GitLab

X.509 serial numbers should be a positive numbers according to the spec.
However, certificates have been issued with negative serial numbers. Negative
serial numbers are indicated with a most-significant bit of one. Positive
numbers which would have a MSB of 1 have a zero byte prepended to avoid the
ambiguity.

Previously we removing leading zero bytes because we were only matching against
a blacklist of serial numbers, none of which were negative.

This change moves the handling of serial numbers to the place where they are
used, rather than where they are parsed.

BUG=none
TEST=none


Review URL: http://codereview.chromium.org/8381017

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107956 0039d316-1c4b-4281-b951-d872f2087c98