octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-18 11:15:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

X509: add a comment to explain the bitmask

Browse Source
This commit is contained in:
terrafrost 2015-07-17 00:45:20 -05:00
parent 693804e62a
commit 0d3a117608
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
phpseclib/File/X509.php
View File

@ -3283,9 +3283,13 @@ class File_X509
if (!function_exists('crypt_random_string')) {
include_once 'Crypt/Random.php';
}
// "The serial number MUST be a positive integer"
// "Conforming CAs MUST NOT use serialNumber values longer than 20 octets."
// -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2
/* "The serial number MUST be a positive integer"
"Conforming CAs MUST NOT use serialNumber values longer than 20 octets."
-- https://tools.ietf.org/html/rfc5280#section-4.1.2.2
for the integer to be positive the leading bit needs to be 0 hence the
application of a bitmap
*/
$serialNumber = new Math_BigInteger(crypt_random_string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256);
}