Thank you very much for the helpful response, I searched for the terms you used in your reply and I found them in one of the function.
This function is *static int RSA_eay_public_encrypt(int flen, const unsigned char *from,* * unsigned char *to, RSA *rsa, int padding)* * * I was wondering, if there is any check on e while verifying certificate chains? (For instance, client certificate verification at server side) For example, if the certificate presented by client has very large public exponent then what happen? How this e is stored? There should be some limit (data type BIGNUM) on it? Is this right? On Thu, Jun 21, 2012 at 5:14 PM, Erwann Abalea <erwann.aba...@keynectis.com>wrote: > The only limit check that I know is performed is if the modulus is > strictly larger than OPENSSL_RSA_SMALL_MODULUS_BITS bits (3072 by default), > then the public exponent must be less then or equal to > OPENSSL_RSA_MAX_PUBEXP_BITS bits (64 by default). > > You can then have a 3072bits RSA key with a public exponent of any size. > Or a 3073bits RSA key with a public exponent limited to 64bits. > > Other than for performance, I don't see any reason to limit the size of > the public exponent. > > -- > Erwann ABALEA > > > Le 21/06/2012 16:41, Sukalp Bhople a écrit : > > Hello guys, >> >> I was looking into the (RSA) certificate verification in Openssl. I was >> wondering if Opensssl checks the size of the public exponent. >> Or what is the max public exponent accepted by server? >> >> -- Regards, *Sukalp Bhople.*
