Tamir, DER encoding forbids you to use "end-of-content" octets. PKCS#1 defines RSA key elements, and doesn't say that exponent1, exponent2 and coefficient to be the same size.
If you still think you have found a bug in OpenSSL encoding of an RSA private key, please send this object (in its PEM format) to the list, together with explanations of where you think the errors are. From what I've seen on your blog, and your answers here, it appears that an incomprehension of the situation on your side is transformed into an hypothetic bug in OpenSSL. Send the object you're talking about, consider the private key no longer private, and you'll receive some help and explanations. Le 02/04/2012 18:34, Tamir Khason via RT a écrit : > maybe i am failed to explain myself. > DER encoding says how to encode numbers, RSA key elements define what > are those number. So integers from RSA key, should be encoded > according ANS1 DER encoding, which means should be have either length > octets or end-of-contents octets > > On Mon, Apr 2, 2012 at 6:56 PM, Erwann Abalea via RT<r...@openssl.org> wrote: >> Tamir, >> >> What are you talking about? >> DER encoding doesn't say anything about how the length of RSA key >> elements compare to each others. >> >> Read X.690 again, and PKCS#1 also. If you still come with the same >> conclusion, re-read again, and again, and again. >> >> Le 02/04/2012 17:09, Tamir Khason via RT a écrit : >>> Erwann, Peter >>> This is right, but all numbers are integers and should be encodeed >>> accordingly. If encoding assuming fixed size integers, it should use >>> length octets, if not end-of-contents octets. At least this is how i >>> read 8.1 from ASN.1 spec >>> (http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf). >>> This is why i think there is a bug in ASN.1 encoding of the >>> certificate >>> -- Erwann ABALEA ----- piperonatriohirsutisme: le charme de la quarantaine ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
