(peerCert.serialNumber, 'ECC9B856270DA9A8');
   assert.strictEqual(peerCert.exponent, '0x10001');
+  assert.strictEqual(peerCert.bits, 1024);
+  // The conversion to bits is odd because modulus isn't a buffer, its a hex
+  // string. There are two hex chars for every byte of modulus, and 8 bits per
+  // byte.
+  assert.strictEqual(peerCert.modulus.length / 2 * 8, peerCert.bits);
   assert.strictEqual(
     peerCert.fingerprint,
     'D7:FD:F6:42:92:A8:83:51:8E:80:48:62:66:DA:85:C2:EE:A6:A1:CD'