Disallow X509 certificate serial numbers bigger than 159 bits (#3064) (#3067)

author: Коренберг Марк <socketpair@gmail.com> 2016-08-02 06:08:21 +0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2016-08-02 09:08:21 +0800
commit: 9e75830ad17f36f5351df0c9a63fde083bf7d66b (patch)
tree: 0ec20cff87883b5c8d314bbf1809c9ead426726c /src
parent: 4739cfca290c7e24b4ecbee9ccce09c788ba49f7 (diff)
download: cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.tar.gz
cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.tar.bz2
cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.zip
1 files changed, 14 insertions, 8 deletions
diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index ab70fe75..5c4e3aad 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py
@@ -425,10 +425,13 @@ class CertificateBuilder(object):
             raise TypeError('Serial number must be of integral type.')
         if self._serial_number is not None:
             raise ValueError('The serial number may only be set once.')
-        if number < 0:
-            raise ValueError('The serial number should be non-negative.')
-        if utils.bit_length(number) > 160:  # As defined in RFC 5280
-            raise ValueError('The serial number should not be more than 160 '
+        if number <= 0:
+            raise ValueError('The serial number should be positive.')
+
+        # ASN.1 integers are always signed, so most significant bit must be
+        # zero.
+        if utils.bit_length(number) >= 160:  # As defined in RFC 5280
+            raise ValueError('The serial number should not be more than 159 '
                              'bits.')
         return CertificateBuilder(
             self._issuer_name, self._subject_name,
@@ -635,10 +638,13 @@ class RevokedCertificateBuilder(object):
             raise TypeError('Serial number must be of integral type.')
         if self._serial_number is not None:
             raise ValueError('The serial number may only be set once.')
-        if number < 0:
-            raise ValueError('The serial number should be non-negative.')
-        if utils.bit_length(number) > 160:  # As defined in RFC 5280
-            raise ValueError('The serial number should not be more than 160 '
+        if number <= 0:
+            raise ValueError('The serial number should be positive')
+
+        # ASN.1 integers are always signed, so most significant bit must be
+        # zero.
+        if utils.bit_length(number) >= 160:  # As defined in RFC 5280
+            raise ValueError('The serial number should not be more than 159 '
                              'bits.')
         return RevokedCertificateBuilder(
             number, self._revocation_date, self._extensions
author	Коренберг Марк <socketpair@gmail.com>	2016-08-02 06:08:21 +0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2016-08-02 09:08:21 +0800
commit	9e75830ad17f36f5351df0c9a63fde083bf7d66b (patch)
tree	0ec20cff87883b5c8d314bbf1809c9ead426726c /src
parent	4739cfca290c7e24b4ecbee9ccce09c788ba49f7 (diff)
download	cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.tar.gz cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.tar.bz2 cryptography-9e75830ad17f36f5351df0c9a63fde083bf7d66b.zip