openssl accepts DSA (and probably DH) keys with g=1 (or g= -1). Both are extremely weak, in practice plaintext. g=1 works all the time g= -1 works about half the time in DSA (on vanilla openssl). Is there a MITM implication in this, e.g. can a MITM convince both parties that g=1 -- in this case the private keys won't matter in DH. Attached are certs. $ openssl x509 -text -in certg=1.pem G: 1 (0x1) #server $openssl s_server -accept 8888 -cert ./certg=1.pem -key certg=1.key -CAfile ./cacert.pem -www #client $ openssl s_client -connect localhost:8888 -showcerts -CAfile cacert.pem Verify return code: 0 (ok) -- blog: https://j.ludost.net/blog
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e9:fd:3b:43:46:e2:a6:48
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, ST=Some-State, O=RSA1, CN=RSA1
Validity
Not Before: Apr 10 08:25:31 2014 GMT
Not After : Apr 9 08:25:31 2017 GMT
Subject: C=AU, ST=Some-State, O=RSA1, CN=RSA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ee:7f:6d:8e:01:58:23:68:80:85:dc:a5:e0:0c:
39:ae:16:20:84:af:67:ee:5f:f7:f7:f2:57:e3:b1:
a3:ef:d5:f1:2e:9f:46:d7:c0:9e:8f:bd:94:56:d2:
74:2a:f7:e1:c0:a2:cf:5c:62:22:81:f2:8c:ca:1f:
e2:73:13:d7:dd:19:be:79:ab:5b:fe:fa:f8:7e:46:
b4:14:4a:08:b2:25:50:fa:e2:2f:67:b1:69:73:58:
51:9f:08:98:69:61:f1:4f:8f:95:3e:7c:bf:cf:79:
94:04:9e:d5:ff:ad:cd:6a:b1:66:7a:49:43:1c:67:
f0:d0:34:9d:ba:6c:b9:d4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A6:21:7F:E8:4A:10:56:1B:4E:7E:13:33:FE:7A:FE:23:30:B1:3F
X509v3 Authority Key Identifier:
keyid:AD:A6:21:7F:E8:4A:10:56:1B:4E:7E:13:33:FE:7A:FE:23:30:B1:3F
DirName:/C=AU/ST=Some-State/O=RSA1/CN=RSA1
serial:E9:FD:3B:43:46:E2:A6:48
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
82:8c:61:fe:97:bb:5f:fd:85:33:de:63:5b:2f:19:14:27:46:
e5:06:a6:23:f4:fd:7a:bc:b3:be:ca:2a:e3:b3:e9:56:76:48:
ef:0c:d8:ac:24:77:5a:37:35:b3:ab:28:21:a6:93:1c:cb:e3:
99:90:0f:0c:04:36:a2:4a:8a:d8:12:0f:12:9d:d5:25:0f:06:
0c:c9:b0:9d:50:19:89:fc:f8:38:69:d5:4a:58:3c:74:34:11:
8e:c5:23:8a:19:5b:e6:ed:65:36:4e:f0:38:91:4f:5c:25:e0:
13:48:87:d4:32:6c:29:4f:b7:d9:d6:5a:ef:e3:f0:9d:aa:7c:
73:c8
-----BEGIN CERTIFICATE-----
MIICoTCCAgqgAwIBAgIJAOn9O0NG4qZIMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ0wCwYDVQQKEwRSU0ExMQ0wCwYD
VQQDEwRSU0ExMB4XDTE0MDQxMDA4MjUzMVoXDTE3MDQwOTA4MjUzMVowQDELMAkG
A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxDTALBgNVBAoTBFJTQTExDTAL
BgNVBAMTBFJTQTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO5/bY4BWCNo
gIXcpeAMOa4WIISvZ+5f9/fyV+Oxo+/V8S6fRtfAno+9lFbSdCr34cCiz1xiIoHy
jMof4nMT190ZvnmrW/76+H5GtBRKCLIlUPriL2exaXNYUZ8ImGlh8U+PlT58v895
lASe1f+tzWqxZnpJQxxn8NA0nbpsudShAgMBAAGjgaIwgZ8wHQYDVR0OBBYEFK2m
IX/oShBWG05+EzP+ev4jMLE/MHAGA1UdIwRpMGeAFK2mIX/oShBWG05+EzP+ev4j
MLE/oUSkQjBAMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTENMAsG
