• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

serial number form x509 certificate

 
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I use Certificate factory and X509Certificate classes to parse a certificate and get the the serial number. The BigInteger for a certificate with serial number shows an incorrect value. The certificate display the serial number as FDB1 DDE5 EF8F 56A5 11D3 5698 42E6 7FE0 . While the serial number obtained from java method is -3064146813482257434743394187012046880 (in decimal) which is incorrect. Is it performing any complement kind of stuff?? How can I get the correct value?
Thanks,
Srini
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Unfortunately, some applications produce certificates that contain negative serial numbers. Is this a bug? I think so. Your certificate is an example of this. The value returned by Java is correct, it is just not what you expect. Basically, you certificate would have been positive if only it had a leading zero byte (google on DER encoding for integer). However, the situation is easily corrected by extracting the raw bytes from your negative BigInteger and creating a new positive BigInteger as in the following example:
 
reply
    Bookmark Topic Watch Topic
  • New Topic