[xmlsec] Problem with some cert which has a negative serial number
Andrew Fan
Xuelei.Fan at Sun.COM
Mon Feb 21 19:47:36 PST 2005
Aleksey Sanin wrote:
>> Can a bn like "00 00 01" can be a legal serial number?
>
> Yes. It is equal to "1".
>
No, it is not a legal serial number. decimal "01", "0001", "1" must be
represent as "01" in serial number.
-Andrew
>> If so (*assumption #1*), I think the leading zero should be reserved
>> in string format, this can guarantee when converting back to a bn, it
>> is "00 00 01" again.
>
> Not necessary. "00 00 01" and "01" both represent the same bn. The
> functions that searches for a certificate MUST understand this.
>
> Aleksey
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list