Le 04/04/2012 05:22, Curt Sampson a écrit : [...]
In fact, if one can be encoded in a shorter form than the other, it MUST be encoded in that shorter format. This is because certificates use DER, not BER, and DER says that.
As pointed by Peter Sylvester, BER doesn't allow useless leading 00 octets either in the content. The content MUST be serialized with the lowest possible number of octets. The difference between BER and DER for integers encoding is on the length encoding ("02 81 01 01" is valid BER, not valid DER; "02 01 00 01" is neither valid BER nor DER).
-- Erwann ABALEA ----- N'ouvrez aucun message ayant pour objet RETURNED OR ENABLE TO DELIVER. ce virus se greffe tout seul à tout les composants de votre ordinateur et les détruit. Ce message vous est envoyé par l'équipe du QUICK DRIVE -+-AL in: Guide du Neuneu Usenet - Le virus Mad Cow frappe encore -+- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
