hi: 2009/5/22 Kyle Hamilton <aerow...@gmail.com>: > On Thu, May 21, 2009 at 11:55 PM, loody <milo...@gmail.com> wrote: >> Hi: >> >> thanks for your help. >> By your explanation, in der form, the leading 00 seems like a padding byte. >> ( Is there spec which says it must put 00 here?) >> from my example, the number af:4f:8a:97:....14:f7 is negative, since >> the high bit, 0xaf, is set. >> appreciate your kind help, >> miloody > > Yes, there is a specification which states that you must put 00 there. > It's called the "Distinguished Encoding Rules" of the "Abstract > Syntax Notation One" (ASN.1). The DER can be found in the ITU > document number X.690; the ASN.1 can be found in ITU document number > X.680. These can be found for free on the http://www.itu.int/ > website; I would also highly recommend > http://www.oss.com/asn1/dubuisson.html ("ASN.1 - Communication Between > Heterogeneous Systems") for probably far more information than you > could ever possibly want to know, in a way that doesn't involve tail > recursion to figure out what the spec means. > > DER was developed so that there is only one possible way to encode any > given stream of data, so that there could be no ambiguity in digital > signatures over a given structure. > > (LDAP schema are written in ASN.1, so it's not simply related to X.509 > -- however, it is mostly related to the X series of ITU documents. > LDAP was created as a 'lightweight' way to access X.500 directories.)
Thanks for your kind help. BTW, may I ask some question which is relevant to openssl. You say "however, it is mostly related to the X series of ITU documents." what is the X series mean? Does this series focus on special topic, so ITU name them X. Sincerely Yours, miloody ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
