I am not familar with ASN.1, or any of the specifice of which the rsa key is generated. It just seemed as it should not be so. What is the ASN.1 encoding, and how is it used?
On 8/9/07, Marek Marcola <[EMAIL PROTECTED]> wrote: > Hello, > > Looks like this may be the issue, a flaw in the key generation algorithm. > > https://www.kb.cert.org/vuls/id/724968 > Probably not, this is flow in Montgomery multiplication which is used > in modular exponentation. Of course modular exponentation is used > in key generation process in p,q prime test (Miller-Rabin) > but this simply looks like ASN.1 encoding: > > $ echo MIIBOQIB | openssl base64 -d | hexdump -C > 00000000 30 82 01 39 02 01 |0..9..| > 00000006 > > or (with some dirty hack) we may try to decode this 6 bytes: > > $ echo MIIBOQIB | (openssl base64 -d; dd if=/dev/urandom bs=1 > count=2000) | openssl asn1parse -inform der > 2000+0 records in > 2000+0 records out > 0:d=0 hl=4 l= 313 cons: SEQUENCE > 4:d=1 hl=2 l= 1 prim: INTEGER :2C > Error in encoding > 18407:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too > long:asn1_lib.c:140: > > > > Best regards, > -- > Marek Marcola <[EMAIL PROTECTED]> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
