From c8ffbe7706bb18ff5f024b86e6207ab5dfac0b1f Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Mon, 5 Dec 2011 14:22:49 +0000
Subject: [PATCH]  - Corrected removal of leading '00:' in printing serial
 numbers in certificates and CRLs

---
 ChangeLog           |  2 ++
 library/x509parse.c | 18 +++++++-----------
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 01f963537..719c8126d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -53,6 +53,8 @@ Bugfix
      appended with '....' after first 28 octets
    * Improved build support for s390x and sparc64 in bignum.h
    * Fixed MS Visual C++ name clash with int64 in sha4.h
+   * Corrected removal of leading '00:' in printing serial numbers in
+     certificates and CRLs
 
 = Version 1.0.0 released on 2011-07-27
 Features
diff --git a/library/x509parse.c b/library/x509parse.c
index 83413440e..d49b6435c 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -2426,6 +2426,9 @@ int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
 
     for( i = 0; i < nr; i++ )
     {
+        if( i == 0 && serial->p[i] == 0x0 )
+            continue;
+
         ret = snprintf( p, n, "%02X%s",
                 serial->p[i], ( i < nr - 1 ) ? ":" : "" );
         SAFE_SNPRINTF();
@@ -2589,7 +2592,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
                         const x509_crl *crl )
 {
     int ret;
-    size_t i, n, nr;
+    size_t n;
     char *p;
     const x509_crl_entry *entry;
 
@@ -2631,22 +2634,15 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
                                prefix );
         SAFE_SNPRINTF();
 
-        nr = ( entry->serial.len <= 32 )
-            ? entry->serial.len  : 32;
+        ret = x509parse_serial_gets( p, n, &entry->serial);
+        SAFE_SNPRINTF();
 
-        for( i = 0; i < nr; i++ )
-        {
-            ret = snprintf( p, n, "%02X%s",
-                    entry->serial.p[i], ( i < nr - 1 ) ? ":" : "" );
-            SAFE_SNPRINTF();
-        }
-        
         ret = snprintf( p, n, " revocation date: " \
                    "%04d-%02d-%02d %02d:%02d:%02d",
                    entry->revocation_date.year, entry->revocation_date.mon,
                    entry->revocation_date.day,  entry->revocation_date.hour,
                    entry->revocation_date.min,  entry->revocation_date.sec );
-    SAFE_SNPRINTF();
+        SAFE_SNPRINTF();
 
         entry = entry->next;
     }