On Thu, Oct 02, 2014 at 04:25:16PM -0300, Anderson Farias wrote:
>
> After comparing two PKCS#10 with public exponent fermat 4, I found out
> that one of them was generated with a value composed by three octets (01
> 00 01) and the other one with a value composed by 4 octets (00 01 00 01).
These are not different values, they are different BER encodings
of the same value. The first form is also DER, while the second
is not.
>
> I searched on RFC 5280 but I didn't find any standard for using Fermat 4
> in X.509 public key infrastructure certificates.
This has nothing to do with F_4, rather the issue is how the integer
exponent in X.509 SPKI RSA keys is encoded. BER encodings are
widely tolerated in X.509 for interoperability reasons, so both
encodings are usable though of course the DER format should be
used.
> Is there any RFC with requirements for Fermat 4 usage with X.509?
No, but there are ITU documents that define ASN.1 encoding.
Recommendation ITU-T X.690 (2002) | ISO/IEC 8825-1:2002, Information
technology - ASN.1 encoding rules: Specification of Basic Encoding
Rules (BER), Canonical Encoding Rules (CER) and Distinguished
Encoding Rules (DER)
--
Viktor.