On Thu, May 06, 2004 at 10:31:45AM +0200, Renzo Tomaselli wrote: > RSASSA_PKCS1v15_MD5_Signer rsaPriv(privateKey), I discovered that optional > PKCS#8 attributes are never decoded (rsa.h, line#98). > This in turn is called from asn.cpp, line#534. Nex line raises an exception > since overal seq length does not match actual fetched length (in > MessageEnd). > I feel that the passed private key is ok even with such attributes, thus it > looks like a Crypto++ bug.
Yeah, there's a comment in asn.h explaining that "skip optional attributes if present" still needs to be implemented. One reason I haven't done it yet is because I haven't encountered a PKCS#8 private key with optional attributes until now. Unfortunately I'm leaving on a trip without my computer for at least 10 days. If you can wait until I come back to fix this bug, please go ahead and send me the key with optional attributes. Otherwise you might want to try to implement it yourself and send me a patch.
