openssl-1.0.0a on ubuntu, debian and arch.
attached a private key and a cert.
~/local/bin/openssl s_server -www -accept -cert /tmp/CA.cert -key
/tmp/CA.key
~/local/bin/openssl s_client -connect localhost:
depth=0 CN = CA
verify return:1
*** glibc detected *** /home/build/local/bin/ope
ir IDRASSI
> IDRIX
> http://www.idrix.fr
>
> On 8/7/2010 1:21 PM, Georgi Guninski wrote:
> >openssl-1.0.0a on ubuntu, debian and arch.
> >attached a private key and a cert.
> >
> >~/local/bin/openssl s_server -www -accept -cert /tmp/CA.cert -key
> >/tmp/CA
pointer. the testcase crashed browser links on arch linux too (when
trying to connect to s_server -www).
btw, it seems *important* to use |s_server| from *1.0.0a*
On Sat, Aug 07, 2010 at 02:21:09PM +0300, Georgi Guninski wrote:
> openssl-1.0.0a on ubuntu, debian and arch.
> attached a priva
is the certificate at http://marc.info/?l=openssl-dev&m=128118163216952&w=2
(with the malformed key) *syntactically* correct modulo the bad self signature?
with 1.0.0a
~/local/bin/openssl verify -check_ss_sig -CAfile /tmp/CA-P.cert /tmp/CA-P.cert
/tmp/CA-P.cert: CN = CA
error 7 at 0 depth looku
hi,
On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote:
> Hi,
>
> Signature verification is done through a modular exponentiation
> (using public exponent and modulus) that always leads to a result
> even fur a bogus RSA modulus.
> This result is checked against the PKCS#1 padding f
inconsistent timings for rsa sign/verify with 100K bit rsa keys.
using pycrypto i generated two valid 100 000 bit rsa keys with the same modulus:
key1: log(n)=100K, e=2^16-1,d=BIG
key2: log(n)=100K, e=BIG, d=BIG
(note key1 and key2 share the same modulus)
recompiled openssl with increased parame
On Mon, Aug 30, 2010 at 05:34:49PM +0200, Mounir IDRASSI wrote:
> So, the modular exponentiation with the public exponent of key2 is 4
> times slower that the signing operation of key1 and it should cost 4
> x 5 min = 20 min which is very close to the 21 min you actually
> obtained.
>
> Does this