On 2/11/16, 14:29 , "openssl-dev on behalf of Salz, Rich" <openssl-dev-boun...@openssl.org on behalf of rs...@akamai.com> wrote:
>If arbitrary leading zero's were allowed in DER, then the encoding >wouldn't be *distinguished*, i.e., unique. I am NOT talking about “arbitrary” leading zeros. I explicitly state (and cite the sources, might add the ASN.1 standard itself, and “ASN.1 Complete” by John Larmouth) that a leading zero *is* necessary and required for a positive integer when its MSB is one (e.g., 0x80). In other cases it indeed does not belong. >In BER, almost anything goes :) We are *explicitly* and *exclusively* discussing DER. Anything goes for Bear. :-) P.S. In the integer value provided by Cristian, indeed the MSB was 0 (the first “valuable” byte was 0x59), so the leading zero byte did not belong. But I hope OpenSSL-1.1 would properly process 0x02020080.
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev