Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gcrypt
RSA Key and signature lengths using gcry_pk_genkey/sign
james.hume at gmail
Jan 23, 2005, 6:51 AM
Post #1 of 2 (840 views)
Permalink
Hello,

Hope i'm posting this to the right mailing list, apologies if not. I
am using the gcry_pk_* functions to generate keys and signatures. I
have seen that sometimes the key lengths can vary, as can the
signature length which either seems to be 128 bytes or 129 bytes (in
which case there always seems to be a leading null byte). Should the
library be returning varying signature/key sizes?

Thanks for any help in advance.

--
James
Re: RSA Key and signature lengths using gcry_pk_genkey/sign [ In reply to ]
mo at g10code
Feb 12, 2005, 10:25 AM
Post #2 of 2 (826 views)
Permalink
On Sun, Jan 23, 2005 at 01:51:51PM +0000, James Hume wrote:

Hello James,

> I am using the gcry_pk_* functions to generate keys and
> signatures. I have seen that sometimes the key lengths can vary, as
> can the signature length which either seems to be 128 bytes or 129
> bytes (in which case there always seems to be a leading null byte).

I assume that you are converting an MPI into an octet string with
gcry_mpi_print() according to GCRYMPI_FMT_STD. Whenever the given MPI
has the most significant bit set and FMT_STD is requested, the
mentioned function does add a null byte at the beginning of the octet
string representation. This is done in order to be able to
distinguish signed integers from unsigned ones (an integer is
recognized as a negative one when the most signifant bit is set).

In case you don't need to consider signed integers at all, just use
GCRYMPI_FMT_USG, which does not do the padding you seem to have
wondered about.

Thanks,
Moritz.

--
Moritz Schulte

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal