diff options
Diffstat (limited to '')
-rw-r--r-- | tests/rsa-md5-collision/README | 622 | ||||
-rw-r--r-- | tests/rsa-md5-collision/colliding-chain-md5-1.pem | 253 | ||||
-rw-r--r-- | tests/rsa-md5-collision/colliding-chain-md5-2.pem | 252 | ||||
-rwxr-xr-x | tests/rsa-md5-collision/rsa-md5-collision.sh | 70 |
4 files changed, 1197 insertions, 0 deletions
diff --git a/tests/rsa-md5-collision/README b/tests/rsa-md5-collision/README new file mode 100644 index 0000000..fa5a199 --- /dev/null +++ b/tests/rsa-md5-collision/README @@ -0,0 +1,622 @@ +rsa-md5-collision README -- Information about rsa-md5-collision self tests. +Copyright (C) 2006-2012 Free Software Foundation, Inc. +See the end for copying conditions. + +This directory contains colliding X.509 certificates for different +identities, from: + +http://www.win.tue.nl/hashclash/TargetCollidingCertificates/ + +The certificates are used by a simple self-test script, +rsa-md5-collision, that check to make sure that GnuTLS reject both +certificate chains. + +Below is the e-mail exchanges with the authors where they agree to +release the certificates under a permissive license, that allow the +files to be included here. + +X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::NIoLZwQj6TTZ4YZK:BUuA +X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::NgTq8sJW1QBlX/rv:g9Z +From: Simon Josefsson <jas@extundo.com> +To: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, m.m.j.stevens@student.tue.nl, arjen.lenstra@epfl.ch +Subject: Re: target collisions and colliding certificates with different identities +References: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl> +OpenPGP: id=B565716F; url=http://josefsson.org/key.txt +X-Draft-From: ("gmane.ietf.irtf.cfrg" 784) +X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::aYYmnRc08nJKaUMk:6ddD +Date: Tue, 24 Oct 2006 08:28:07 +0200 +In-Reply-To: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl> + (B. M. M. de Weger's message of "Mon\, 23 Oct 2006 23\:58\:21 +0200") +Message-ID: <87ods2grd4.fsf@latte.josefsson.org> +User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii +Lines: 48 +Xref: localhost.localdomain rsa-md5:1 + +Great work, thanks! + +I'd like to include your certificates in GnuTLS, a TLS implementation +that supports X.509, as self-tests of the certificate verification +logic. Is this OK with you? + +Btw, Gnutls rejected the certificates, we already disable MD5 for +verification purposes. :) + +For our legal department, I'd like a clarification of the license on +the data, would you agree to release the certificates under the +following license? + + Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger + + Copying and distribution of this file, with or without modification, + are permitted in any medium without royalty provided the copyright + notice and this notice are preserved. + +Also, if any other authors contributed, they would have to agree to +this license as well. Are there other authors? + +Best regards, and thanks in advance, +Simon + +"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes: + +> Hi all, +> +> We announce: +> - an example of a target collision for MD5; this means: +> for two chosen messages m1 and m2 we have constructed +> appendages b1 and b2 to make the messages collide +> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2); +> said differently: we can cause an MD5 collision for +> any pair of distinct IHVs; +> - an example of a pair of valid, unsuspicious X.509 +> certificates with distinct Distinguished Name fields, +> but identical CA signatures; this example makes use +> of the target collision. +> +> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, +> where the certificates and a more detailed announcement +> can be found. +> +> Marc Stevens +> Arjen Lenstra +> Benne de Weger +Return-Path: <arjen.lenstra@epfl.ch> +Received: from yxa.extundo.com ([unix socket]) + by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 08:32:12 +0200 +X-Sieve: CMU Sieve 2.2 +Received: from smtp1.epfl.ch (smtp1.epfl.ch [128.178.50.22]) + by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id k9O6VvPx016489 + for <jas@extundo.com>; Tue, 24 Oct 2006 08:31:57 +0200 +Received: (qmail 16665 invoked by uid 107); 24 Oct 2006 06:31:51 -0000 +Received: from mailav1.epfl.ch (128.178.50.190) + by smtp1.epfl.ch with SMTP; 24 Oct 2006 06:31:51 -0000 +Received: from (smtp2.epfl.ch [128.178.50.133]) by MAILAV1.epfl.ch with smtp + id 3c76_55596730_6329_11db_9dfc_001143d18479; + Tue, 24 Oct 2006 08:31:51 +0200 +Received: from rex1.epfl.ch (128.178.50.178) + by smtp2.epfl.ch (AngelmatoPhylax SMTP proxy); Tue, 24 Oct 2006 08:31:51 +0200 +X-MimeOLE: Produced By Microsoft Exchange V6.5 +Content-class: urn:content-classes:message +MIME-Version: 1.0 +Content-Type: text/plain; + charset="iso-8859-1" +Content-Transfer-Encoding: quoted-printable +Subject: RE: target collisions and colliding certificates with different identities +Date: Tue, 24 Oct 2006 08:31:42 +0200 +Message-ID: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> +In-Reply-To: <87ods2grd4.fsf@latte.josefsson.org> +X-MS-Has-Attach: +X-MS-TNEF-Correlator: +Thread-Topic: target collisions and colliding certificates with different identities +Thread-Index: Acb3NZO8kzaCp7NPSV29z2Ydtt/p5gAAEyEg +From: "Arjen Lenstra" <arjen.lenstra@epfl.ch> +To: "Simon Josefsson" <jas@extundo.com>, + "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>, + <m.m.j.stevens@student.tue.nl> +X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham + version=3.1.1 +X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv +X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com +X-Virus-Status: Clean +Lines: 75 +Xref: localhost.localdomain rsa-md5:2 + +Hi, +Thanks! +I can't speak for my coauthors, but it's all fine with me, though I find = +the year in your proposed copyright statement a bit odd (I would have = +expected 2006). There are no more authros involved. + +best regards, Arjen Lenstra + +---------------- +Arjen K. Lenstra a k l @ e p f l . c h +EPFL IC LACAL +INJ 330 (B=E2timent INJ) +Station 14 +CH-1015 Lausanne, Switzerland +T=E9l: + 41 21 693 8101 +Fax: + 41 21 693 7550 +=20 +=20 + +-----Original Message----- +From: Simon Josefsson [mailto:jas@extundo.com]=20 +Sent: Tuesday, October 24, 2006 8:28 AM +To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra +Subject: Re: target collisions and colliding certificates with different = +identities + +Great work, thanks! + +I'd like to include your certificates in GnuTLS, a TLS implementation +that supports X.509, as self-tests of the certificate verification +logic. Is this OK with you? + +Btw, Gnutls rejected the certificates, we already disable MD5 for +verification purposes. :) + +For our legal department, I'd like a clarification of the license on +the data, would you agree to release the certificates under the +following license? + + Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger + + Copying and distribution of this file, with or without = +modification, + are permitted in any medium without royalty provided the copyright + notice and this notice are preserved. + +Also, if any other authors contributed, they would have to agree to +this license as well. Are there other authors? + +Best regards, and thanks in advance, +Simon + +"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes: + +> Hi all, +> +> We announce: +> - an example of a target collision for MD5; this means:=20 +> for two chosen messages m1 and m2 we have constructed=20 +> appendages b1 and b2 to make the messages collide=20 +> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2); +> said differently: we can cause an MD5 collision for=20 +> any pair of distinct IHVs; +> - an example of a pair of valid, unsuspicious X.509=20 +> certificates with distinct Distinguished Name fields,=20 +> but identical CA signatures; this example makes use=20 +> of the target collision. +> +> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, +> where the certificates and a more detailed announcement=20 +> can be found. +> +> Marc Stevens +> Arjen Lenstra +> Benne de Weger +From: Simon Josefsson <jas@extundo.com> +To: "Arjen Lenstra" <arjen.lenstra@epfl.ch> +Cc: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, <m.m.j.stevens@student.tue.nl> +Subject: Re: target collisions and colliding certificates with different identities +References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> +OpenPGP: id=B565716F; url=http://josefsson.org/key.txt +X-Draft-From: ("nnimap+yxa:INBOX.private.2006.10" 623) +X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::pMR7JuXUTTt/Zjut:0aGD +X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::juw1iXMSKV62mZGj:CBbu +X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::SJdQwxRXP39Dw2C4:n6ia +Date: Tue, 24 Oct 2006 08:43:59 +0200 +In-Reply-To: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> + (Arjen Lenstra's message of "Tue\, 24 Oct 2006 08\:31\:42 +0200") +Message-ID: <87d58igqmo.fsf@latte.josefsson.org> +User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Transfer-Encoding: 8bit +Lines: 80 +Xref: localhost.localdomain rsa-md5:3 + +"Arjen Lenstra" <arjen.lenstra@epfl.ch> writes: + +> Hi, +> Thanks! +> I can't speak for my coauthors, but it's all fine with me, though I +> find the year in your proposed copyright statement a bit odd (I +> would have expected 2006). There are no more authros involved. + +Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and +Benne also replied. + +/Simon + +> best regards, Arjen Lenstra +> +> ---------------- +> Arjen K. Lenstra a k l @ e p f l . c h +> EPFL IC LACAL +> INJ 330 (Bâtiment INJ) +> Station 14 +> CH-1015 Lausanne, Switzerland +> Tél: + 41 21 693 8101 +> Fax: + 41 21 693 7550 +> +> +> +> -----Original Message----- +> From: Simon Josefsson [mailto:jas@extundo.com] +> Sent: Tuesday, October 24, 2006 8:28 AM +> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra +> Subject: Re: target collisions and colliding certificates with different identities +> +> Great work, thanks! +> +> I'd like to include your certificates in GnuTLS, a TLS implementation +> that supports X.509, as self-tests of the certificate verification +> logic. Is this OK with you? +> +> Btw, Gnutls rejected the certificates, we already disable MD5 for +> verification purposes. :) +> +> For our legal department, I'd like a clarification of the license on +> the data, would you agree to release the certificates under the +> following license? +> +> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger +> +> Copying and distribution of this file, with or without modification, +> are permitted in any medium without royalty provided the copyright +> notice and this notice are preserved. +> +> Also, if any other authors contributed, they would have to agree to +> this license as well. Are there other authors? +> +> Best regards, and thanks in advance, +> Simon +> +> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes: +> +>> Hi all, +>> +>> We announce: +>> - an example of a target collision for MD5; this means: +>> for two chosen messages m1 and m2 we have constructed +>> appendages b1 and b2 to make the messages collide +>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2); +>> said differently: we can cause an MD5 collision for +>> any pair of distinct IHVs; +>> - an example of a pair of valid, unsuspicious X.509 +>> certificates with distinct Distinguished Name fields, +>> but identical CA signatures; this example makes use +>> of the target collision. +>> +>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, +>> where the certificates and a more detailed announcement +>> can be found. +>> +>> Marc Stevens +>> Arjen Lenstra +>> Benne de Weger +Return-Path: <m.m.j.stevens@student.tue.nl> +Received: from yxa.extundo.com ([unix socket]) + by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 09:23:28 +0200 +X-Sieve: CMU Sieve 2.2 +Received: from ipact2.infopact.nl (ipact2.infopact.nl [212.29.160.71]) + by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O7NIbh023920 + (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) + for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:22 +0200 +Received: from ipact2.infopact.nl (localhost.localdomain [127.0.0.1]) + by ipact2.infopact.nl (8.13.7/8.13.7) with ESMTP id k9O7NAZd008636 + for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:11 +0200 +Received: (from defang@localhost) + by ipact2.infopact.nl (8.13.7/8.13.7/Submit) id k9O7J939006762 + for <jas@extundo.com>; Tue, 24 Oct 2006 09:19:09 +0200 +Received: from smtp.banaan.org (72-130-ftth.onsnet.nu [88.159.130.72]) + by ipact2.infopact.nl (envelope-sender <m.m.j.stevens@student.tue.nl>) (MIMEDefang) with ESMTP id k9O7J72W006742; Tue, 24 Oct 2006 09:19:09 +0200 (CEST) +Received: by smtp.banaan.org (Postfix, from userid 1018) + id DE1B689D80; Tue, 24 Oct 2006 09:19:06 +0200 (CEST) +X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv +X-Spam-Level: +X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,FORGED_RCVD_HELO + autolearn=ham version=3.1.1 +Received: from s478591 (cp688553-a.tilbu1.nb.home.nl [84.24.55.50]) + by smtp.banaan.org (Postfix) with ESMTP id 5EE4889EF9; + Tue, 24 Oct 2006 09:18:57 +0200 (CEST) +Message-ID: <03cf01c6f73c$a8923390$8702a8c0@s478591> +From: "Marc Stevens" <m.m.j.stevens@student.tue.nl> +To: "Simon Josefsson" <jas@extundo.com>, + "Arjen Lenstra" <arjen.lenstra@epfl.ch> +Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> +References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> <87d58igqmo.fsf@latte.josefsson.org> +Subject: Re: target collisions and colliding certificates with different identities +Date: Tue, 24 Oct 2006 09:18:50 +0200 +MIME-Version: 1.0 +Content-Type: text/plain; + format=flowed; + charset="iso-8859-1"; + reply-type=original +Content-Transfer-Encoding: 8bit +X-Priority: 3 +X-MSMail-Priority: Normal +X-Mailer: Microsoft Outlook Express 6.00.2900.2869 +X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 +X-Scanned-By: MIMEDefang - SpamAssassin on 212.29.160.71 +X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com +X-Virus-Status: Clean +Lines: 101 +Xref: localhost.localdomain rsa-md5:4 + +Hi Simon, + +Thanks! +I am also okay with the proposed license. + +Kind regards, + Marc + +----- Original Message ----- +From: "Simon Josefsson" <jas@extundo.com> +To: "Arjen Lenstra" <arjen.lenstra@epfl.ch> +Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>; +<m.m.j.stevens@student.tue.nl> +Sent: Tuesday, October 24, 2006 8:43 AM +Subject: Re: target collisions and colliding certificates with different +identities + + +> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes: +> +>> Hi, +>> Thanks! +>> I can't speak for my coauthors, but it's all fine with me, though I +>> find the year in your proposed copyright statement a bit odd (I +>> would have expected 2006). There are no more authros involved. +> +> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and +> Benne also replied. +> +> /Simon +> +>> best regards, Arjen Lenstra +>> +>> ---------------- +>> Arjen K. Lenstra a k l @ e p f l . c h +>> EPFL IC LACAL +>> INJ 330 (Bâtiment INJ) +>> Station 14 +>> CH-1015 Lausanne, Switzerland +>> Tél: + 41 21 693 8101 +>> Fax: + 41 21 693 7550 +>> +>> +>> +>> -----Original Message----- +>> From: Simon Josefsson [mailto:jas@extundo.com] +>> Sent: Tuesday, October 24, 2006 8:28 AM +>> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra +>> Subject: Re: target collisions and colliding certificates with different +>> identities +>> +>> Great work, thanks! +>> +>> I'd like to include your certificates in GnuTLS, a TLS implementation +>> that supports X.509, as self-tests of the certificate verification +>> logic. Is this OK with you? +>> +>> Btw, Gnutls rejected the certificates, we already