You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The serial numbers from the ca are sometimes full of trailing zeros causing almost duplicate serial numbers (duplicates error out when attempted to be inserted out in the database, so no exploit is available) because rand/Reader.Read was used instead of rand.Read.
This ought to be a GA fix for our sanity, but is not actively exploitable.
The text was updated successfully, but these errors were encountered:
This didn't cause any certificates to be made with duplicate serial
numbers because the primary key in the certificates table is the serial
number and so attempts to insert duplicates fail.
The cause is the use of rand/Reader.Read. rand/Reader.Read does not
perform the io.ReadFull that rand.Read does. Without the io.ReadFull,
less than all of the random part of the serial number would be filled
in.
Fixes#911.
The serial numbers from the ca are sometimes full of trailing zeros causing almost duplicate serial numbers (duplicates error out when attempted to be inserted out in the database, so no exploit is available) because
rand/Reader.Read
was used instead ofrand.Read
.This ought to be a GA fix for our sanity, but is not actively exploitable.
The text was updated successfully, but these errors were encountered: