OCSPResponder icon indicating copy to clipboard operation
OCSPResponder copied to clipboard

Published 20 hours ago verified publisher icon gabrielcalegari

How are SerialNumber Values Derived

Open rashadrivera opened this issue 6 years ago • 1 comments

Hello All,

I'm trying to figure how the SerialExists & SerialIsRevoked method derive the 'serial' argument value. So for example, when my certificate has a hexadecimal serial number value of '9dd919ba4ead18b78df7382112f9fb6953da22c5', I get the value of '901153053931671044175307656606196330260573332165' for the 'serial' argument.

Also, is there a reason why the value had to be altered? Can I configure the product to return just the hexadecimal value instead of these large numbers?

  • Rashad Rivera

rashadrivera avatar Apr 12 '19 20:04 rashadrivera

Hello, Rashad!

Internally, we are using a library that supports many X509 certificate operations. That library reads serial number as a BigInteger, a own type.

When you convert the hex 9dd919ba4ead18b78df7382112f9fb6953da22c5 to big integer you get 901153053931671044175307656606196330260573332165

You can see this in https://www.mobilefish.com/services/big_number/big_number.php

For this moment, we do not have the option to work with other type than big integer as string. But on your Repository implementation you can convert it to hexadecimal before you use it.

I will take your comment into account for the next release.

gabrielcalegari avatar Apr 15 '19 11:04 gabrielcalegari