[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: handling of negative integers

David Margrave <david.margrave@CyberSafe.COM> writes:
> I've noticed that heimdal's ASN.1 code, which is quite clever by the
> way, doesn't seem to handle encoding/decoding of negative integers
> correctly.  1 is encoded correctly as 0x01, but -1 is encoded as
> 0xFFFFFFFF, where it should actually be encoded as 0xFF in the minimum
> number of octets in two's complement representation (unless I'm
> mistaken)

It doesn't actually handle negative numbers at all (that's why you get
32 bits).  We didn't see any need for it so it's `unsigned' all over
the code.

> This isn't really an issue unless you have to start dealing with
> implementations that use negative values.  Microsoft NT5 beta for
> example, uses negative integers for some of its non-standard encryption
> types, i.e. -128 is RC4_HMAC.

Hm, it might make sense to extend that.

BTW, do you know if NT5 (sorry 2000) beta2 still used the RC4_HMAC