[openssl-users] openssl rsa -check
Paul Yang
paulyang.inf at gmail.com
Fri Jul 28 16:21:02 UTC 2017
Hmmm, it’s a bug introduced by the use of RSA_check_key_ex function. Thanks for reporting.
> On 28 Jul 2017, at 19:16, Georg Höllrigl <georg.hoellrigl at gmx.at> wrote:
>
> Hello,
>
> I think there is something broken with verifying the Private Key with "openssl rsa -check" like it was described in https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html <https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html>
>
> I tried to implement better checking in a script that tells me if a key matches a certificate or certificate request.
>
> To reproduce, get the fake private key from https://github.com/hannob/tlshelpers/blob/master/examples/symantec.key <https://github.com/hannob/tlshelpers/blob/master/examples/symantec.key>
>
> Verify the key with openssl 1.0.1e-fips or 1.0.2h:
> $OPENSSL rsa -in symantec-broken.key -check -noout
> RSA key error: n does not equal p q
>
> Verify the key with openssl 1.1.0c or 1.1.0f (gives no output)
> $OPENSSL rsa -in symantec-broken.key -check -noout
>
>
> I would expect 1.1.0 to report the faked key in some way.
> Even the returnvalue for openssl returns with a 0 no matter if used a legimate key or a faked key.
>
>
>
> Kind Regards,
> Georg
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170729/d320aefa/attachment-0001.html>
More information about the openssl-users
mailing list