Exponent 3 damage spreads...

[Peter Gutmann]

Simon Josefsson <jas at extundo.com> writes:

>Test vectors for this second problem are as below, created by Yutaka OIWA.

To make this easier to work with, I've combined them into a PKCS #7 cert chain
(attached).  Just load/click on the chain and see what your app says.

(As an aside, this chain is invalid for an entirely unrelated reason, so no
standards-compliant PKI application should validate this chain even if the
signature did check out.  I wonder how many current apps will detect this?
See, you don't even need PKCS #1 padding tricks to fool a PKI app... :-).

Peter.

[2. application/octet-stream; bad_chain.der]...

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com