I have not been following this thread closely. So the following point, which is based on my experience using AT&T CryptoLib, RSA BSAFE and OpenSSL, may or may not have been made or be relevant.
Some big integer libraries ignore the most-significant bit [of the first octet] of a (big) integer (i.e., they consider all integers to be positive) while other libraries interpret the integer to be negative if the most-significant bit is on. For interoperability, some cryptographic libraries prefix an integer with a leading 0x00 octet if the most significant bit is on. Frank > -----Original Message----- > From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 07, 2002 9:29 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: BN_bin2bn, is this normal? > > > From: Jake <[EMAIL PROTECTED]> > > crypto> I understand the behavior and I am wondering about its > crypto> implications, e.g. someone stores their encryption key that > crypto> started with "0x00" to disk in hex, and future key loading > crypto> would shift all the bytes of the key forward.... you get the > crypto> picture. Jake > > You're suggesting that a key component (like the bignums that a RSA > key is composed of) would start with one or more zeroes. However, if > you think of it as numbers, just as, say, 0x00123456, you can see that > the leading zeroes are useless anyway. Also, if that would happen in > a key component like p or n, I'd be really worried, since my 1024 bit > key might be reduced to have an effective length of, say, 879 bits. > > It's easy to forget, but a number is not a specific sequence of bytes, > it's just a number. It is stored as a sequence of bytes, but can at > any time be subject to normalization, for mathematical and technical > reasons. > > -- > Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] > Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 > \ SWEDEN \ or +46-733-72 88 11 > Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] > Member of the OpenSSL development team: http://www.openssl.org/ > Software Engineer, GemPlus: http://www.gemplus.com/ > > Unsolicited commercial email is subject to an archival fee of $400. > See <http://www.stacken.kth.se/~levitte/mail/> for more info. > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