A1UEChMEUlNBMTENMAsGA1UEAxMEUlNBMYIJAOn9O0NG4qZIMAwGA1UdEwQFMAMB
Af8wDQYJKoZIhvcNAQEFBQADgYEAgoxh/pe7X/2FM95jWy8ZFCdG5QamI/T9eryz
vsoq47PpVnZI7wzYrCR3Wjc1s6soIaaTHMvjmZAPDAQ2okqK2BIPEp3VJQ8GDMmw
nVAZifz4OGnVSlg8dDQRjsUjihlb5u1lNk7wOJFPXCXgE0iH1DJsKU+32dZa7+Pw
nap8c8g=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e9:fd:3b:43:46:e2:a6:49
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, ST=Some-State, O=RSA1, CN=RSA1
Validity
Not Before: Apr 10 08:27:36 2014 GMT
Not After : Apr 10 08:27:36 2015 GMT
Subject: C=AU, ST=Some-State, O=g=1, CN=localhost
Subject Public Key Info:
Public Key Algorithm: dsaEncryption
DSA Public Key:
pub: 1 (0x1)
P:
00:fe:35:fb:2a:58:31:e4:75:5c:5a:5a:a8:1f:ca:
32:a3:d6:8e:fd:7a:87:84:ea:18:56:cf:13:94:3f:
a5:09:28:d0:e4:f3:0a:99:d6:24:c9:06:31:17:88:
b4:a4:57:bc:03:b1:74:aa:e5:05:63:e2:d6:39:12:
44:42:ab:c1:c9:d4:57:a9:68:f1:45:20:a2:12:f5:
b6:c8:04:f7:bb:87:34:2a:f2:91:dd:8c:6d:d4:b5:
fb:86:db:1a:68:56:f7:06:60:cd:92:b8:50:83:1c:
23:e7:c2:a9:4e:ae:5f:ef:3d:10:1d:4c:ac:c9:01:
4c:ae:f2:b8:a7:01:0e:3e:97
Q:
00:ef:c5:6e:6a:6d:b3:c0:2b:c9:df:2c:28:bb:56:
1f:f3:d4:b3:42:0b
G: 1 (0x1)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
A2:4E:6C:DC:DC:67:C3:17:F9:CE:56:7A:0B:F3:D7:04:00:66:AF:48
X509v3 Authority Key Identifier:
keyid:AD:A6:21:7F:E8:4A:10:56:1B:4E:7E:13:33:FE:7A:FE:23:30:B1:3F
Signature Algorithm: sha1WithRSAEncryption
97:7a:7c:90:5d:9c:43:d3:dd:be:30:c5:11:e3:3e:83:b3:a5:
02:97:3d:1d:94:c5:49:79:d3:d8:77:c8:8e:2f:44:5a:d9:aa:
6b:a7:90:0a:5f:1c:24:5e:36:9d:09:1a:50:90:9e:f0:d4:54:
1f:f8:86:4f:92:32:8d:15:5d:40:b9:2b:ab:b8:81:3f:79:fa:
02:02:9e:d1:c5:ec:6b:90:d2:ba:e4:09:32:68:fc:fc:a9:9f:
fd:a8:3e:95:dc:fa:ea:1f:26:94:58:d9:5a:13:3c:a3:74:ee:
2c:b9:f1:b5:b5:34:48:47:e2:a1:57:dc:96:e9:5c:cd:1e:ec:
30:83
-----BEGIN CERTIFICATE-----
MIICkTCCAfqgAwIBAgIJAOn9O0NG4qZJMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ0wCwYDVQQKEwRSU0ExMQ0wCwYD
VQQDEwRSU0ExMB4XDTE0MDQxMDA4MjczNloXDTE1MDQxMDA4MjczNlowRDELMAkG
A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxDDAKBgNVBAoTA2c9MTESMBAG
A1UEAxMJbG9jYWxob3N0MIGzMIGqBgcqhkjOOAQBMIGeAoGBAP41+ypYMeR1XFpa
qB/KMqPWjv16h4TqGFbPE5Q/pQko0OTzCpnWJMkGMReItKRXvAOxdKrlBWPi1jkS
REKrwcnUV6lo8UUgohL1tsgE97uHNCrykd2MbdS1+4bbGmhW9wZgzZK4UIMcI+fC
qU6uX+89EB1MrMkBTK7yuKcBDj6XAhUA78Vuam2zwCvJ3ywou1Yf89SzQgsCAQED
BAACAQGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2Vu
ZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSiTmzc3GfDF/nOVnoL89cEAGav
SDAfBgNVHSMEGDAWgBStpiF/6EoQVhtOfhMz/nr+IzCxPzANBgkqhkiG9w0BAQUF
AAOBgQCXenyQXZxD092+MMUR4z6Ds6UClz0dlMVJedPYd8iOL0Ra2aprp5AKXxwk
XjadCRpQkJ7w1FQf+IZPkjKNFV1AuSuruIE/efoCAp7RxexrkNK65AkyaPz8qZ/9
qD6V3PrqHyaUWNlaEzyjdO4sufG1tTRIR+KhV9yW6VzNHuwwgw==
-----END CERTIFICATE-----
Attachment:
certg=1.key
Description: application/pgp-keys
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/