disable MD5 for +>> verification purposes. :) +>> +>> For our legal department, I'd like a clarification of the license on +>> the data, would you agree to release the certificates under the +>> following license? +>> +>> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger +>> +>> Copying and distribution of this file, with or without modification, +>> are permitted in any medium without royalty provided the copyright +>> notice and this notice are preserved. +>> +>> Also, if any other authors contributed, they would have to agree to +>> this license as well. Are there other authors? +>> +>> Best regards, and thanks in advance, +>> Simon +>> +>> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes: +>> +>>> Hi all, +>>> +>>> We announce: +>>> - an example of a target collision for MD5; this means: +>>> for two chosen messages m1 and m2 we have constructed +>>> appendages b1 and b2 to make the messages collide +>>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2); +>>> said differently: we can cause an MD5 collision for +>>> any pair of distinct IHVs; +>>> - an example of a pair of valid, unsuspicious X.509 +>>> certificates with distinct Distinguished Name fields, +>>> but identical CA signatures; this example makes use +>>> of the target collision. +>>> +>>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, +>>> where the certificates and a more detailed announcement +>>> can be found. +>>> +>>> Marc Stevens +>>> Arjen Lenstra +>>> Benne de Weger +> + +Return-Path: <b.m.m.d.weger@TUE.nl> +Received: from yxa.extundo.com ([unix socket]) + by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 10:55:48 +0200 +X-Sieve: CMU Sieve 2.2 +Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.19]) + by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O8te8O005696 + for <jas@extundo.com>; Tue, 24 Oct 2006 10:55:40 +0200 +Received: from localhost (localhost [127.0.0.1]) + by mailhost.tue.nl (Postfix) with ESMTP id B6C745C297; + Tue, 24 Oct 2006 10:55:39 +0200 (CEST) +X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com +X-Virus-Scanned: amavisd-new at tue.nl +Received: from mailhost.tue.nl ([131.155.2.19]) + by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 84pZYnFvD8HO; Tue, 24 Oct 2006 10:55:39 +0200 (CEST) +Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6]) + by mailhost.tue.nl (Postfix) with ESMTP id 1CFE55C293; + Tue, 24 Oct 2006 10:55:39 +0200 (CEST) +X-MimeOLE: Produced By Microsoft Exchange V6.5 +Content-class: urn:content-classes:message +MIME-Version: 1.0 +Content-Type: text/plain; + charset="iso-8859-1" +Content-Transfer-Encoding: quoted-printable +Subject: RE: target collisions and colliding certificates with different identities +Date: Tue, 24 Oct 2006 10:55:38 +0200 +Message-ID: <DFA3206A564B80499B87B89B49BCD3135DC263@EXCHANGE3.campus.tue.nl> +In-Reply-To: <87d58igqmo.fsf@latte.josefsson.org> +X-MS-Has-Attach: +X-MS-TNEF-Correlator: +Thread-Topic: target collisions and colliding certificates with different identities +Thread-Index: Acb3N816trM39dt6Tmef1RZSgSRhMQAEdpog +From: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> +To: "Simon Josefsson" <jas@extundo.com> +Cc: "Stevens, M.M.J." <M.M.J.Stevens@student.tue.nl>, + "Arjen Lenstra" <arjen.lenstra@epfl.ch> +X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham + version=3.1.1 +X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv +X-Virus-Status: Clean +Lines: 123 +Xref: localhost.localdomain rsa-md5:5 + +Hi Simon, + +When your software rejects any MD5 certificate I don't see why +you would use our colliding ones, doesn't it mean that you'll=20 +have more explaining to do? +But when you want it this way, it's fine with me too. + +Grtz, +Benne + +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Technische Universiteit Eindhoven +Coding & Crypto Groep +Faculteit Wiskunde en Informatica +Den Dolech 2 +Postbus 513 +5600 MB Eindhoven +kamer: HG 9.84 +tel.: (040) 247 2704, bgg 5141 +e-mail: b.m.m.d.weger@tue.nl +www: http://www.win.tue.nl/~bdeweger +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + + + =20 + +> -----Original Message----- +> From: Simon Josefsson [mailto:jas@extundo.com]=20 +> Sent: dinsdag 24 oktober 2006 8:44 +> To: Arjen Lenstra +> Cc: Weger, B.M.M. de; Stevens, M.M.J. +> Subject: Re: target collisions and colliding certificates=20 +> with different identities +>=20 +> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes: +>=20 +> > Hi, +> > Thanks! +> > I can't speak for my coauthors, but it's all fine with me, though I +> > find the year in your proposed copyright statement a bit odd (I +> > would have expected 2006). There are no more authros involved. +>=20 +> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and +> Benne also replied. +>=20 +> /Simon +>=20 +> > best regards, Arjen Lenstra +> > +> > ---------------- +> > Arjen K. Lenstra a k l @ e p f l . c h +> > EPFL IC LACAL +> > INJ 330 (B=E2timent INJ) +> > Station 14 +> > CH-1015 Lausanne, Switzerland +> > T=E9l: + 41 21 693 8101 +> > Fax: + 41 21 693 7550 +> > =20 +> > =20 +> > +> > -----Original Message----- +> > From: Simon Josefsson [mailto:jas@extundo.com]=20 +> > Sent: Tuesday, October 24, 2006 8:28 AM +> > To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra +> > Subject: Re: