Bug 27591 - Must the reflected "publicExponent" for generated RSA keys exactly match input? #61
Labels
Comments
|
I don't think the distinction would be visible on the API, since when you read the value (publicExponent attribute of algorithm) it must be normalized. Whether this happens when you read it or when it is assigned is not visible on the API. |
|
Propose wontfix |
|
(Keys imported from format="jwk" can't have leading zeros in the public exponent, however those from format="pkcs8" or "spki" could I believe) This is not a true statement if we only permit DER encoded ASN.1 I agree that it does not need to be stated where this is done. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug 27591:
The Generate key operation for RSASSA-PKCS1-v1_5 says:
I am unsure if this implies that publicExponent is a normalized BigInteger or not.
The section on BigIntegers says that "Values read from the API SHALL have minimal typed array length"
Does this assignment count as such a "read"?
Example:
If generateKey() is called with publicExponent = 00000000000000010001, an implementation should be able to reflect key.algorithm.publicExponent as 010001 and not preserve the zeros
The text was updated successfully, but these errors were encountered: