Can create a cert with no serial number?

Corey Bonnell Corey.Bonnell at digicert.com
Wed May 31 18:38:35 UTC 2023 

Making the serial number a value less than 128 will save another byte, as the 
leading 0x00 byte in the serialNumber INTEGER (to force a positive) will no 
longer be needed.

Thanks,
Corey

-----Original Message-----
From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Robert 
Moskowitz
Sent: Wednesday, May 31, 2023 2:19 PM
To: Richard Levitte <richard at levitte.org>
Cc: openssl-users at openssl.org; Frank-Ulrich Sommer <fus at f-us.de>
Subject: Re: Can create a cert with no serial number?

Well, I got the DER down to 240 bytes by dropping all the constraints. 
Probably could cut more if I put the DET (a specific IPv6 address) somehow 
into subject rather than SAN flagged critical.  For your review, this is what 
I have come up with.  This will replace what I currently have in 
draft-moskowitz-drip-dki

Use of this cert will rely on the DNS structure we will be creating for DRIP. 
For example to find the issuing cert, the CN below maps to a specific FQDN 
that any DRIP compliant implementation will know to find. And if this cert is 
not found in the matching ip6.arpa. fqdn it has been revoked.  This cert is 2x 
the size of the DRIP specific RATS-styled Endorsement.  Implementers will be 
able to choose their poison.

Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 160 (0xa0)
         Signature Algorithm: ED25519
         Issuer: CN = 2001003ffe3ff805S
         Validity
             Not Before: May 21 00:00:00 2023 GMT
             Not After : May 24 00:00:00 2023 GMT
         Subject:
         Subject Public Key Info:
             Public Key Algorithm: ED25519
                 ED25519 Public-Key:
                 pub:
                     bf:04:53:a0:11:20:ed:8e:65:1a:e9:f6:95:1a:82:
                     78:3d:a8:20:29:6a:33:8e:ff:d5:4a:0b:a8:46:a9:
                     98:75
         X509v3 extensions:
             X509v3 Subject Alternative Name: critical
                 IP Address:2001:3F:FE3F:F805:A93E:53B7:2709:E0BA
     Signature Algorithm: ED25519
     Signature Value:
         d1:cd:bb:64:03:9e:95:1a:8c:fa:eb:59:a6:65:ff:bc:0f:39:
         e4:4f:ac:81:cf:c5:13:1e:62:e3:f1:bd:84:46:9c:5f:7c:52:
         ff:bd:3e:f8:e7:d4:9d:8d:38:fe:70:62:f9:9c:10:f1:aa:b0:
         46:c8:92:f9:9b:1a:09:d0:d6:0f



On 5/31/23 13:36, Richard Levitte wrote:
> The serial number is a defined field in the certificate structure.
> It's not optional, so you can't get away from it.
>
> In ASN.1 terms, it's an INTEGER.  In DER terms, the smallest possible
> INTEGER occupies 3 bytes (one for the tag, which is 02, one for the
> length 01, and one value byte in the decimal range -128..127 (80..7F)).
>
> Without the serial number (just like without any other non-optional
> field), whatever you happen to produce will not be a recognisable
> X.509 certificate.
>
> That's it.
>
> Cheers,
> Richard
>
> On Wed, 31 May 2023 15:55:00 +0200,
> Robert Moskowitz wrote:
>> OK.  I am looking at absolute certificate DER size and able to
>> squeeze them into very small packets.  The content should not be used
>> in the apps, but if the libraries blow up without it, that would not be 
>> good.
>>
>> On 5/31/23 09:50, Frank-Ulrich Sommer wrote:
>>
>>      RFC5280 which specifies X.509 certificates states that the serial 
>> number is a MUST field and
>>      it must be unique. By limiting it to one byte the number of 
>> certificates should be limited to
>>      256.
>>
>>      As I can't see any significant advantage I would not risk 
>> compatibility problems and just
>>      leave it as it is. A cert without serial number could be at risk of 
>> beeing treated as invalid.
>>
>>      Am 31. Mai 2023 15:41:02 MESZ schrieb Robert Moskowitz 
>> <rgm at htt-consult.com>:
>>
>>          I tried putting in my conf:
>>
>>          serial = none
>>
>>          and that made an error.
>>
>>          Best I have done is a serial of length 1 byte.  But in my work, 
>> the subject or SAN provide uniqueness and CRLs will not be used.  So want 
>> to see if I can create a cert with NO serial number.
>>
>>          Thanks
>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4990 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230531/eae4c1c6/attachment-0001.p7s>

More information about the openssl-users mailing list