W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2004

X.509 certificate serial number format

From: Graham Simpson <GSimpson@Unipass.co.uk>
Date: Thu, 29 Apr 2004 10:45:56 +0100
Message-ID: <DC65AE678B89004B9CCB202E19482CC7401597@mail.origoservices.local>
To: <w3c-ietf-xmldsig@w3.org>
Cc: "Andy Teasdale" <ATeasdale@origoservices.com>
As far as I can tell, X509 certificates all seem to contain a hexadecimal serial number. However, the schema definition in section 4.4.4 (The X509Data element) of the XML Signature Syntax and Processing document at http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#sec-X509Data <http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#sec-X509Data>  states that the X509SerialNumber element should be of type "integer" (presumably this also means it should be in decimal format), and SHOULD be compliant with
RFC2253.
 
Unfortunately, RFC2253 doesn't give any indication of format for a serial number, and as far as I can see, only gives instructions on how to convert attribute values from ASN.1 to a string.
 
This is giving me significant problems as I urgently need to find out how to do this conversion, and I feel like I am going round in circles chasing through RFCs!
 
It would be great if someone could give me some advice on how a hex X509 serial number should be converted to an integer for use in XML digital signatures, or point me towards some code or app that might do the job.
 
Regards,
Graham

Graham Simpson
UNIPASS Technical Lead, MCSE
http://www.unipass.co.uk
mailto:technical@unipass.co.uk <mailto:technical@unipass.co.uk>  


________________________________

The information in this e-mail is sent in confidence for the addressee only and may be legally privileged. Unauthorised recipients must preserve this confidentiality and should please advise the sender immediately of the error in transmission. If you are not the intended recipient, any disclosure, copying, distribution or any action taken in reliance on its content is prohibited and may be unlawful. Origo Services Limited accepts no responsibility for any loss or damage resulting directly or indirectly from
the use of this e-mail or the contents. 
________________________________

 
Received on Thursday, 29 April 2004 05:49:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:39 UTC