[xmlsec] Problem with some cert which has a negative serial number
Michael Mi
Hao.Mi at Sun.COM
Mon Feb 21 19:57:40 PST 2005
Andrew Fan wrote:
> Aleksey Sanin wrote:
>
>>> Can a bn like "00 00 01" can be a legal serial number?
>>
>>
>> Yes. It is equal to "1".
>>
> No, it is not a legal serial number. decimal "01", "0001", "1" must be
> represent as "01" in serial number.
Why not? Can you show us any standard forbiding that?
Michael
>
>
> -Andrew
>
>>> If so (*assumption #1*), I think the leading zero should be
>>> reserved in string format, this can guarantee when converting back
>>> to a bn, it is "00 00 01" again.
>>
>>
>> Not necessary. "00 00 01" and "01" both represent the same bn. The
>> functions that searches for a certificate MUST understand this.
>>
>> Aleksey
>>
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list