Closed
Description
Code in src/fileformat/file_format/pe/authenticode/x509_certificate.cpp and method getSerialNumber parses serial number by converting it to OpenSSL's BIGNUM. However there are discrepancies between BIGNUM representation (which usually strips leading zeroes) and the full octet representation taken out of DER encoded serial number.
We would like to make this serial compatible with other tools in the industry like YARA. The point of this ticket is to make this compatible with the way YARA parses the serial numbers.