Can create a cert with no serial number?

Robert Moskowitz rgm at htt-consult.com
Thu Jun 1 01:21:07 UTC 2023


Neat!  How do I force this?  My current method

openssl rand -hex 1 > $dir/serial

and .cnf has

[ CA_default ]
...
serial            = $dir/serial

When trying to squeeze as much as possible into a 255gm bag...  :)

On 5/31/23 14:38, Corey Bonnell wrote:
> Making the serial number a value less than 128 will save another byte, as the
> leading 0x00 byte in the serialNumber INTEGER (to force a positive) will no
> longer be needed.
>
> Thanks,
> Corey
>
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Robert
> Moskowitz
> Sent: Wednesday, May 31, 2023 2:19 PM
> To: Richard Levitte <richard at levitte.org>
> Cc: openssl-users at openssl.org; Frank-Ulrich Sommer <fus at f-us.de>
> Subject: Re: Can create a cert with no serial number?
>
> Well, I got the DER down to 240 bytes by dropping all the constraints.
> Probably could cut more if I put the DET (a specific IPv6 address) somehow
> into subject rather than SAN flagged critical.  For your review, this is what
> I have come up with.  This will replace what I currently have in
> draft-moskowitz-drip-dki
>
> Use of this cert will rely on the DNS structure we will be creating for DRIP.
> For example to find the issuing cert, the CN below maps to a specific FQDN
> that any DRIP compliant implementation will know to find. And if this cert is
> not found in the matching ip6.arpa. fqdn it has been revoked.  This cert is 2x
> the size of the DRIP specific RATS-styled Endorsement.  Implementers will be
> able to choose their poison.
>
> Certificate:
>       Data:
>           Version: 3 (0x2)
>           Serial Number: 160 (0xa0)
>           Signature Algorithm: ED25519
>           Issuer: CN = 2001003ffe3ff805S
>           Validity
>               Not Before: May 21 00:00:00 2023 GMT
>               Not After : May 24 00:00:00 2023 GMT
>           Subject:
>           Subject Public Key Info:
>               Public Key Algorithm: ED25519
>                   ED25519 Public-Key:
>                   pub:
>                       bf:04:53:a0:11:20:ed:8e:65:1a:e9:f6:95:1a:82:
>                       78:3d:a8:20:29:6a:33:8e:ff:d5:4a:0b:a8:46:a9:
>                       98:75
>           X509v3 extensions:
>               X509v3 Subject Alternative Name: critical
>                   IP Address:2001:3F:FE3F:F805:A93E:53B7:2709:E0BA
>       Signature Algorithm: ED25519
>       Signature Value:
>           d1:cd:bb:64:03:9e:95:1a:8c:fa:eb:59:a6:65:ff:bc:0f:39:
>           e4:4f:ac:81:cf:c5:13:1e:62:e3:f1:bd:84:46:9c:5f:7c:52:
>           ff:bd:3e:f8:e7:d4:9d:8d:38:fe:70:62:f9:9c:10:f1:aa:b0:
>           46:c8:92:f9:9b:1a:09:d0:d6:0f
>
>
>
> On 5/31/23 13:36, Richard Levitte wrote:
>> The serial number is a defined field in the certificate structure.
>> It's not optional, so you can't get away from it.
>>
>> In ASN.1 terms, it's an INTEGER.  In DER terms, the smallest possible
>> INTEGER occupies 3 bytes (one for the tag, which is 02, one for the
>> length 01, and one value byte in the decimal range -128..127 (80..7F)).
>>
>> Without the serial number (just like without any other non-optional
>> field), whatever you happen to produce will not be a recognisable
>> X.509 certificate.
>>
>> That's it.
>>
>> Cheers,
>> Richard
>>
>> On Wed, 31 May 2023 15:55:00 +0200,
>> Robert Moskowitz wrote:
>>> OK.  I am looking at absolute certificate DER size and able to
>>> squeeze them into very small packets.  The content should not be used
>>> in the apps, but if the libraries blow up without it, that would not be
>>> good.
>>>
>>> On 5/31/23 09:50, Frank-Ulrich Sommer wrote:
>>>
>>>       RFC5280 which specifies X.509 certificates states that the serial
>>> number is a MUST field and
>>>       it must be unique. By limiting it to one byte the number of
>>> certificates should be limited to
>>>       256.
>>>
>>>       As I can't see any significant advantage I would not risk
>>> compatibility problems and just
>>>       leave it as it is. A cert without serial number could be at risk of
>>> beeing treated as invalid.
>>>
>>>       Am 31. Mai 2023 15:41:02 MESZ schrieb Robert Moskowitz
>>> <rgm at htt-consult.com>:
>>>
>>>           I tried putting in my conf:
>>>
>>>           serial = none
>>>
>>>           and that made an error.
>>>
>>>           Best I have done is a serial of length 1 byte.  But in my work,
>>> the subject or SAN provide uniqueness and CRLs will not be used.  So want
>>> to see if I can create a cert with NO serial number.
>>>
>>>           Thanks
>>>



More information about the openssl-users mailing list