I'm using OpenSSL 0.9.8d to work on generating X.509 certificates for
use with ECDSA using the SECP384R1 curve. When I generate a certificate,
the public key created is 97 bytes, but I know it should be 96 bytes (2
384 bit parameters for the x,y points on the curve). It shows up as 97
bytes when I print the PEM formatted cert with the -text option. In
addition, I've converted the certificate to DER format, and manually
decoded it. The cert still has a BIT STRING field of 98 bytes specified,
where the first octet specifies 00 as the number of unused bits (as it
should), but there is still an extra byte. Does anyone have any ideas
about this behavior? Is it a bug in OpenSSL?
Thank you,

Jon Schifman
Software Engineer

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org