Mailing list is the right place but you need to be subscribed to the list :)
If you are using xmlsec-openssl then I would probably trust xmlsec output because it gets the number directly from openssl. On the other hand, if you use the xmlsec-mscrypto then it can easily be a bug in xmlsec-mscrypto code that produces the number. If you have the certificate, I would recommend to use openssl to print it out and look at the number.
Anyway, the first certificate number has only one DWORD and the second certificate has multiple DWORDs. One of possible options is that when you calculate the number you need to revert bytes in DWORDs but keep DWORDs order:
1F 14 11 14 8A 53 F2 B6 49 F4 F8 4D A3 A8 14 76
which is equal to ~1.5695617 � 10^38 frome google's point of view. This results seems closer to the number reported by xmlsec. However, it is a pure speculation because I have no idea how you got this number in the first place :)
Aleksey
Wes Thomas wrote:
I originally sent this to the list serv by accident... Wasn't sure if that's the right place to submit questions, so I'm forwarding this to you. Thanks!
-----Original Message-----
From: Wes Thomas [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 4:15 PM
To: '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: X509SerialNumber
Hey Aleksey!
Got a question.. Using XMLSec 1.2.4
Windows 2000 etc.
I'm trying to arrive at the correct integer value for X509SerialNumber node in the X509IssuerSerial element.
We've made a little calculator to test and see if our formula is correct.
With one certificate I get a serial value of 0D 22 75 91 in hex and our calc from the right goes like this:
91 75 22 0D We convert each to their integer counterparts, 145 117 34 13 Add each together multiplied by 256 to the power of their position 145 + 117(256) + 34(256^2) + 13(256^3)
Google and our calculator say the result is = 220 362 129 which is what XMLSec signing says.
Our 2nd certificate has a value of 1411141FB6F2538A4DF8F4497614A8A3 Calc starting from the right:
A3 A8 14 76 49 F4 F8 4D 8A 53 F2 B6 1F 14 11 14 163 + 168*256 + 20*256^2 + 118*256^3 + 73*256^4 + 244*256^5 + 248*256^6 + 77*256^7 + 138*256^8 + 83*256^9 + 242*256^10 + 182*256^11 + 31*256^12 + 20*256^13 + 17*256^14 + 20*256^15
Google has a rounding error and gives: 2.66732371 � 10^37 or 26673237100000000000000000000000000000
We use a Big Integer class in .NET to get a value of: 26673237123177746846882916240247269539
However XMLSec reports a value of: 16863389628646640081019990102011455077
Is there something I'm doing wrong? This works with a smaller RSA keyed cert but not on the larger one.
Wes Thomas Encomia, L.P. www.encomia.com
Iguana: The other green meat.
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
