On 17.04.2018 17:07, Kamil Konieczny wrote: > > > On 17.04.2018 15:39, Maciej S. Szmigiero wrote: >> The signatureValue field of a X.509 certificate is encoded as a BIT STRING. >> For RSA signatures this BIT STRING is of so-called primitive subtype, which >> contains a u8 prefix indicating a count of unused bits in the encoding. >> >> We have to strip this prefix from signature data, just as we already do for >> key data in x509_extract_key_data() function. >> >> This wasn't noticed earlier because this prefix byte is zero for RSA key >> sizes divisible by 8. Since BIT STRING is a big-endian encoding adding zero >> prefixes has no bearing on its value. >> >> The signature length, however was incorrect, which is a problem for RSA >> implementations that need it to be exactly correct (like AMD CCP). >> >> Signed-off-by: Maciej S. Szmigiero <mail@xxxxxxxxxxxxxxxxxxxxx> > > your e-mail address looks incorrect > > [...] > What's wrong with it? Maciej