From b2454450ce7cd7d9628c321e20f6ed74b73beeba Mon Sep 17 00:00:00 2001
From: Damyan Mitev <damyan.mitev@vereign.com>
Date: Mon, 25 Nov 2019 09:51:27 +0200
Subject: [PATCH] fix certificate serial number generation (again)

---
 javascript/src/utilities/signingUtilities.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/javascript/src/utilities/signingUtilities.js b/javascript/src/utilities/signingUtilities.js
index 3ecb0fd..00d0854 100644
--- a/javascript/src/utilities/signingUtilities.js
+++ b/javascript/src/utilities/signingUtilities.js
@@ -435,6 +435,11 @@ function createCertificate(certData, issuerData = null) {
       const serialNumberView = new Uint8Array(serialNumberBuffer);
       pkijs.getRandomValues(serialNumberView);
       serialNumberView[0] &= 0x7f;
+      while (serialNumberView[0] === 0 && (serialNumberView[1] & 0x80) === 0) {
+        const firstBytesView = new Uint8Array(serialNumberBuffer, 0, 2);
+        pkijs.getRandomValues(firstBytesView);
+        firstBytesView[0] &= 0x7f;
+      }
       // noinspection JSUnresolvedFunction
       certificate.serialNumber = new asn1js.Integer({
         valueHex: serialNumberView
-- 
GitLab