target collisions and colliding certificates=20 +> with different identities +> > +> > Great work, thanks! +> > +> > I'd like to include your certificates in GnuTLS, a TLS=20 +> implementation +> > that supports X.509, as self-tests of the certificate=20 +> verification +> > logic. Is this OK with you? +> > +> > Btw, Gnutls rejected the certificates, we already disable MD5 for +> > verification purposes. :) +> > +> > For our legal department, I'd like a clarification of the license on +> > the data, would you agree to release the certificates under the +> > following license? +> > +> > Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra,=20 +> Benne de Weger +> > +> > Copying and distribution of this file, with or without=20 +> modification, +> > are permitted in any medium without royalty provided=20 +> the copyright +> > notice and this notice are preserved. +> > +> > Also, if any other authors contributed, they would have to agree to +> > this license as well. Are there other authors? +> > +> > Best regards, and thanks in advance, +> > Simon +> > +> > "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes: +> > +> >> Hi all, +> >> +> >> We announce: +> >> - an example of a target collision for MD5; this means:=20 +> >> for two chosen messages m1 and m2 we have constructed=20 +> >> appendages b1 and b2 to make the messages collide=20 +> >> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2); +> >> said differently: we can cause an MD5 collision for=20 +> >> any pair of distinct IHVs; +> >> - an example of a pair of valid, unsuspicious X.509=20 +> >> certificates with distinct Distinguished Name fields,=20 +> >> but identical CA signatures; this example makes use=20 +> >> of the target collision. +> >> +> >> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, +> >> where the certificates and a more detailed announcement=20 +> >> can be found. +> >> +> >> Marc Stevens +> >> Arjen Lenstra +> >> Benne de Weger +>=20 + +---------------------------------------------------------------------- +Copying and distribution of this file, with or without modification, +are permitted in any medium without royalty provided the copyright +notice and this notice are preserved. diff --git a/tests/rsa-md5-collision/colliding-chain-md5-1.pem b/tests/rsa-md5-collision/colliding-chain-md5-1.pem new file mode 100644 index 0000000..07fa85d --- /dev/null +++ b/tests/rsa-md5-collision/colliding-chain-md5-1.pem @@ -0,0 +1,253 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 010c0001 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sun Jan 01 00:00:01 UTC 2006 + Not After: Mon Dec 31 23:59:59 UTC 2007 + Subject: C=NL,L=Eindhoven,O=Collisionairs,CN=Arjen K. Lenstra + Subject Public Key Algorithm: RSA + Algorithm Security Level: Ultra (8192 bits) + Modulus (bits 8192): + 00:ee:73:e7:d6:b3:b3:4f:ba:a1:39:3d:02:a4:74:25 + 81:8d:c8:4f:86:73:6e:90:72:28:bb:e8:77:02:03:85 + 8d:8c:f1:83:7a:ff:5e:6c:22:13:03:6a:f3:d9:5c:77 + e9:c2:23:7d:60:8c:c4:a9:fb:97:30:8b:bf:98:28:61 + 2f:15:99:e2:61:5b:cc:de:da:59:30:53:2f:b3:dd:11 + 72:78:e4:94:40:14:33:63:0e:74:61:c1:dc:9b:80:1b + 2e:55:20:15:a5:13:ff:7a:e7:97:3e:f4:4b:83:52:e4 + e0:49:79:b3:1e:b6:00:65:4d:51:f4:a3:81:ce:be:3f + 0b:d0:99:d1:30:d1:45:6f:ab:e0:4a:3e:98:85:c8:c4 + fb:29:7b:86:b5:77:52:cd:64:19:80:9f:e3:7e:62:86 + f0:77:32:d1:e0:69:a5:b4:e5:66:70:b8:bb:ba:e5:c2 + 11:74:2a:13:1d:05:71:1c:f1:fe:32:af:93:3f:1e:ef + 22:47:62:e3:aa:da:c1:7c:40:e4:48:ca:41:a8:79:a0 + 3d:3c:f6:65:f2:39:c7:f3:fe:82:b3:84:e8:35:e7:c9 + e8:bd:ee:30:c2:68:a2:12:12:84:78:9d:f4:2f:44:90 + 6f:19:b7:90:26:46:44:36:e1:da:65:fa:0c:53:a3:77 + fa:0d:2b:01:2b:7d:dc:28:55:da:e5:b5:51:51:e2:80 + 34:11:21:20:b5:e7:9e:c5:f2:6a:9f:69:da:85:d7:4e + f6:a9:7a:0b:11:64:ef:a2:5f:b1:ae:26:ba:45:1c:cd + a7:a2:e7:84:33:9c:44:7d:56:05:49:a6:0b:f0:67:62 + 94:bf:58:0c:91:9e:c4:57:02:5d:3c:78:60:b9:82:96 + c0:ab:9f:e5:b1:d3:53:88:2e:26:c1:f7:21:b4:18:99 + d9:72:b5:a1:d5:05:0b:68:45:36:44:80:10:af:8c:7a + ff:7c:e8:ea:cc:b9:b1:fb:bd:d1:29:d4:f5:d4:99:fb + 81:29:24:df:30:2c:b3:c4:50:23:38:62:97:93:96:b3 + a4:6c:d0:ff:7f:14:26:71:1c:45:92:97:b6:5d:1c:ef + 66:c1:87:51:e0:94:bf:08:f3:b2:98:1c:5c:ce:52:d9 + 63:d5:a4:25:9a:64:55:7e:4d:1b:9e:fe:2d:9a:51:6d + 1e:6e:c8:bb:37:06:68:25:ae:a6:36:16:60:2b:d7:d1 + 16:25:a0:6a:90:73:9b:4d:0a:06:ea:87:2a:3a:f9:eb + a1:26:29:be:d6:79:40:56:1b:d9:37:4a:89:d6:0f:0d + 72:2c:9f:eb:68:33:ec:53:f0:b0:fd:76:aa:04:7b:66 + c9:0f:ce:b1:d2:e2:2c:c0:99:b9:a4:b9:3e:00:00:00 + 0f:54:a8:95:17:6e:4c:29:5a:40:5f:af:54:ce:e8:2d + 04:3a:45:ce:40:b1:55:be:34:eb:de:78:47:85:a2:5b + 7f:89:4d:42:4f:a1:27:b1:57:a8:a1:20:f9:9f:e5:31 + 02:c8:1f:a9:0e:0b:9b:da:1b:a7:75:df:75:d9:15:2a + 80:25:7a:1e:d3:52:dd:49:e5:7e:06:8f:f3:f0:2c:ab + d4:ac:97:db:bc:3f:a0:20:5a:74:30:2f:65:c7:f4:9a + 41:9e:08:fd:54:bf:af:c1:4d:78:ab:aa:b3:0d:db:3f + c8:48:e3:df:02:c5:a4:0e:da:24:8c:9f:f4:74:82:85 + 0c:fd:fb:dd:9b:c5:55:47:b7:40:4f:58:03:c1:bb:81 + 63:21:73:12:7e:1a:93:b2:4a:fb:6e:7a:80:45:08:65 + db:37:46:76:d5:76:ba:52:96:cc:c6:c1:30:82:d1:ab + 36:52:1f:1a:8a:d9:45:46:6b:9e:f0:6a:f4:3a:02:d7 + 0b:7f:b8:b7:dc:6d:26:8c:3d:ba:68:98:f6:55:2f:a3 + fb:b3:3d:cb:fa:da:7b:33:fa:75:d9:3a:fe:26:2b:d3 + 7a:ff:75:99:5f:d0:e9:77:4b:a5:a2:6a:7c:44:3f:f3 + 4e:46:15:02:a2:cb:77:7e:98:2d:00:73:75:14:b8:8e + d2:8d:61:f4:28:e8:83:87:df:2b:f0:22:30:ad:17:a9 + d4:4f:f3:64:85:0a:07:db:42:a7:82:6a:c2:ee:38:99 + ca:c3:ec:27:47:21:d4:76:d9:66:58:f5:37:16:67:65 + 87:f8:ff:14:db:8d:e6:74:1a:fa:22:06:db:a3:b1:18 + 28:ba:87:c6:e1:e8:8a:02:2f:1a:a8:dd:d0:37:ea:b0 + 49:b5:c7:d3:05:3d:0a:63:d7:86:1d:ea:07:b3:d8:b7 + 20:de:06:8c:f4:7e:65:7b:b4:44:50:b8:5d:52:f7:49 + d5:95:72:df:0c:0e:34:33:b4:7c:9a:a1:9a:85:6f:1d + c3:cd:ad:ba:fb:14:30:35:c8:5a:53:af:57:22:03:8f + 76:5c:0d:62:1b:66:b6:9f:ff:fd:09:1d:4a:66:1a:45 + 3b:f1:da:ed:1a:3a:23:41:b3:7d:7f:62:3b:15:8f:6e + c0:2b:49:a2:53:64:43:0f:cb:58:61:48:3e:1e:95:43 + ed:2e:e7:e5:4a:4c:10:8a:6e:64:19:40:98:0e:e6:0d + 14:ae:e5:59:af:30:03:7e:75:b2:30:9c:e0:21:ff:e3 + 10:9b:f2:05:38:92:ab:0a:e4:03:51:6e:2a:b5:80:67 + f7 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Key Usage (not critical): + Digital signature. + Non repudiation. + Key encipherment. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 86:c0:87:6d:20:68:2d:c8:97:44:3f:97:69:0d:df:b2 + 90:74:cb:25:c3:58:f0:9f:81:23:4c:e2:65:a4:43:33 + cb:6a:78:b2:32:73:29:17:00:dc:d6:ba:df:55:08:8a + 19:a3:17:a5:1d:60:92:ac:3f:6f:c6:24:36:01:36:7a + 6a:2f:c0:96:9b:4e:89:13:bf:c2:31:5f:5a:f3:5d:83 + fb:d0:3c:95:78:39:24:22:17:be:b9:ad:88:73:d4:42 + f3:a3:62:00:ca:19:8f:63:45:bc:b7:6c:cb:27:fc:f2 + db:ea:23:9e:50:fd:dd:3c:d6:93:04:c9:50:e7:09:4a + ff:0a:96:59:02:b7:22:06:d0:4e:37:59:ba:ed:05:ae + 05:92:2d:8b:e9:35:56:c8:ca:cd:c3:60:6c:56:ee:37 + 89:c3:77:5f:76:7a:89:09:ab:44:4b:c1:d7:ee:4a:41 + 67:73:02:ef:df:33:7b:4c:ee:08:2d:92:18:fe:44:aa + 5d:68:d3:4e:fb:79:6a:c4:32:19:dc:f8:dd:4c:2e:6e + c4:58:ef:a4:82:da:7e:18:1c:08:64:17:71:24:f0:cf + 21:4b:0c:5a:28:ef:ec:a4:0e:c5:32:bb:76:73:ff:ea + 9b:9b:d0:a0:b1:ef:e6:db:97:c5:18:c4:db:17:b9:a5 +Other Information: + SHA1 fingerprint: + bc7510b271456cffd765d0c9ce7a8154215b7b37 + SHA256 fingerprint: + fb1b071cdc055092f973d90675f8b4df709796e64d5d9ac8a01485dfa18d3e2c + Public Key ID: + e4542a434d9a4e310a54b6e3fe5f9ad3b9f1b552 + Public key's random art: + +--[ RSA 8192]----+ + | .o.o +o. . | + | o + =.o | + | + * + | + | . + * | + | . . S | + | . E | + | . .o. .. | + | . .+oo.. . | + | ..+...... | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIGKTCCBRGgAwIBAgIEAQwAATANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNjAxMDEwMDAwMDFaFw0wNzEyMzEyMzU5NTlaMFQxGTAXBgNVBAMTEEFy +amVuIEsuIExlbnN0cmExFjAUBgNVBAoTDUNvbGxpc2lvbmFpcnMxEjAQBgNVBAcT +CUVpbmRob3ZlbjELMAkGA1UEBhMCTkwwggQiMA0GCSqGSIb3DQEBAQUAA4IEDwAw +ggQKAoIEAQDuc+fWs7NPuqE5PQKkdCWBjchPhnNukHIou+h3AgOFjYzxg3r/Xmwi +EwNq89lcd+nCI31gjMSp+5cwi7+YKGEvFZniYVvM3tpZMFMvs90RcnjklEAUM2MO +dGHB3JuAGy5VIBWlE/9655c+9EuDUuTgSXmzHrYAZU1R9KOBzr4/C9CZ0TDRRW+r +4Eo+mIXIxPspe4a1d1LNZBmAn+N+YobwdzLR4GmltOVmcLi7uuXCEXQqEx0FcRzx +/jKvkz8e7yJHYuOq2sF8QORIykGoeaA9PPZl8jnH8/6Cs4ToNefJ6L3uMMJoohIS +hHid9C9EkG8Zt5AmRkQ24dpl+gxTo3f6DSsBK33cKFXa5bVRUeKANBEhILXnnsXy +ap9p2oXXTvapegsRZO+iX7GuJrpFHM2noueEM5xEfVYFSaYL8GdilL9YDJGexFcC +XTx4YLmClsCrn+Wx01OILibB9yG0GJnZcrWh1QULaEU2RIAQr4x6/3zo6sy5sfu9 +0SnU9dSZ+4EpJN8wLLPEUCM4YpeTlrOkbND/fxQmcRxFkpe2XRzvZsGHUeCUvwjz +spgcXM5S2WPVpCWaZFV+TRue/i2aUW0ebsi7NwZoJa6mNhZgK9fRFiWgapBzm00K +BuqHKjr566EmKb7WeUBWG9k3SonWDw1yLJ/raDPsU/Cw/XaqBHtmyQ/OsdLiLMCZ +uaS5PgAAAA9UqJUXbkwpWkBfr1TO6C0EOkXOQLFVvjTr3nhHhaJbf4lNQk+hJ7FX +qKEg+Z/lMQLIH6kOC5vaG6d133XZFSqAJXoe01LdSeV+Bo/z8Cyr1KyX27w/oCBa +dDAvZcf0mkGeCP1Uv6/BTXirqrMN2z/ISOPfAsWkDtokjJ/0dIKFDP373ZvFVUe3 +QE9YA8G7gWMhcxJ+GpOySvtueoBFCGXbN0Z21Xa6UpbMxsEwgtGrNlIfGorZRUZr +nvBq9DoC1wt/uLfcbSaMPbpomPZVL6P7sz3L+tp7M/p12Tr+JivTev91mV/Q6XdL +paJqfEQ/805GFQKiy3d+mC0Ac3UUuI7SjWH0KOiDh98r8CIwrRep1E/zZIUKB9tC +p4Jqwu44mcrD7CdHIdR22WZY9TcWZ2WH+P8U243mdBr6Igbbo7EYKLqHxuHoigIv +Gqjd0DfqsEm1x9MFPQpj14Yd6gez2Lcg3gaM9H5le7REULhdUvdJ1ZVy3wwONDO0 +fJqhmoVvHcPNrbr7FDA1yFpTr1ciA492XA1iG2a2n//9CR1KZhpFO/Ha7Ro6I0Gz +fX9iOxWPbsArSaJTZEMPy1hhSD4elUPtLuflSkwQim5kGUCYDuYNFK7lWa8wA351 +sjCc4CH/4xCb8gU4kqsK5ANRbiq1gGf3AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgXgMA0GCSqGSIb3DQEBBAUAA4IBAQCGwIdtIGgtyJdEP5dpDd+ykHTL +JcNY8J+BI0ziZaRDM8tqeLIycykXANzWut9VCIoZoxelHWCSrD9vxiQ2ATZ6ai/A +lptOiRO/wjFfWvNdg/vQPJV4OSQiF765rYhz1ELzo2IAyhmPY0W8t2zLJ/zy2+oj +nlD93TzWkwTJUOcJSv8KllkCtyIG0E43WbrtBa4Fki2L6TVWyMrNw2BsVu43icN3 +X3Z6iQmrREvB1+5KQWdzAu/fM3tM7ggtkhj+RKpdaNNO+3lqxDIZ3PjdTC5uxFjv +pILafhgcCGQXcSTwzyFLDFoo7+ykDsUyu3Zz/+qbm9Cgse/m25fFGMTbF7ml +-----END CERTIFICATE----- +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 02181144 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sat Jan 01 00:00:01 UTC 2005 + Not After: Thu Jan 01 00:00:01 UTC 2015 + Subject: C=NL,L=Eindhoven,CN=Hash Collision CA + Subject Public Key Algorithm: RSA + Algorithm Security Level: Medium (2048 bits) + Modulus (bits 2048): + 00:ca:70:fa:c4:40:06:fb:b4:1a:8e:e4:19:5a:a9:77 + 1f:75:91:74:59:d2:68:b9:30:46:03:5b:a1:dc:b5:4a + 28:2a:1e:28:48:b7:78:ba:e0:67:70:0a:cd:64:2c:b0 + 8d:57:0d:bb:0f:89:56:df:23:a0:a3:c6:e5:df:ae:ef + 53:d8:bd:c1:64:f4:cb:e5:2e:47:aa:58:6e:ff:f3:b2 + 9f:0c:bd:42:39:4c:64:63:77:ef:3d:e2:f7:be:9b:62 + 99:37:45:12:68:b9:51:6a:32:f1:7b:d4:a4:ea:3b:a4 + 72:3d:2f:a1:a0:f2:34:42:0a:f9:50:40:d3:ce:0c:ed + 5f:60:db:0a:26:46:9f:07:17:9d:2b:c2:9f:62:3a:61 + 80:33:96:9f:f7:ac:6b:92:a4:94:c1:27:a6:13:79:b3 + 17:ab:b7:21:48:64:37:54:2d:c6:d0:5d:a7:14:b6:d0 + 59:ce:47:0c:b3:90:84:13:49:37:48:59:95:a1:e8:f3 + 34:9d:cf:ca:31:d6:18:a4:fc:a4:87:57:3c:9a:42:6a + 50:83:6f:95:59:ba:4d:b7:6a:68:60:95:b9:b8:64:de + d6:bd:ed:53:45:db:ec:38:40:db:ac:4b:0c:ba:cc:a0 + 14:c5:75:3c:28:05:85:f4:53:fd:52:0f:27:40:43:a0 + 51 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): TRUE + Path Length Constraint: 0 + Key Usage (not critical): + Certificate signing. