> Dear all: > at the end of letter, I append the the public key I excerpted from my > certificate by openssl x509. > Since the key is 2048 bits, 256 bytes, I find the length of > 00:af:......14:f7 > is 257 bytes.
Right. In BER/DER form, without the leading 00 byte, the high bit is set and the number is negative. > But I use -modulus parameter, I see the beginning 00 will disappear > and the size if 256 bytes as I want. Right. In display form, there is no need to show the zero. Just because a computer internally stores a 1 as 0001, we don't need to display it to a human as 0001. > can I bypass the first byte of public key when I do the calculation? > appreciate your help, > miloody When you do what calculation? There is nothing specifically wrong with either form, they are just different. It's like the difference between "+1" and "1". (For DER form, the leading 00 must be present. For display, there is no reason to show it because it must be present in DER form, so putting it in the display conveys no information.) DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
