1 files changed, 9 insertions, 3 deletions

diff --git a/lib/privkey.c b/lib/privkey.c
index 63cc7fcbd3..10afdf90f1 100644
--- a/lib/privkey.c
+++ b/lib/privkey.c
@@ -137,7 +137,8 @@ int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key, unsigned int *bits)
 		return gnutls_x509_privkey_get_pk_algorithm(key->key.x509);
 	case GNUTLS_PRIVKEY_EXT:
 		if (bits)
-			*bits = 0;
+			*bits = key->key.ext.bits;
+
 		return key->pk_algorithm;
 	default:
 		gnutls_assert();
@@ -816,8 +817,9 @@ gnutls_privkey_import_ext3(gnutls_privkey_t pkey,
  * unless prohibited by the type of the algorithm (e.g., as with Ed25519).
  *
  * The @info_fn must provide information on the signature algorithms supported by
- * this private key, and should support the flags %GNUTLS_PRIVKEY_INFO_PK_ALGO and
- * %GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO. It must return -1 on unknown flags.
+ * this private key, and should support the flags %GNUTLS_PRIVKEY_INFO_PK_ALGO,
+ * %GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO and %GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS.
+ * It must return -1 on unknown flags.
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
  *   negative error value.
@@ -859,6 +861,10 @@ gnutls_privkey_import_ext4(gnutls_privkey_t pkey,
 
 	pkey->pk_algorithm = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO, pkey->key.ext.userdata);
 
+	ret = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS, pkey->key.ext.userdata);
+	if (ret >= 0)
+		pkey->key.ext.bits = ret;
+
 	/* Ensure gnutls_privkey_deinit() calls the deinit_func */
 	if (deinit_fn)
 		pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;