Wrong CSR ASN.1 encoding of integer value

[j0ff]

Function X509GetDERCsrTbs() in x509bldr.c calls the following function:

CHK( DERAddInteger(Context, 0));

This call results in ASN.1 byte encoding of "0x02 0x00".

OpenSSL will fail to parse the generated CSR (Certificate Signing Request).

For example, typing the command:

openssl req -in riot.csr -noout -text

Results in the following error:

unable to load X509 request
25769902144:error:0D0E20DE:asn1 encoding routines:c2i_ibuf:illegal zero content:crypto/asn1/a_int.c:154:
25769902144:error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:627:Field=version, Type=X509_REQ_INFO
25769902144:error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:627:Field=req_info, Type=X509_REQ
25769902144:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:crypto/pem/pem_oth.c:33:

The correct byte encoding should be "0x02 0x01 0x00".

The problem lies with function DERAddInteger().
I have used the following hack to circumvent the issue but a proper fix needs to be implemented :

// CHK( DERAddInteger(Context, 0));
Context->Buffer[Context->Position++] = 0x02;
Context->Buffer[Context->Position++] = 0x01;
Context->Buffer[Context->Position++] = 0x00;