Pico2 Serial Number Too Long (10 Digits Instead of max 9) #149

New Issue

Closed

opened 2025-05-09 16:08:55 +08:00 by Raito00 · 5 comments

Raito00 commented 2025-05-09 16:08:55 +08:00 (Migrated from github.com)

Copy Link

Hello!
When flashing firmware (e.g. Pico-FIDO) to some Raspberry Pi Pico2 devices, the generated serial number is 10 digits long. This causes compatibility issues with software that expects a maximum of 9-digit serial numbers. (Original Yubikey have 8 digit serial) For example, one such integration with YubiKey fails due to this constraint.

I’ve observed the same problem across multiple software systems that enforce a 9-digit serial number limit. This issue appears only with some Pico2 boards after flashing.

Request:
Is it possible to set or force a 9-digit serial number during firmware flashing or at compile time to maintain compatibility?

Hello! When flashing firmware (e.g. Pico-FIDO) to some Raspberry Pi Pico2 devices, the generated serial number is 10 digits long. This causes compatibility issues with software that expects a maximum of 9-digit serial numbers. (Original Yubikey have 8 digit serial) For example, one such integration with YubiKey fails due to this constraint. I’ve observed the same problem across multiple software systems that enforce a 9-digit serial number limit. This issue appears only with some Pico2 boards after flashing. Request: Is it possible to set or force a 9-digit serial number during firmware flashing or at compile time to maintain compatibility?

polhenarejos commented 2025-05-11 00:17:54 +08:00 (Migrated from github.com)

Copy Link

Related with #135

Related with #135

Raito00 commented 2025-05-13 00:32:05 +08:00 (Migrated from github.com)

Copy Link

The core issue here stems from the fact that many software systems, particularly those integrating with identity or authentication frameworks like LDAP, enforce a 9-digit limit on serial numbers. This is primarily due to the use of a 32-bit signed integer for storing serial numbers in directories such as LDAP, which has an upper limit of 2,147,483,647. Once a serial number exceeds this limit—or even approaches 10 digits—it risks overflowing or causing validation failures within these systems.

Original YubiKeys and similar devices typically generate 8-digit serials to stay well within this boundary. However, some Raspberry Pi Pico2 boards appear to generate 10-digit serial numbers when flashing firmware like Pico-FIDO, which leads to incompatibility with software systems expecting values ≤ 9 digits.

Request Consideration:
To maintain compatibility, particularly with systems enforcing 32-bit integer constraints, it would be ideal if the firmware could:

Generate a serial number no longer than 9 digits. (10 digits but cant exceed 2147483647 )

Thank you for your support and great work on Pico-FIDO!

The core issue here stems from the fact that many software systems, particularly those integrating with identity or authentication frameworks like LDAP, enforce a 9-digit limit on serial numbers. This is primarily due to the use of a 32-bit signed integer for storing serial numbers in directories such as LDAP, which has an upper limit of 2,147,483,647. Once a serial number exceeds this limit—or even approaches 10 digits—it risks overflowing or causing validation failures within these systems. Original YubiKeys and similar devices typically generate 8-digit serials to stay well within this boundary. However, some Raspberry Pi Pico2 boards appear to generate 10-digit serial numbers when flashing firmware like Pico-FIDO, which leads to incompatibility with software systems expecting values ≤ 9 digits. Request Consideration: To maintain compatibility, particularly with systems enforcing 32-bit integer constraints, it would be ideal if the firmware could: Generate a serial number no longer than 9 digits. (10 digits but cant exceed 2147483647 ) Thank you for your support and great work on Pico-FIDO!

Raito00 commented 2025-05-26 15:43:00 +08:00 (Migrated from github.com)

Copy Link

The same problem also on ESP32 S3 Mini

The same problem also on ESP32 S3 Mini

polhenarejos commented 2025-05-26 15:52:15 +08:00 (Migrated from github.com)

Copy Link

It has been fixed in the development branch.

It has been fixed in the development branch.

Raito00 commented 2025-05-26 16:03:30 +08:00 (Migrated from github.com)

Copy Link

Tested development branch - all OK
now ldap recognize Pico-Fido

Thanks!

Tested development branch - all OK now ldap recognize Pico-Fido Thanks!

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

development

nightly-development

nightly-main

v7.4

v7.2

v7.0-eddsa

v7.0

v6.6

v6.4-eddsa1

v6.4

v6.2

v6.0-eddsa1

v6.0

v5.12-eddsa1

v5.12

nightly-stable

v5.10

v5.8-eddsa1

v5.8

v5.6-eddsa1

v5.6

v5.4

v3.0

v2.10

v2.8

v2.6

v2.4

v2.2

v2.0

v1.2

v1.0

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

dearsky

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dearsky/pico-fido#149