Dear all, Bleichenbacher's attack shows that it was possible to forge a PKCS #1 v1.5 signature signed by a key using exponent 3.
Unfortunately the implementation of the OpenSSL command openssl genrsa ... allows only to create keys with exponent 3 or F4. Nevertheless the new RSA key generation routine RSA_generate_key_ex available in 0.9.8 works already with arbitrary exponents. The included minor patch of apps/genrsa.c adds a new option for exponent selection to the genrsa command. Because OpenSSL version 0.9.7 doesn't use RSA_generate_key_ex with exponents BIGNUM but unsigned long, this patch is applicable to version 0.9.8++ only. Regards, Ann -- Annie Yousar at egbg dot de ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]