danog/tgseclib
1
0
Fork 0
mirror of https://github.com/danog/tgseclib.git synced 2024-11-27 12:44:38 +01:00
Code Issues Projects Releases Wiki Activity

X509: add a comment to explain the bitmask

Browse Source
This commit is contained in:
terrafrost 2015-07-17 00:45:20 -05:00
parent 693804e62a
commit 0d3a117608
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
phpseclib/File/X509.php
View File

@ -3283,9 +3283,13 @@ class File_X509
if (!function_exists('crypt_random_string')) { if (!function_exists('crypt_random_string')) {
include_once 'Crypt/Random.php'; include_once 'Crypt/Random.php';
} }
// "The serial number MUST be a positive integer" /* "The serial number MUST be a positive integer"
// "Conforming CAs MUST NOT use serialNumber values longer than 20 octets." "Conforming CAs MUST NOT use serialNumber values longer than 20 octets."
// -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2 -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2
for the integer to be positive the leading bit needs to be 0 hence the
application of a bitmap
*/
$serialNumber = new Math_BigInteger(crypt_random_string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256); $serialNumber = new Math_BigInteger(crypt_random_string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256);
} }