Re: [Ejbca-develop] Question about cert serial number generation

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Simple, the code you found is not related to certificate serial number 
generation when issuing certificates using EJBCA.

Regards,
Tomas
-----
PrimeKey Solutions offers commercial EJBCA and SignServer support 
subscriptions and training courses. Please see www.primekey.se or 
contact in...@pr... for more information.
http://www.primekey.se/Services/Support/
http://www.primekey.se/Services/Training/

On 08/23/2012 06:26 PM, MacDonald, Nick (Nick) wrote:
> Hello:
>
> I am trying to track down an issue, and it has caused me to stray into
> the EJBCA serial number code.  I saw the notes in the
> SernoGenerator.java about the restrictions on serial numbers, then I ran
> across this code in ejbca_4_0_12\src\java\org\ejbca\util\CertTools.java
>
>          byte[] serno = new byte[8];
>
>          SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
>
>          random.setSeed(new Date().getTime());
>
>          random.nextBytes(serno);
>
>          certgen.setSerialNumber(new java.math.BigInteger(serno).abs());
>
> which is not technically following the rules.  I was wondering if this
> should be a call to use the SernoGenerator ?
>
> Also wondering about this method in
> ejbca_4_0_12\modules\ejbca-xkms-cli\src\org\ejbca\core\protocol\xkms\client\XKMSCLIBaseCommand.java
>
> protected String genId() throws NoSuchAlgorithmException {
>
>          BigInteger serno = null;
>
>          Random random = SecureRandom.getInstance("SHA1PRNG");
>
>          long seed = Math.abs((new Date().getTime()) + this.hashCode());
>
>          random.setSeed(seed);
>
>                                  try {
>
>                          byte[] sernobytes = new byte[8];
>
>                          random.nextBytes(sernobytes);
>
>                          serno = (new
> java.math.BigInteger(sernobytes)).abs();
>
>                                  } catch (Exception e) {
>
>
> getPrintStream().println("Error generating response ID " );
>
>                                  }
>
>                                  return "_" + serno.toString();
>
>                  }
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
>
>
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>