Re: [Ejbca-develop] Suggestions around random serial number generation

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Jaime,

Great minds think alike :-)

I was already working on clarified documentation during the weekend.

Please check it out. I removed the references to B164, as it's only a
specific, current, use case, and it might change in the future with
another ballot. It's hard to keep track of documentation for all
ballots, better describe it clearly so anyone can check themselves
against the current BR, or whatever requirements they are checking against.

https://svn.cesecore.eu/svn/ejbca/trunk/ejbca/modules/cesecore-common/src/org/cesecore/certificates/ca/internal/SernoGeneratorRandom.java

Regards,
Tomas

On 2019-03-17 18:35, Jaime Hablutzel wrote:
> First, I wanted to clarify that with EJBCA <7.0.1, the default 8 bytes
> configuration for serial numbers generation wasn't delivering 63 bits of
> entropy (as being declared) mainly because of the implementation
> filtering out values that would produce a DER encoding in less than 8
> bytes, so the real entropy being provided would be around (or less than):
> 
> log2(0x7FFFFFFFFFFFFFFF - 0x80000000000000 + 1) = 62.99435343685886
> 
> Now, I would like to suggest to improve the documentation at
> https://www.ejbca.org/docs/CA_Fields.html#src-42205242_id-.CAFieldsv7.0.1-Ca_Serial_Number_Octet_Size,
> modifying it to something like this:
> 
>     Sets the length in octets of certificate serial numbers generated,
>     but note that the length of the serial number IS NOT the same that
>     the entropy it contains (e.g. 8 octets or 64 bit serial number
>     doesn't provide 64 bits of entropy) because some values are being
>     filtered out: 
>     - Negative values (all with the most-significant-bit set to 1).
>     - Values than would provide a shorter encoding than the requested
>     length in octets.
>     - Serial numbers for previously generated certificates.
>     Now, CA/B Forum requires the use of 64 bit entropy when generating
>     serial numbers, hence, for complying with that requirement, larger
>     sizes than 8 octets are required (for more information, refer to the
>     CA/Browser Forum information on Ballot 164 - Certificate Serial
>     Number Entropy). 
>     Possible values can range between 4 and 20 octets, and the default
>     for all new CAs is 20 octets.
> 
> 
> Finally, I have attached a patch with some improvements over the current
> code at ECA-4991.
> 
> -- 
> Jaime Hablutzel -  RPC 994690880
> 
> 
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> 