On 06/08/2019 16:34, William Roberts wrote: > Hi, > I occasionally get spurious errors in my ECDSA signatures, and it > appears that when the top byte is over 0x80 of either the R or S > component, that I get a zero pad. I noticed all this when reading > through the source, their was some comments (see below). I noticed a > d2i_ASN1_UINTEGER, but I can't find a coresponding i2d_ version to > create it. The zero pad seems to be the correct behavior, but it seems > to be breaking things. As you note the zero pad is the correct behaviour. > This is the link to the issue request I got filed for more details: > https://github.com/tpm2-software/tpm2-pkcs11/issues/277 This seems to be a problem in tmp2-pkcs11 and not OpenSSL. So its not clear to me what your question to openssl-users is? Matt
