Re: SSL Forgery Bug

[Wei Dai]

Crypto++ is not vulnerable to this attack, because during PKCS v1.5 signature verification (and with any other message encoding scheme for signing that is deterministic), it re-encodes and compares the entire message representative, instead of trying to decode it and extract out the message digest.   In general, US-CERT informs me of attacks that might affect Crypto++, and I'm given an opportunity to submit a vendor statement that is then listed in its vulnerability notes database, and you can check them through their website. For example, the vulnerability note for this issue is at http://www.kb.cert.org/vuls/id/845620. ----- Original Message ----- From: charles hacker To: cryptopp-list@eskimo.com Sent: Tuesday, September 26, 2006 8:35 AM Subject: SSL Forgery Bug Is this issue present in cryptopp?  In general, how are these advisories coordinated into cryptopp? http://www.openssl.org/news/secadv_20060905.txt