Hi,
A number can't be "bad" by itself. It is just a carrier of protocol
information during the mathematical computations. What really matters is
the sequence of bytes used by that protocol. This is why a "bad format"
error is returned.
Concerning PyCrypto, it doesn't use OpenSSL at all : fo
hi,
On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote:
> Hi,
>
> Signature verification is done through a modular exponentiation
> (using public exponent and modulus) that always leads to a result
> even fur a bogus RSA modulus.
> This result is checked against the PKCS#1 padding f
Hi,
Signature verification is done through a modular exponentiation (using
public exponent and modulus) that always leads to a result even fur a
bogus RSA modulus.
This result is checked against the PKCS#1 padding format. Since the RSA
private key is invalid, the output of this exponentiation
is the certificate at http://marc.info/?l=openssl-dev&m=128118163216952&w=2
(with the malformed key) *syntactically* correct modulo the bad self signature?
with 1.0.0a
~/local/bin/openssl verify -check_ss_sig -CAfile /tmp/CA-P.cert /tmp/CA-P.cert
/tmp/CA-P.cert: CN = CA
error 7 at 0 depth looku
Hi,
You are right : there is a double free bug in the function
*ssl3_get_key_exchange* which leads to crash if an error occurs.
The bug is in line 1510 of s3_clnt.c where we forget to set the variable
bn_ctx to NULL after freeing it and this leads to the double free error
when BN_CTX_free is
i was pointing out this:
~/local/bin/openssl s_client -connect localhost:
depth=0 CN = CA
verify return:1
*** glibc detected *** /home/build/local/bin/openssl: double free or
corruption (fasttop): 0x00979300 ***
the glibc message means that the current heap operation is on invalid
po
On Sun, Aug 08, 2010 at 02:46:33AM +0200, Mounir IDRASSI wrote:
> Hi,
>
hi,
10x for your reply.
i have no complaints about the openssl key generation process for rsa
keys of this size. and don't expect vanilla openssl to do correct math
with this key.
> I checked the parameters of your 4008
Hi,
I checked the parameters of your 4008 bits key and it is indeed invalid
(q is not prime).
How did you generate it? It would be surprising if it was done through
OpenSSL.
Anyway, you must generate a new RSA key.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/7/2010 1:21 PM, Georgi Guni
openssl-1.0.0a on ubuntu, debian and arch.
attached a private key and a cert.
~/local/bin/openssl s_server -www -accept -cert /tmp/CA.cert -key
/tmp/CA.key
~/local/bin/openssl s_client -connect localhost:
depth=0 CN = CA
verify return:1
*** glibc detected *** /home/build/local/bin/ope