[PATCH] (was: Re: apparent bug: md4 signatures)

Wed, 10 Oct 2001 12:05:29 -0700 

Dear openssl team,

please consider to accept a patch attached. It works for me.

Basically, it defines md4WithRSAEncryption object and use this NID
to update md_md4 structure.

regards,
Vadim

On Tue, 9 Oct 2001 [EMAIL PROTECTED] wrote:

> Hi,
>
>   Platform: OpenSSL 0.9.6b (9 Jul 2001), compiled with Cygwin on a NT4sp6a.
>
>   I was basically testing whether the MD4 signatures still work
>   (yes, I do know that MD4 is broken and should not be used anymore).
>
>   I created a self-signed cert:
>
>       openssl genrsa > poop.key
>       openssl req -md4 -new -key poop.key > poop.req
>       openssl x509 -md4 -in poop.req -out poop.cer -req -signkey poop.key
>
>   A broken cert was produced (attached). No warning messages are produced.
>   The same thing works when md4 is replaced with md5.
>
>   dumpasn1 output:
>   [..]
>   45:            :     }
>   46: 187 30    5:   SEQUENCE {
>   47: 189 06    1:     OBJECT IDENTIFIER '0 0'
>                                          ^^^^^ null OID !
>           should probably be md4withRSAEncryption (1 2 840 113549 1 1 3)
>   48: 192 05    0:     NULL
>   49:            :     }
>   50: 194 03   65:   BIT STRING 0 unused bits
>   51:            :     B0 16 DA 6F 2B 5E C1 CB 59 91 22 86 61 59 46 DE
>   [..]
>
> Cheers,
> - mjos
>
>
>

Index: apps/req.c
===================================================================
RCS file: /usr/local/cvs/openssl/openssl/apps/req.c,v
retrieving revision 1.83
diff -r1.83 req.c
423c423
<               BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, 
md2, mdc2)\n");
---
>               BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, 
>md2, mdc2, md4)\n");
Index: crypto/evp/m_md4.c
===================================================================
RCS file: /usr/local/cvs/openssl/openssl/crypto/evp/m_md4.c,v
retrieving revision 1.7
diff -r1.7 m_md4.c
79c79
<       0,
---
>       NID_md4WithRSAEncryption,
Index: crypto/objects/objects.txt
===================================================================
RCS file: /usr/local/cvs/openssl/openssl/crypto/objects/objects.txt,v
retrieving revision 1.15
diff -r1.15 objects.txt
56a57
> pkcs1 3                       : RSA-MD4               : md4WithRSAEncryption
Index: crypto/objects/obj_mac.num
===================================================================
RCS file: /usr/local/cvs/openssl/openssl/crypto/objects/obj_mac.num,v
retrieving revision 1.11
diff -r1.11 obj_mac.num
492a493
> md4WithRSAEncryption          493

Reply via email to