> From: Ralf-Philipp Weinmann > [mailto:[EMAIL PROTECTED] [...] > Unfortunately we only found out that there has been prior art > by Yutaka Oiwa et al. *AFTER* we successfully forged a > certificate using this method (we being Andrei Pyshkin, Erik > Tews and myself). > > The certificate we forged however adheres to the padding > specifications unlike the one by Yutaka Oiwa that Simon > Josefsson forwarded to the list a couple of days ago: > > -----BEGIN CERTIFICATE----- > MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl > MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp > U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw > ODE5MTY1MTMwWhcNMDYxMDE4MTY1MTMwWjARMQ8wDQYDVQQDEwZIYWNrZXIwgZ8w > DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKSu6ChWttBsOpaBrYf4PzyCGNe6DuE7 > rmq4CMskdz8uiAJ3wVd8jGsjdeY4YzoXSVp+9mEF6XqNgyDf8Ub3kNgPYxvJ28lg > QVpd5RdGWXHo14LWBTD1mtFkCiAhVlATsVNI/tjv2tv7Jp8EsylbDHe7hslA0rns > Rr2cS9bvpM03AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEF > BQADggEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADLL/Up63HkFWD15INcW > Xd1nZGI+gO/whm58ICyJ1Js7ON6N4NyBTwe8513CvdOlOdG/Ctmy2gxEE47HhEed > ST8AUooI0ey599t84P20gGRuOYIjr7c= > -----END CERTIFICATE----- > > Broken implementations can successfully verify it using the > Starfield Class 2 Certification Authority: >
I tried to parse and verify this certificate using openssl's asn1parse command. However, I get an error: Error in encoding 7469:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: I am using openssl version 0.9.8c as of Sep 05, 2006 (Linux/Debian system). Any ideas what I am doing wrong? Cheers, Ulrich --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
