On Tue, Aug 6, 2019 at 10:56 AM Matt Caswell <matt@xxxxxxxxxxx> wrote: > > > > On 06/08/2019 16:34, William Roberts wrote: > > Hi, > > I occasionally get spurious errors in my ECDSA signatures, and it > > appears that when the top byte is over 0x80 of either the R or S > > component, that I get a zero pad. I noticed all this when reading > > through the source, their was some comments (see below). I noticed a > > d2i_ASN1_UINTEGER, but I can't find a coresponding i2d_ version to > > create it. The zero pad seems to be the correct behavior, but it seems > > to be breaking things. > > As you note the zero pad is the correct behaviour. > > > > This is the link to the issue request I got filed for more details: > > https://github.com/tpm2-software/tpm2-pkcs11/issues/277 > > This seems to be a problem in tmp2-pkcs11 and not OpenSSL. So its not clear to > me what your question to openssl-users is? The questions is their is a d2i_ASN1_UINTEGER exists for that zero pad issue, is their a i2d version, I couldn't find one. I guess a second question is, is their a better way to build an ECDSA signature from the R and S components, the code for ASNI sequence is something I never figured out, is their an example in ossl somewhere? > > Matt
