0

I'm trying to decode the serial number of a X.509 certificate, I opened with win32crypt in Python (http://timgolden.me.uk/pywin32-docs/PyCERT_CONTEXT.html) 

import win32crypt
import sys

# lpszStoreProvider
CERT_STORE_PROV_SYSTEM = 0x0000000A

# dwFlags
CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x00020000    

def main(*argv):
    store = win32crypt.CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, None, CERT_SYSTEM_STORE_LOCAL_MACHINE, "MY")
    for cert in store.CertEnumCertificatesInStore():
        print("1 Cert: " + str(cert))
        print("2 CertEnumCertificateContextProperties: " + str(cert.CertEnumCertificateContextProperties()))
        print("3 cert.Subject: " + win32crypt.CertNameToStr(cert.Subject))
        print("4 SerialNumber: " + str(cert.SerialNumber))



if __name__ == "__main__":
    print("Python {0:s} {1:d}bit on {2:s}\n".format(" ".join(item.strip() for item in sys.version.split("\n")), 64 if sys.maxsize > 0x100000000 else 32, sys.platform))
    main(*sys.argv[1:])
    print("\nDone.")

The representation in memory is as follows:

SerialNumber = b'\x07\x00\x00\x00\x00\x00\xc3o\x0c\xfbK\xf8\xdf\xbe\x07\x00\x00\x00*'

enter image description here

I just can't figure out, what kind of encoding is used and howto decode?!

Edit: (..the bytes into the correct serial number: 2a00000007bedff84bfb0c6fc3000000000007)

sewe
  • 53
  • 7
  • `b` prefix is an identifier of [`bytes`](https://docs.python.org/3/library/stdtypes.html#bytes). – Olvin Roght Apr 15 '20 at 15:00
  • ...so far no surprise. I'm wondering about the meaning of the bytes. The actual serial number of the certificate is: 2a00000007bedff84bfb0c6fc3000000000007 So how can i decode the bytes into the corresponding serial number? – sewe Apr 16 '20 at 05:24
  • ... numbers are stored in little endian byte order, so you need just covert bytes to int. – Olvin Roght Apr 16 '20 at 07:12

1 Answers1

0

Answer: decoded = int.from_bytes(cert.SerialNumber,"little")

sewe
  • 53
  • 7