Real World Exploit for Bleichenbachers Attack on SSL fromCrypto'06 working
Erik Tews
e_tews at cdc.informatik.tu-darmstadt.de
Fri Sep 15 02:02:12 EDT 2006
Am Donnerstag, den 14.09.2006, 22:23 -0700 schrieb Tolga Acar:
> You need to have one zero octet after bunch of FFs and before DER encoded
> has blob in order to have a proper PKCS#1v1.5 signature encoding.
>
> Based on what you say below, "I used this cert and my key to sign an
> end-entity certificate which I used to set up an webserver", it appears that
> implementations you used don't check for this one zero octet, either.
Yes, I have, I counted this to the ASN1DataWithHash part. I did not
theck if it works without.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20060915/3f880322/attachment.pgp>
More information about the cryptography
mailing list