Hi:
2009/5/22 David Schwartz <dav...@webmaster.com>: > >> Dear all: >> at the end of letter, I append the the public key I excerpted from my >> certificate by openssl x509. >> Since the key is 2048 bits, 256 bytes, I find the length of >> 00:af:......14:f7 >> is 257 bytes. > > Right. In BER/DER form, without the leading 00 byte, the high bit is set and > the number is negative. > >> But I use -modulus parameter, I see the beginning 00 will disappear >> and the size if 256 bytes as I want. > > Right. In display form, there is no need to show the zero. Just because a > computer internally stores a 1 as 0001, we don't need to display it to a > human as 0001. > >> can I bypass the first byte of public key when I do the calculation? >> appreciate your help, >> miloody > > When you do what calculation? There is nothing specifically wrong with > either form, they are just different. It's like the difference between "+1" > and "1". (For DER form, the leading 00 must be present. For display, there > is no reason to show it because it must be present in DER form, so putting > it in the display conveys no information.) > > DS > thanks for your help. By your explanation, in der form, the leading 00 seems like a padding byte. ( Is there spec which says it must put 00 here?) from my example, the number af:4f:8a:97:....14:f7 is negative, since the high bit, 0xaf, is set. appreciate your kind help, miloody ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
