i2d_ASN1_INTEGER zero pad

Matt Caswell matt at openssl.org
Tue Aug 6 15:56:45 UTC 2019

On 06/08/2019 16:34, William Roberts wrote:
> Hi,
> I occasionally get spurious errors in my ECDSA signatures, and it
> appears that when the top byte is over 0x80 of either the R or S
> component, that I get a zero pad. I noticed all this when reading
> through the source, their was some comments (see below). I noticed a
> d2i_ASN1_UINTEGER, but I can't find a coresponding i2d_ version to
> create it. The zero pad seems to be the correct behavior, but it seems
> to be breaking things.

As you note the zero pad is the correct behaviour.

> This is the link to the issue request I got filed for more details:
> https://github.com/tpm2-software/tpm2-pkcs11/issues/277

This seems to be a problem in tmp2-pkcs11 and not OpenSSL. So its not clear to
me what your question to openssl-users is?


More information about the openssl-users mailing list