[43453] in cryptography@c2.net mail archive
Re: Exponent 3 damage spreads...
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Sep 15 13:12:27 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: jas@extundo.com, josteitv@pvv.ntnu.no
Cc: cryptography@metzdowd.com
In-Reply-To: <87y7spb0xf.fsf@latte.josefsson.org>
Date: Sat, 16 Sep 2006 00:44:47 +1200
Simon Josefsson <jas@extundo.com> writes:
>Test vectors for this second problem are as below, created by Yutaka OIWA.
To make this easier to work with, I've combined them into a PKCS #7 cert chain
(attached). Just load/click on the chain and see what your app says.
(As an aside, this chain is invalid for an entirely unrelated reason, so no
standards-compliant PKI application should validate this chain even if the
signature did check out. I wonder how many current apps will detect this?
See, you don't even need PKCS #1 padding tricks to fool a PKI app... :-).
Peter.
[2. application/octet-stream; bad_chain.der]...
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com