Le 03/04/2012 09:38, Tamir Khason via RT a écrit :
Please see decrypted private key
http://pastebin.com/DzYLnHZT
Thanks.
You didn't provide information on where you think the error is,
precisely. I'll base my answer on your previous posts.
You started to say that "the coefficients should be of the same length".
By "coefficient", you mean the CRT parameters (exponent1, exponent2,
coefficient). You didn't provide an authority source to back up this
assertion. In fact, it's false, and has been explained why. There's no
optimization trick, no particular decision, some parameters can be
smaller than others, that happens, and it's not wrong.
You then talked about end-of-content octets. There's no such octet in
the provided example. And there's no end-of-content octet possible in
the DER representation of an object. End-of-content octets are found
with indefinite length objects, when you don't know in advance the size
of the object you're encoding, but can tell when it ends; think of it as
"streaming", for example. This is allowed with BER only, not DER.
It was explained to you how an integer is serialized in DER, in order to
be sure that it's the smallest representation of the integer, without
any confusion between negative and positive numbers. In your provided
example, all the CRT parameters have their DER serialization starting
with a leading 00 octet, because the next non 00 octet has its highest
bit equal to 1, and if this leading 00 octet wouldn't be here the
serialized number would have been considered a negative number, which is
not wanted. The fact that exponent1 and coefficient are of the same size
as prime1 and prime2 is a coincidence (see first paragraph of this
answer). And the fact that exponent2 has a smaller size is also a
coincidence.
Is there anything still not clear? Do you still think OpenSSL has a bug?
If yes, maybe you could consider switching to the openssl-users mailing
list, which should obviously has been done long ago. Just subscribe to
this list, and reply on this other list. It is clear to anybody here
that what you spotted is not a bug in OpenSSL but an incomprehension on
your side.
Cordialement.
--
Erwann ABALEA
-----
Ce ne sont que des propositions. Je ne veux pas les faire passer en
force. Je pense que si mes idées doivent être reprises, elles ne
doivent pas passer au vote, pour plusieurs raison :
-+- BC in : http://neuneu.ctw.cc - Neuneu sans vote et sans forcer -+-
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
