RFR: 8296787: Unify debug printing format of X.509 cert serial numbers [v2]

Sean Mullan mullan at openjdk.org
Wed Nov 29 17:44:03 UTC 2023


On Tue, 28 Nov 2023 20:07:22 GMT, Ben Perez <duke at openjdk.org> wrote:

>> Updated `X509CertSelector.java` and `SerialNumber.java` to use same debug printing format for X.509 serial numbers. The format in `SSLLogger.java` is slightly different but now uses the `toString` method in `SerialNumber.java` for better readability.
>
> Ben Perez has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Changed serial number debug format to separate bytes with a colon

Changes requested by mullan (Reviewer).

src/java.base/share/classes/sun/security/x509/SerialNumber.java line 104:

> 102:      */
> 103:     public String toString() { return "Serial number: " +
> 104:         serialNum.toString(16).toUpperCase().replaceAll("(?<=..)(..)", ":$1"); }

I am not sure that `replaceAll` expression is correct. When I tried it for `BigInteger("74984748")`, it emitted "47:82:d2c" when I think it should be "04:78:2D:2C". I would use the HexFormat class here (and in `X509CertSelector`), ex:

`HexFormat.ofDelimiter(":").withUpperCase().formatHex(xcert.getSerialNumber().toByteArray())`

-------------

PR Review: https://git.openjdk.org/jdk/pull/16834#pullrequestreview-1755850406
PR Review Comment: https://git.openjdk.org/jdk/pull/16834#discussion_r1409645221


More information about the security-dev mailing list