[cryptography] Re: Why the exponent 3 error happened:
Kuehn, Ulrich
Ulrich.Kuehn at telekom.de
Wed Sep 20 09:10:05 EDT 2006
> From: Ralf-Philipp Weinmann
> [mailto:weinmann at cdc.informatik.tu-darmstadt.de]
[...]
> Unfortunately we only found out that there has been prior art
> by Yutaka Oiwa et al. *AFTER* we successfully forged a
> certificate using this method (we being Andrei Pyshkin, Erik
> Tews and myself).
>
> The certificate we forged however adheres to the padding
> specifications unlike the one by Yutaka Oiwa that Simon
> Josefsson forwarded to the list a couple of days ago:
>
> -----BEGIN CERTIFICATE-----
> MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
> MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
> U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw
> ODE5MTY1MTMwWhcNMDYxMDE4MTY1MTMwWjARMQ8wDQYDVQQDEwZIYWNrZXIwgZ8w
> DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKSu6ChWttBsOpaBrYf4PzyCGNe6DuE7
> rmq4CMskdz8uiAJ3wVd8jGsjdeY4YzoXSVp+9mEF6XqNgyDf8Ub3kNgPYxvJ28lg
> QVpd5RdGWXHo14LWBTD1mtFkCiAhVlATsVNI/tjv2tv7Jp8EsylbDHe7hslA0rns
> Rr2cS9bvpM03AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEF
> BQADggEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADLL/Up63HkFWD15INcW
> Xd1nZGI+gO/whm58ICyJ1Js7ON6N4NyBTwe8513CvdOlOdG/Ctmy2gxEE47HhEed
> ST8AUooI0ey599t84P20gGRuOYIjr7c=
> -----END CERTIFICATE-----
>
> Broken implementations can successfully verify it using the
> Starfield Class 2 Certification Authority:
>
I tried to parse and verify this certificate using openssl's asn1parse command. However, I get an error:
Error in encoding
7469:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150:
I am using openssl version 0.9.8c as of Sep 05, 2006 (Linux/Debian system).
Any ideas what I am doing wrong?
Cheers,
Ulrich
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list