On Thu, Jan 26, 2006, Joe Gluck wrote: > That attack is interesting, how can that be done, (sorry for bothering you > :-) ) >
If you don't check the parameters its is possible with some algorithms to generate a key pair with a given public key component using a carefully derived set of parameters. Basically it leaves security wide open. > But cutting down the X509_cmp will not work because the memcmp > compares the hash which if I will cut out the X509_check_purpose lines > will not make any sense. > Obviously you'd call X509_check_purpose() once when the certificate is loaded. > But I think the best idea is to compare the entire text of the entire > certificate (The text as I get in a PEM format before loading it into > the X509 object. it is faster than hashing the same size and comparing > the hash. > But slower than comparing a cached cache. The actual overhead of hashing the certificate once when it is initially loaded is pretty tiny compared to some of the other things that already happen. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]