[xmlsec] Problem with some cert which has a negative serial number

Aleksey Sanin aleksey at aleksey.com
Mon Feb 21 19:30:59 PST 2005


Note that this is not only 00s but also FFs for negative values
(11, 111, 1111, 11111, etc. all represent the same -1). The real
question is how smart are the NSPR (CERT_FindCertByIssuerAndSN)
and MSCrypto (CertCompareIntegerBlob) functions? Do they understand
that these numbers are the same or not?

Anyone wants to test it?

Aleksey

Michael Mi wrote:
> I gree with you than "01", "00 01", "00 00 00 01" are same bns 
> theoretically.
> 


More information about the xmlsec mailing list