From 4f3651b63df84455759425f853434ef0d80c438c Mon Sep 17 00:00:00 2001
From: Richard Ramos <info@richardramos.me>
Date: Thu, 6 Feb 2025 18:51:23 -0400
Subject: [PATCH] fix: add serial number to certificate

---
 libp2p/transports/tls/certificate.nim | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/libp2p/transports/tls/certificate.nim b/libp2p/transports/tls/certificate.nim
index e7bf9ab366..c79e719c92 100644
--- a/libp2p/transports/tls/certificate.nim
+++ b/libp2p/transports/tls/certificate.nim
@@ -374,6 +374,18 @@ proc generate*(
   # Set the MD algorithm
   mbedtls_x509write_crt_set_md_alg(addr crt, SIGNATURE_ALG)
 
+  # Generate a random serial number
+  const SERIAL_LEN = 20
+  var serialBuffer: array[SERIAL_LEN, byte]
+  ret = mbedtls_ctr_drbg_random(addr ctrDrbg, addr serialBuffer[0], SERIAL_LEN);
+  if ret != 0:
+    raise newException(CertificateCreationError, "Failed to generate serial number")
+
+  # Set the serial number
+  ret = mbedtls_x509write_crt_set_serial_raw(addr crt, addr serialBuffer[0], SERIAL_LEN);
+  if ret != 0:
+    raise newException(CertificateCreationError, "Failed to set serial number")
+
   # Prepare Buffer for Certificate Serialization
   const CERT_BUFFER_SIZE = 4096
   var