[Pki-devel] [PATCH] 29 Fix for ticket 219 - BugZilla issue 816232
Ade Lee
alee at redhat.com
Fri Aug 17 17:26:33 UTC 2012
ack - pushed to dogtag 9
On Thu, 2012-08-16 at 13:29 -0400, Abhishek Koneru wrote:
> Please review the patch for ticket 219 - fix BZ 816232 - incorrect
> casting from BigInt to Int in installation wizard. This patch is for the
> DogTag 9 branch. The previous one was for DogTag 10 branch.
>
> Defect description:
> The serial number generated for certificates is wrong when the number
> is large. Problem is due to the conversion of BigInteger to integer
> while generating a new serial number, which truncates the most
> significant bits in the serial number and therefore a large number (eg.
> 10fff0001) becomes a smaller number (eg. fff0001). This conversion in
> turn leads to a collision if a certificate with the smaller number
> exists in the database.
>
> Steps to reproduce the defect:
>
> - Create a CA. - (1)
> - Edit the fields minSerialNumber and maxSerialNumber in the
> <CA-Installation Path>/conf.CS.cfg to large values like 100000000 and
> 110000000.
> - Restart the CA.
> - Configure the CA.
> - Create a new CA.
> - Configure this as a clone to (1)CA
> - After the Certificates are generated, view the serial number by
> clicking on "View Certificate in PrettyPrint".
>
> Results:
> Before the patch is applied: The serial number is truncated.(Wrong)
> After the patch is applied: The serial number is found as expected.
>
> --Abhishek Koneru
> On Mon, 2012-08-13 at 18:44 -0400, Abhishek Koneru wrote:
> > Please review the patch with fix for ticket 219 in Dog Tag 10 Beta.
> >
> > --Abhishek Koneru
> > _______________________________________________
> > Pki-devel mailing list
> > Pki-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-devel
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list