Hi, Platform: OpenSSL 0.9.6b (9 Jul 2001), compiled with Cygwin on a NT4sp6a.
I was basically testing whether the MD4 signatures still work
(yes, I do know that MD4 is broken and should not be used anymore).
I created a self-signed cert:
openssl genrsa > poop.key
openssl req -md4 -new -key poop.key > poop.req
openssl x509 -md4 -in poop.req -out poop.cer -req -signkey poop.key
A broken cert was produced (attached). No warning messages are produced.
The same thing works when md4 is replaced with md5.
dumpasn1 output:
[..]
45: : }
46: 187 30 5: SEQUENCE {
47: 189 06 1: OBJECT IDENTIFIER '0 0'
^^^^^ null OID !
should probably be md4withRSAEncryption (1 2 840 113549 1 1 3)
48: 192 05 0: NULL
49: : }
50: 194 03 65: BIT STRING 0 unused bits
51: : B0 16 DA 6F 2B 5E C1 CB 59 91 22 86 61 59 46 DE
[..]
Cheers,
- mjos
poop.cer
Description: Binary data