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 3e:90:33:aa:13:63:8b:3d:6a:f1:d5:36:34:40:8a:c1 + 12:53:e4:ed:8a:49:0e:af:c9:0d:2c:cf:be:7b:d7:f4 + 44:46:35:1a:4b:b9:b9:b0:8c:62:6d:5b:0c:72:14:fc + 6d:e5:78:81:9a:db:a1:d0:bd:d9:bf:81:24:f3:db:22 + 60:1d:a6:0c:79:42:7f:56:86:1d:a5:5c:91:8f:18:3d + 6e:47:cf:fe:5c:91:08:15:da:84:54:28:0e:64:11:53 + 2a:3b:15:58:df:1c:52:9a:ae:26:af:29:10:8d:5d:6d + e7:1e:fa:22:a4:58:fb:3f:2f:88:39:10:8c:f8:49:64 + b7:0d:21:d0:df:5c:eb:51:b6:ec:bb:1f:a1:63:6d:2d + 6f:a2:78:ed:3d:64:6d:f0:93:de:b6:a1:e0:11:85:db + 45:28:ac:b3:e1:fa:44:4f:43:f1:15:01:c7:d6:e9:74 + c1:00:5f:81:45:91:9c:82:c2:a1:ee:cf:bd:f3:a2:30 + 12:74:b0:d3:44:43:18:60:b0:aa:e1:39:25:3c:fa:4c + d7:ee:9d:c5:24:9f:6f:a6:0c:01:83:f5:3a:21:d6:b7 + 51:3b:9e:0c:2e:b0:f5:c9:a6:00:08:e9:27:d4:c3:ab + 85:c7:4e:70:67:7a:95:12:6b:03:89:ca:33:9e:d7:99 +Other Information: + SHA1 fingerprint: + 89bbb66f8639663af859ff7a0c43a9f011655aba + SHA256 fingerprint: + ddc11a3f3660d30e15af5f44ed6f59e800257a44b0201e49b452790e09a5fac7 + Public Key ID: + 5ead859fb9320a7d4bf78e644bd15153c5b3a16b + Public key's random art: + +--[ RSA 2048]----+ + | o*| + | +o| + | o +| + | o o o | + | S o + o | + | o . + E | + | . o + X | + | . oo* = | + | ...o+.o | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIEAhgRRDANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNTAxMDEwMDAwMDFaFw0xNTAxMDEwMDAwMDFaMD0xGjAYBgNVBAMTEUhh +c2ggQ29sbGlzaW9uIENBMRIwEAYDVQQHEwlFaW5kaG92ZW4xCzAJBgNVBAYTAk5M +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynD6xEAG+7QajuQZWql3 +H3WRdFnSaLkwRgNbody1SigqHihIt3i64GdwCs1kLLCNVw27D4lW3yOgo8bl367v +U9i9wWT0y+UuR6pYbv/zsp8MvUI5TGRjd+894ve+m2KZN0USaLlRajLxe9Sk6juk +cj0voaDyNEIK+VBA084M7V9g2womRp8HF50rwp9iOmGAM5af96xrkqSUwSemE3mz +F6u3IUhkN1QtxtBdpxS20FnORwyzkIQTSTdIWZWh6PM0nc/KMdYYpPykh1c8mkJq +UINvlVm6TbdqaGCVubhk3ta97VNF2+w4QNusSwy6zKAUxXU8KAWF9FP9Ug8nQEOg +UQIDAQABoyAwHjAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwICBDANBgkqhkiG +9w0BAQQFAAOCAQEAPpAzqhNjiz1q8dU2NECKwRJT5O2KSQ6vyQ0sz7571/RERjUa +S7m5sIxibVsMchT8beV4gZrbodC92b+BJPPbImAdpgx5Qn9Whh2lXJGPGD1uR8/+ +XJEIFdqEVCgOZBFTKjsVWN8cUpquJq8pEI1dbece+iKkWPs/L4g5EIz4SWS3DSHQ +31zrUbbsux+hY20tb6J47T1kbfCT3rah4BGF20UorLPh+kRPQ/EVAcfW6XTBAF+B +RZGcgsKh7s+986IwEnSw00RDGGCwquE5JTz6TNfuncUkn2+mDAGD9Toh1rdRO54M +LrD1yaYACOkn1MOrhcdOcGd6lRJrA4nKM57XmQ== +-----END CERTIFICATE----- diff --git a/tests/rsa-md5-collision/colliding-chain-md5-2.pem b/tests/rsa-md5-collision/colliding-chain-md5-2.pem new file mode 100644 index 0000000..e2fc083 --- /dev/null +++ b/tests/rsa-md5-collision/colliding-chain-md5-2.pem @@ -0,0 +1,252 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 020c0001 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sun Jan 01 00:00:01 UTC 2006 + Not After: Mon Dec 31 23:59:59 UTC 2007 + Subject: C=NL,L=Eindhoven,O=Collision Factory,CN=Marc Stevens + Subject Public Key Algorithm: RSA + Algorithm Security Level: High (8189 bits) + Modulus (bits 8189): + 1a:09:b4:cb:40:c7:26:7a:af:01:7f:9b:a4:74:25:81 + 8d:c8:4f:86:73:6e:90:72:28:bb:e8:77:02:03:85:8d + 8c:f1:83:7a:ff:5e:6c:22:13:03:6a:f3:d9:5c:77:e9 + c2:23:7d:60:8c:c4:a9:fb:97:30:7b:bf:98:28:61:2f + 15:99:e2:61:5b:cc:de:da:59:30:53:2f:b3:dd:11:72 + 78:e4:94:40:14:33:63:0e:74:61:c1:dc:9b:80:1b:2e + 55:20:15:a5:13:ff:7a:e7:97:3e:f4:4b:83:52:e4:e0 + 49:79:b3:1e:b6:00:65:4d:51:f4:a4:81:ce:be:3f:0b + d0:99:d1:30:d1:45:6f:ab:e0:4a:3e:98:85:c8:c4:fb + 29:7b:86:b5:77:52:cd:64:19:80:9f:e3:7e:62:86:f0 + 77:32:d1:e0:69:a5:b4:e5:66:70:b8:bb:ba:e5:c2:11 + 74:2a:13:1d:05:71:1c:f1:fe:22:af:93:3f:1e:ef:22 + 47:62:e3:aa:da:c1:7c:40:e4:48:ca:41:a8:79:a0:3d + 3c:f6:65:f2:39:c7:f3:fe:82:b3:84:e8:35:e7:c9:e8 + bd:ee:30:c2:68:a2:12:12:84:78:9d:f4:2f:44:90:6f + 19:b7:90:26:46:44:36:e1:da:64:fa:0c:53:a3:77:fa + 0d:2b:01:2b:7d:dc:28:55:da:e5:b5:51:51:e2:80:34 + 11:21:20:b5:e7:9e:c5:f2:6a:9f:69:da:85:d7:4e:f6 + a9:7a:0b:11:64:ef:a2:5f:b1:ae:26:ba:45:1c:cd:a7 + a2:e7:84:33:9c:44:7d:56:25:49:a6:0b:f0:67:62:94 + bf:58:0c:91:9e:c4:57:02:5d:3c:78:60:b9:82:96:c0 + ab:9f:e5:b1:d3:53:88:2e:26:c1:f7:21:b4:18:99:d9 + 72:b5:a1:d5:05:0b:68:45:36:44:80:10:af:8c:7a:ff + 7c:e8:ea:cc:b9:b1:fb:bd:c9:29:d4:f5:d4:99:fb:81 + 29:24:df:30:2c:b3:c4:50:23:38:62:97:93:96:b3:a4 + 6c:d0:ff:7f:14:26:71:1c:45:92:97:b6:5d:1c:ef:66 + c1:87:51:e0:94:bf:08:f3:b2:98:1c:5c:ce:52:d9:63 + d5:a4:25:9a:64:55:7e:4d:1b:9e:fe:0d:9a:51:6d:1e + 6e:c8:bb:37:06:68:25:ae:a6:36:16:60:2b:d7:d1:16 + 25:a0:6a:90:73:9b:4d:0a:06:ea:87:2a:3a:f9:eb:a1 + 26:29:be:d6:79:40:56:1b:d9:37:4a:89:d6:0f:0d:72 + 2c:9f:eb:68:33:ec:53:f0:b0:fd:76:a2:04:7b:66:c9 + 0f:ce:b1:d2:e2:2c:c0:99:b9:a4:b9:3e:00:00:00:0f + 54:a8:95:17:6e:4c:29:5a:40:5f:af:54:ce:e8:2d:04 + 3a:45:ce:40:b1:55:be:34:eb:de:78:47:85:a2:5b:7f + 89:4d:42:4f:a1:27:b1:57:a8:a1:20:f9:9f:e5:31:02 + c8:1f:a9:0e:0b:9b:da:1b:a7:75:df:75:d9:15:2a:80 + 25:7a:1e:d3:52:dd:49:e5:7e:06:8f:f3:f0:2c:ab:d4 + ac:97:db:bc:3f:a0:20:5a:74:30:2f:65:c7:f4:9a:41 + 