Chris Covell wrote: > Guys, > > Openca 0.9.2.2 > Openssl 0.9.7 > > Have any of you ever seen this in the stderr.log ?
No. > Integer overflow in hexadecimal number at > /usr/local/ca001_pki/modules/perl5/OpenCA/PKCS7.pm line 392. > > The last certificate issued was serial 5368 (0x14F8) > > The last certificate revoked was serial 3366 (0xD26) > > surely these are not such big numbers to overflow ? Is this a bug as I > have duplicated the error in a test script and the lowest integer I get > to cause the overflow is 100000000 ! I am nowhere near that serial number ! Just some thoughts: a) line 392 of PKCS7.pm is obviously called for each certificate contained in a PKCS#7 structure. If you have a hierarchical PKI with multiple layerd CA certificates, their serial numbers will also appear there. b) OpenCA parses OpenSSL (or is it openca-sv?) output. If OpenSSL/openca-sv suddenly gives unexpected output, OpenCA::PKCS7 may be confused. It would be nice to have this output to know what went wrong... . Juergen
smime.p7s
Description: S/MIME Cryptographic Signature
