(inserted missed word; off to get coffee now)
On Mon, Aug 7, 2017 at 7:54 AM, Peter Bowen <pzbo...@gmail.com> wrote: > On Mon, Aug 7, 2017 at 12:53 AM, Franck Leroy via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: >> Hello >> >> I checked only one but I think they are all the same. >> >> The integer value of the serial number is 20 octets, but when encoded into >> DER a starting 00 may be necessary to mark the integer as a positive value : >> >> 0 1606: SEQUENCE { >> 4 1070: SEQUENCE { >> 8 3: [0] { >> 10 1: INTEGER 2 >> : } >> 13 21: INTEGER >> : 00 A5 45 35 99 1C E2 8B 6D D9 BC 1E 94 48 CC 86 >> : 7C 6B 59 9E B3 >> >> So the serialNumber (integer) value is 20 octets long but lenght can be more >> depending on the encoding representation. >> >> Here is ASCII (common representation when stored into a database: >> "A54535991CE28B6DD9BC1E9448CC867C6B599EB3" it is 40 octets long, VARCHAR(40) >> is needed. > > The text from 5280 says: > > " CAs MUST force the serialNumber to be a non-negative integer, that > is, the sign bit in the DER encoding of the INTEGER value MUST be > zero. This can be done by adding a leading (leftmost) `00'H octet if > necessary. This removes a potential ambiguity in mapping between a > string of octets and an integer value. > > As noted in Section 4.1.2.2, serial numbers can be expected to > contain long integers. Certificate users MUST be able to handle > serialNumber values up to 20 octets in length. Conforming CAs MUST > NOT use serialNumber values longer than 20 octets." > > This makes it somewhat unclear whether the `00'H octet is to be included in > the 20 octet limit or not. While I can see how one might view it > differently, I think the correct interpretation is to include the > leading `00'H octet in the count. This is because > CertificateSerialNumber is defined as being an INTEGER, which means > "octet" is not applicable. If it was defined as OCTET STRING, similar > to how KeyIdentifier is defined, then octet could be seen as applying > to the unencoded value. However, given this is an INTEGER, the only > way to get octets is to encode and this requires the leading bit to be > zero for non-negative values. > > That being said, I think that it is reasonable to add "DER encoding of > Serial must be 20 octets or less including any leading 00 octets" to > the list of ambiguities that CAs must fix by date X, rather than > something that requires revocation. > > Thanks, > Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy