Pawe� Krawczyk wrote:
>
> Hello,
>
> Recently on Polish conference about network security one person
> from the audience has showed me something which I don't quite
> understand. The following is commented record of my shell session
> with a certificate generated with MS Outlook 97 certificate manager,
> the same results were obtained with MS Exchange Key Manager.
>
> I have received the certificate with email and saved it to file
> kurs10.cer, which is PEM certificate. First I dump its contents:
>
> bash-2.03$ /usr/bin/openssl x509 -in kurs10.cer -text -noout
> Certificate:
> Data:
> Version: 1 (0x0)
> Serial Number: 932714537 (0x37981829)
> Signature Algorithm: md5WithRSA
> Issuer: C=PL, O=oi-wbd
> Validity
> Not Before: Jun 13 09:54:03 2000
> Not After : Dec 14 09:54:03 2001
> Subject: CN=kurs10, CN=recipients, OU=oi-wbd, O=oi-wbd
> Subject Public Key Info:
> Public Key Algorithm: rsaEncryption
> RSA Public Key: (510 bit)
> Modulus (510 bit):
> 20:55:5f:0b:f3:5c:7a:c1:96:bd:36:72:53:c0:ed:
> a8:b5:24:af:34:d9:c0:66:1f:56:dd:ee:99:32:e1:
> 6a:63:cb:10:43:99:7b:20:1c:08:c3:9d:09:4f:82:
> df:01:76:c4:ad:7b:90:22:de:1f:66:3e:78:5e:1c:
> 01:e4:eb:3d
> Exponent: 65537 (0x10001)
> Signature Algorithm: md5WithRSA
> 85:30:cd:a1:30:19:95:42:f7:c7:1d:f8:1b:bf:0e:c6:2f:f5:
> 80:05:ed:04:07:3c:34:96:c8:04:60:3a:a3:33:90:65:c9:50:
> 27:c1:4f:73:16:63:c8:ab:e6:91:71:4a:7a:09:88:e0:ad:3a:
> 2a:84:f9:43:0f:bf:ef:2d:46:1c
>
> Why are there only 510 bits of the key?
Presumably they don't ensure that the top bit is set, so there's a 1 in
4 (ish) chance that the first two bits are zero.
> Another key I've tried, generated with MS Exchange KM was 511 bits long.
>
> Anyway, I then extract the modulus:
>
> bash-2.03$ /usr/bin/openssl x509 -inform PEM -in kurs10.cer -modulus -noout
> Modulus=20555F0BF35C7AC196BD367253C0EDA8B524AF34D9C0661F56DDEE9932E16A63CB104399
> 7B201C08C39D094F82DF0176C4AD7B9022DE1F663E785E1C01E4EB3D
>
> And try to factorize it with `factorize' program from GMP-3.0.1 library:
>
> bash-2.03$ ./factorize
>0x20555F0BF35C7AC196BD367253C0EDA8B524AF34D9C0661F56DDEE9932E16A63CB1043997B201C08C39D094F82DF0176C4AD7B9022DE1F663E785E1C01E4EB3D
> 3 5 57241 210729581 12383993^C
>
> After finding a few first components (3 5 ...) the program is still
> working and I've stopped it. Shouldn't the modulus consist only of
> two primes?
It should!
> Could anyone explain what's wrong either with my methodology or with
> the certificate?
It was generated by MS?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
