Testing the previous Github version of OpenSSL-1.1 produced encouraging results (notice the leading zero, right where it belongs):
$ x=128; DYLD_LIBRARY_PATH=/Users/ur20980/src/openssl-1.1/lib ~/src/openssl-1.1/bin/openssl asn1parse -genstr "INTEGER:$x" -out d.der && hexdump -C d.der 0:d=0 hl=2 l= 2 prim: INTEGER :80 00000000 02 02 00 80 |....| 00000004 $ dumpasn1 d.der 0 2: INTEGER 128 0 warnings, 0 errors. $ P.S. dumpasn1.c doesn’t seem to parse negative integers correctly: $ x=-128; DYLD_LIBRARY_PATH=/Users/ur20980/src/openssl-1.1/lib ~/src/openssl-1.1/bin/openssl asn1parse -genstr "INTEGER:$x" -out d.der && hexdump -C d.der 0:d=0 hl=2 l= 1 prim: INTEGER :-80 00000000 02 01 80 |...| 00000003 $ dumpasn1 d.der 0 1: INTEGER 128 : Error: Integer has a negative value. 0 warnings, 1 error. $ -- Regards, Uri Blumenthal On 2/11/16, 14:29 , "openssl-dev on behalf of Salz, Rich" <openssl-dev-boun...@openssl.org on behalf of rs...@akamai.com> wrote: >If arbitrary leading zero's were allowed in DER, then the encoding >wouldn't be *distinguished*, i.e., unique. > >In BER, almost anything goes :) > >-- >openssl-dev mailing list >To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev