gerv/WoSignSerialNumberTest.java

## WoSignSerialNumberTest.java
import java.math.BigInteger;
import java.security.SecureRandom;

class WoSignSerialNumberTest {
    public static void main(String[] args) {
        int[] nibbles = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};

		for (int i = 0; i < 100000; i++)
		{
            String serial = createSerialNumber();
            int topNibble = Integer.parseInt(serial.substring(0, 1), 16);
            nibbles[topNibble] = nibbles[topNibble] + 1;
		}

        for (int j = 0; j < 16; j++) {
            System.out.println(j + ": " + nibbles[j]);
        }
    }

    // This is the code supplied by WoSign, with added comments by gerv
    public static String createSerialNumber() {
        String serialString = "";

        while(true) {
            // gerv: generate a random number of 128 bits from SecureRandom
            BigInteger serialNumber = new BigInteger(128, new SecureRandom());
            // gerv: returns hex representation of 128-bit number, but doesn't pad
            serialString = serialNumber.toString(16);
            // gerv: Checks that number is 32 hex digits (so function produces no output which would start 0x0)
            if (serialString.length() == 32) {
                break;
            }
         }
         // gerv: commented out as there was no need to make this line work
         // logger.debug(" Generating 32 bits certificate sequence number: "+ serialString + "  len=" + serialString.length());
         return serialString.toUpperCase();
    }
}
	import java.math.BigInteger;
	import java.security.SecureRandom;

	class WoSignSerialNumberTest {
	public static void main(String[] args) {
	int[] nibbles = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};

	for (int i = 0; i < 100000; i++)
	{
	String serial = createSerialNumber();
	int topNibble = Integer.parseInt(serial.substring(0, 1), 16);
	nibbles[topNibble] = nibbles[topNibble] + 1;
	}

	for (int j = 0; j < 16; j++) {
	System.out.println(j + ": " + nibbles[j]);
	}
	}

	// This is the code supplied by WoSign, with added comments by gerv
	public static String createSerialNumber() {
	String serialString = "";

	while(true) {
	// gerv: generate a random number of 128 bits from SecureRandom
	BigInteger serialNumber = new BigInteger(128, new SecureRandom());
	// gerv: returns hex representation of 128-bit number, but doesn't pad
	serialString = serialNumber.toString(16);
	// gerv: Checks that number is 32 hex digits (so function produces no output which would start 0x0)
	if (serialString.length() == 32) {
	break;
	}
	}
	// gerv: commented out as there was no need to make this line work
	// logger.debug(" Generating 32 bits certificate sequence number: "+ serialString + " len=" + serialString.length());
	return serialString.toUpperCase();
	}
	}