|
| From: | Jim Lloyd |
| Subject: | Re: One leading NUL byte in RSA key modulus |
| Date: | Thu, 29 Mar 2012 09:34:09 -0700 |
On Wed, Mar 28, 2012 at 10:23 PM, Jim LloydHello,
<address@hidden> wrote:
> Hello,
> I am nearly done porting our application to use gnutls 2.12 instead of 2.8.
> We have a reasonably decent set of unit tests, nearly all of which pass
> without requiring any changes. However, there are two failing tests that I
> find curious.
> First, we have a function that user gnutls_x509_privkey_export_rsa_raw to
> return the size in bytes of the modulus of a private key. One specific unit
> test simply asserts that the size of a given test key is 128 bytes. That
> test fails because the actual size of the key is now 129 bytes.
The null byte ensures that the number isn't treated as negative when
imported to a bignum library. Thus it should be expected (at least to
numbers with their MSB being 1).
Could it be the change in 2.8.6?
> In addition, the Public Key Id output by gnutls_x509_crt_print has changed
> to be an entirely different hash.
* Version 2.8.6 (released 2010-03-15)
** libgnutls: For CSRs, don't null pad integers for RSA/DSA value.
VeriSign rejected CSRs with this padding. Reported by Wilankar Trupti
<address@hidden> and Boyan Kasarov <address@hidden>.
Note: As a side effect of this change, the "public key identifier"
value computed for a certificate using this version of GnuTLS will be
different from values computed using earlier versions of GnuTLS.
regards,
Nikos
| [Prev in Thread] | Current Thread | [Next in Thread] |