Issue 29 in salmon-protocol: Mention need to remove leading zero bytes from modulus & exponent binary serializations

[salmon-...@googlecode.com]

Status: Accepted
Owner: johnrobertpanzer

New issue 29 by johnrobertpanzer: Mention need to remove leading zero bytes
from modulus & exponent binary serializations
http://code.google.com/p/salmon-protocol/issues/detail?id=29

In the RSA key serialization, a first step is convert from an internal
integer representation of modulus and exponent to the standard network byte
order representations. This is ambiguous since it does not specify how to
handle leading zero bytes -- there are an infinite number of network byte
order serializations for any number (42, 042, 0042, 000042...). This is
important because we do bytewise comparison of keys and also in some cases
sha256 hashes.

Existing code assumes no leading zero bytes (all network byte order
representations are normalized so the first, leftmost, byte is always
nonzero). The specification should state this requirement explicitly.

(At least one Ruby library implementation sometimes generates leading zero
bytes due to processing data in larger-than-byte-sized-chunks, which is why
this issue came up.)

[Ben Laurie]

Ironic that we hit canonicalisation issues in a protocol designed to
avoid them :-)

[salmon-...@googlecode.com]

Updates:
Status: Fixed

Comment #1 on issue 29 by johnrobertpanzer: Mention need to remove leading

zero bytes from modulus & exponent binary serializations
http://code.google.com/p/salmon-protocol/issues/detail?id=29

Changed text to "Each of the components is first represented as an integer
in network byte order (big endian), with no leading zero bytes," to make
that step of the recipe unambiguous.