8 files changed, 18 insertions, 12 deletions

diff --git a/src/cryptography/hazmat/primitives/asymmetric/dsa.py b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
index 03e6a53e..f2f600dd 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -128,9 +128,9 @@ def generate_private_key(key_size, backend):
 
 
 def _check_dsa_parameters(parameters):
-    if utils.bit_length(parameters.p) not in [1024, 2048, 3072]:
+    if parameters.p.bit_length() not in [1024, 2048, 3072]:
         raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
-    if utils.bit_length(parameters.q) not in [160, 256]:
+    if parameters.q.bit_length() not in [160, 256]:
         raise ValueError("q must be exactly 160 or 256 bits long")
 
     if not (1 < parameters.g < parameters.p):
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index 02eec209..382905c0 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -100,6 +100,8 @@ def verify_interface(iface, klass):
             )
 
 
+# No longer needed as of 2.2, but retained because we have external consumers
+# who use it.
 def bit_length(x):
     return x.bit_length()
 
diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index 2c96c5bc..45b603f0 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py
@@ -469,7 +469,7 @@ class CertificateBuilder(object):
 
         # ASN.1 integers are always signed, so most significant bit must be
         # zero.
-        if utils.bit_length(number) >= 160:  # As defined in RFC 5280
+        if number.bit_length() >= 160:  # As defined in RFC 5280
             raise ValueError('The serial number should not be more than 159 '
                              'bits.')
         return CertificateBuilder(
@@ -686,7 +686,7 @@ class RevokedCertificateBuilder(object):
 
         # ASN.1 integers are always signed, so most significant bit must be
         # zero.
-        if utils.bit_length(number) >= 160:  # As defined in RFC 5280
+        if number.bit_length() >= 160:  # As defined in RFC 5280
             raise ValueError('The serial number should not be more than 159 '
                              'bits.')
         return RevokedCertificateBuilder(
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 40e92853..e430e2d9 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -14,7 +14,7 @@ from pkg_resources import parse_version
 
 import pytest
 
-from cryptography import utils, x509
+from cryptography import x509
 from cryptography.exceptions import InternalError, _Reasons
 from cryptography.hazmat.backends.interfaces import DHBackend, RSABackend
 from cryptography.hazmat.backends.openssl.backend import (
@@ -141,10 +141,10 @@ class TestOpenSSL(object):
     def test_large_key_size_on_new_openssl(self):
         parameters = dsa.generate_parameters(2048, backend)
         param_num = parameters.parameter_numbers()
-        assert utils.bit_length(param_num.p) == 2048
+        assert param_num.p.bit_length() == 2048
         parameters = dsa.generate_parameters(3072, backend)
         param_num = parameters.parameter_numbers()
-        assert utils.bit_length(param_num.p) == 3072
+        assert param_num.p.bit_length() == 3072
 
     def test_int_to_bn(self):
         value = (2 ** 4242) - 4242
diff --git a/tests/hazmat/primitives/test_dh.py b/tests/hazmat/primitives/test_dh.py
index 25be51c9..a70ae745 100644
--- a/tests/hazmat/primitives/test_dh.py
+++ b/tests/hazmat/primitives/test_dh.py
@@ -13,7 +13,7 @@ from cryptography.hazmat.backends.interfaces import (
     DERSerializationBackend, DHBackend, PEMSerializationBackend)
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import dh
-from cryptography.utils import bit_length, int_from_bytes
+from cryptography.utils import int_from_bytes
 
 from ...doubles import DummyKeySerializationEncryption
 from ...utils import load_nist_vectors, load_vectors_from_file
@@ -262,7 +262,7 @@ class TestDH(object):
         assert isinstance(parameters, dh.DHParametersWithSerialization)
         parameter_numbers = parameters.parameter_numbers()
         assert isinstance(parameter_numbers, dh.DHParameterNumbers)
-        assert bit_length(parameter_numbers.p) == key_size
+        assert parameter_numbers.p.bit_length() == key_size
 
         assert isinstance(public, dh.DHPublicKeyWithSerialization)
         assert isinstance(public.public_numbers(), dh.DHPublicNumbers)
diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index 34197772..89303fed 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -18,7 +18,6 @@ from cryptography.hazmat.primitives.asymmetric import dsa
 from cryptography.hazmat.primitives.asymmetric.utils import (
     Prehashed, encode_dss_signature
 )
-from cryptography.utils import bit_length
 
 from .fixtures_dsa import (
     DSA_KEY_1024, DSA_KEY_2048, DSA_KEY_3072
@@ -82,7 +81,7 @@ class TestDSA(object):
         assert skey_parameters.p == vector['p']
         assert skey_parameters.q == vector['q']
         assert skey_parameters.g == vector['g']
-        assert skey.key_size == bit_length(vector['p'])
+        assert skey.key_size == vector['p'].bit_length()
         assert pkey.key_size == skey.key_size
         public_numbers = pkey.public_numbers()
         assert numbers.public_numbers.y == public_numbers.y
diff --git a/tests/test_cryptography_utils.py b/tests/test_cryptography_utils.py
index 290e1612..320f7aa8 100644
--- a/tests/test_cryptography_utils.py
+++ b/tests/test_cryptography_utils.py
@@ -56,3 +56,8 @@ class TestCachedProperty(object):
         assert len(accesses) == 1
         assert t.t == 14
         assert len(accesses) == 1
+
+
+def test_bit_length():
+    assert utils.bit_length(1) == 1
+    assert utils.bit_length(11) == 4
diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py
index a07ffb3a..97b5a749 100644
--- a/tests/x509/test_x509.py
+++ b/tests/x509/test_x509.py
@@ -3981,4 +3981,4 @@ def test_random_serial_number(monkeypatch):
     assert (
         serial_number == utils.int_from_bytes(sample_data, "big") >> 1
     )
-    assert utils.bit_length(serial_number) < 160
+    assert serial_number.bit_length() < 160