The length of an RSA signature sent during the handshake
JCA
1.41421 at gmail.com
Wed Aug 25 09:50:01 EST 2010
I have noticed that OpenSSH clients (at least version 5.1p1)
occasionally send an RSA signature during the handshake phase such
that if the RSA key pair used to generate it happens to be associated
to an N-byte long modulus, the signature is N - 1 bytes long. My
question is, Is this behavior correct? I mean, an RSA signature is an
unstructured byte string, and therefore any leading zeros should be
considered part of the signature, and a signature created with an RSA
key pair such that its associated modulus is N bytes long ought to be
N bytes long as well.
More information about the openssh-unix-dev
mailing list