On 04/02/2012 03:28 PM, Tamir Khason via RT wrote:
Hello, Erwann
This is not related to .NET. Integer is not only value, but also size.
Both exponents and its coefficients should be the same length
(according RSA definition, both integers) so those numbers should be
serialized into ASN1_INTEGER. In for some reason, you want to have
integer with different size (for me it's wrong, but it might be your
decision because of size optimization), you should use variouse size
serialization.

This is what is this bug about.

The is no logic in openssl INTEGER encoding that trims
'trailing' octets?  Are you talking abut "leading" octets?
The 'high values'?


There is no question of optimisation. Thus, integers have
different sizes in encoding.

BER and DER encoding of integers is done in 2complement with
a minimal number ot octets, i.e. you cannot have either 9 zor
or 1s at the high order.


See the layman rsa asn.1 guid for some simple examples using
small integers, the length fields for RSA moduli are normally 82 (today)
indicating >1024 bits = 128 octets.

*BER encoding.* Primitive. Contents octets give the value of the integer, base 256, in two's complement form, most significant digit first, with the minimum number of octets. The value 0 is encoded as a single 00 octet.

Some example BER encodings (which also happen to be DER encodings) are given in Table 3.

   Integer
   value        BER encoding
   0    02 01 00
   127  02 01 7F
   128  02 02 00 80
   256  02 02 01 00
   -128         02 01 80
   -129         02 02 FF 7F

   Table 3. Example BER encodings of INTEGER values.

*DER encoding.* Primitive. Contents octets are as for a primitive BER encoding.






Reply via email to