9e:08:fd:54:bf:af:c1:4d:78:ab:aa:b3:0d:db:3f:c8 + 48:e3:df:02:c5:a4:0e:da:24:8c:9f:f4:74:82:85:0c + fd:fb:dd:9b:c5:55:47:b7:40:4f:58:03:c1:bb:81:63 + 21:73:12:7e:1a:93:b2:4a:fb:6e:7a:80:45:08:65:db + 37:46:76:d5:76:ba:52:96:cc:c6:c1:30:82:d1:ab:36 + 52:1f:1a:8a:d9:45:46:6b:9e:f0:6a:f4:3a:02:d7:0b + 7f:b8:b7:dc:6d:26:8c:3d:ba:68:98:f6:55:2f:a3:fb + b3:3d:cb:fa:da:7b:33:fa:75:d9:3a:fe:26:2b:d3:7a + ff:75:99:5f:d0:e9:77:4b:a5:a2:6a:7c:44:3f:f3:4e + 46:15:02:a2:cb:77:7e:98:2d:00:73:75:14:b8:8e:d2 + 8d:61:f4:28:e8:83:87:df:2b:f0:22:30:ad:17:a9:d4 + 4f:f3:64:85:0a:07:db:42:a7:82:6a:c2:ee:38:99:ca + c3:ec:27:47:21:d4:76:d9:66:58:f5:37:16:67:65:87 + f8:ff:14:db:8d:e6:74:1a:fa:22:06:db:a3:b1:18:28 + ba:87:c6:e1:e8:8a:02:2f:1a:a8:dd:d0:37:ea:b0:49 + b5:c7:d3:05:3d:0a:63:d7:86:1d:ea:07:b3:d8:b7:20 + de:06:8c:f4:7e:65:7b:b4:44:50:b8:5d:52:f7:49:d5 + 95:72:df:0c:0e:34:33:b4:7c:9a:a1:9a:85:6f:1d:c3 + cd:ad:ba:fb:14:30:35:c8:5a:53:af:57:22:03:8f:76 + 5c:0d:62:1b:66:b6:9f:ff:fd:09:1d:4a:66:1a:45:3b + f1:da:ed:1a:3a:23:41:b3:7d:7f:62:3b:15:8f:6e:c0 + 2b:49:a2:53:64:43:0f:cb:58:61:48:3e:1e:95:43:ed + 2e:e7:e5:4a:4c:10:8a:6e:64:19:40:98:0e:e6:0d:14 + ae:e5:59:af:30:03:7e:75:b2:30:9c:e0:21:ff:e3:10 + 9b:f2:05:38:92:ab:0a:e4:03:51:6e:2a:b5:80:67:f7 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Key Usage (not critical): + Digital signature. + Non repudiation. + Key encipherment. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 86:c0:87:6d:20:68:2d:c8:97:44:3f:97:69:0d:df:b2 + 90:74:cb:25:c3:58:f0:9f:81:23:4c:e2:65:a4:43:33 + cb:6a:78:b2:32:73:29:17:00:dc:d6:ba:df:55:08:8a + 19:a3:17:a5:1d:60:92:ac:3f:6f:c6:24:36:01:36:7a + 6a:2f:c0:96:9b:4e:89:13:bf:c2:31:5f:5a:f3:5d:83 + fb:d0:3c:95:78:39:24:22:17:be:b9:ad:88:73:d4:42 + f3:a3:62:00:ca:19:8f:63:45:bc:b7:6c:cb:27:fc:f2 + db:ea:23:9e:50:fd:dd:3c:d6:93:04:c9:50:e7:09:4a + ff:0a:96:59:02:b7:22:06:d0:4e:37:59:ba:ed:05:ae + 05:92:2d:8b:e9:35:56:c8:ca:cd:c3:60:6c:56:ee:37 + 89:c3:77:5f:76:7a:89:09:ab:44:4b:c1:d7:ee:4a:41 + 67:73:02:ef:df:33:7b:4c:ee:08:2d:92:18:fe:44:aa + 5d:68:d3:4e:fb:79:6a:c4:32:19:dc:f8:dd:4c:2e:6e + c4:58:ef:a4:82:da:7e:18:1c:08:64:17:71:24:f0:cf + 21:4b:0c:5a:28:ef:ec:a4:0e:c5:32:bb:76:73:ff:ea + 9b:9b:d0:a0:b1:ef:e6:db:97:c5:18:c4:db:17:b9:a5 +Other Information: + SHA1 fingerprint: + 6fea1157b6edc59d28bf96590ceab3cc32366a51 + SHA256 fingerprint: + 387fa1529fa8e3fa7b8a5ecdbea0301275144c02d5ee93d0bea9726bdc98e5ef + Public Key ID: + 85d9ae67a92fccea10f681a683109658d91e788d + Public key's random art: + +--[ RSA 8189]----+ + | .+ o | + |..+ E . + | + |oo o . o o | + |.. .. o | + |. = . S . | + |.. + o . . . | + |. o . .o. + | + | . . ++ | + | .o..o. | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIGKTCCBRGgAwIBAgIEAgwAATANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNjAxMDEwMDAwMDFaFw0wNzEyMzEyMzU5NTlaMFQxFTATBgNVBAMTDE1h +cmMgU3RldmVuczEaMBgGA1UEChMRQ29sbGlzaW9uIEZhY3RvcnkxEjAQBgNVBAcT +CUVpbmRob3ZlbjELMAkGA1UEBhMCTkwwggQiMA0GCSqGSIb3DQEBAQUAA4IEDwAw +ggQKAoIEAQAaCbTLQMcmeq8Bf5ukdCWBjchPhnNukHIou+h3AgOFjYzxg3r/Xmwi +EwNq89lcd+nCI31gjMSp+5cwe7+YKGEvFZniYVvM3tpZMFMvs90RcnjklEAUM2MO +dGHB3JuAGy5VIBWlE/9655c+9EuDUuTgSXmzHrYAZU1R9KSBzr4/C9CZ0TDRRW+r +4Eo+mIXIxPspe4a1d1LNZBmAn+N+YobwdzLR4GmltOVmcLi7uuXCEXQqEx0FcRzx +/iKvkz8e7yJHYuOq2sF8QORIykGoeaA9PPZl8jnH8/6Cs4ToNefJ6L3uMMJoohIS +hHid9C9EkG8Zt5AmRkQ24dpk+gxTo3f6DSsBK33cKFXa5bVRUeKANBEhILXnnsXy +ap9p2oXXTvapegsRZO+iX7GuJrpFHM2noueEM5xEfVYlSaYL8GdilL9YDJGexFcC +XTx4YLmClsCrn+Wx01OILibB9yG0GJnZcrWh1QULaEU2RIAQr4x6/3zo6sy5sfu9 +ySnU9dSZ+4EpJN8wLLPEUCM4YpeTlrOkbND/fxQmcRxFkpe2XRzvZsGHUeCUvwjz +spgcXM5S2WPVpCWaZFV+TRue/g2aUW0ebsi7NwZoJa6mNhZgK9fRFiWgapBzm00K +BuqHKjr566EmKb7WeUBWG9k3SonWDw1yLJ/raDPsU/Cw/XaiBHtmyQ/OsdLiLMCZ +uaS5PgAAAA9UqJUXbkwpWkBfr1TO6C0EOkXOQLFVvjTr3nhHhaJbf4lNQk+hJ7FX +qKEg+Z/lMQLIH6kOC5vaG6d133XZFSqAJXoe01LdSeV+Bo/z8Cyr1KyX27w/oCBa +dDAvZcf0mkGeCP1Uv6/BTXirqrMN2z/ISOPfAsWkDtokjJ/0dIKFDP373ZvFVUe3 +QE9YA8G7gWMhcxJ+GpOySvtueoBFCGXbN0Z21Xa6UpbMxsEwgtGrNlIfGorZRUZr +nvBq9DoC1wt/uLfcbSaMPbpomPZVL6P7sz3L+tp7M/p12Tr+JivTev91mV/Q6XdL +paJqfEQ/805GFQKiy3d+mC0Ac3UUuI7SjWH0KOiDh98r8CIwrRep1E/zZIUKB9tC +p4Jqwu44mcrD7CdHIdR22WZY9TcWZ2WH+P8U243mdBr6Igbbo7EYKLqHxuHoigIv +Gqjd0DfqsEm1x9MFPQpj14Yd6gez2Lcg3gaM9H5le7REULhdUvdJ1ZVy3wwONDO0 +fJqhmoVvHcPNrbr7FDA1yFpTr1ciA492XA1iG2a2n//9CR1KZhpFO/Ha7Ro6I0Gz +fX9iOxWPbsArSaJTZEMPy1hhSD4elUPtLuflSkwQim5kGUCYDuYNFK7lWa8wA351 +sjCc4CH/4xCb8gU4kqsK5ANRbiq1gGf3AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgXgMA0GCSqGSIb3DQEBBAUAA4IBAQCGwIdtIGgtyJdEP5dpDd+ykHTL +JcNY8J+BI0ziZaRDM8tqeLIycykXANzWut9VCIoZoxelHWCSrD9vxiQ2ATZ6ai/A +lptOiRO/wjFfWvNdg/vQPJV4OSQiF765rYhz1ELzo2IAyhmPY0W8t2zLJ/zy2+oj +nlD93TzWkwTJUOcJSv8KllkCtyIG0E43WbrtBa4Fki2L6TVWyMrNw2BsVu43icN3 +X3Z6iQmrREvB1+5KQWdzAu/fM3tM7ggtkhj+RKpdaNNO+3lqxDIZ3PjdTC5uxFjv +pILafhgcCGQXcSTwzyFLDFoo7+ykDsUyu3Zz/+qbm9Cgse/m25fFGMTbF7ml +-----END CERTIFICATE----- +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 02181144 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sat Jan 01 00:00:01 UTC 2005 + Not After: Thu Jan 01 00:00:01 UTC 2015 + Subject: C=NL,L=Eindhoven,CN=Hash Collision CA + Subject Public Key Algorithm: RSA + Algorithm Security Level: Medium (2048 bits) + Modulus (bits 2048): + 00:ca:70:fa:c4:40:06:fb:b4:1a:8e:e4:19:5a:a9:77 + 1f:75:91:74:59:d2:68:b9:30:46:03:5b:a1:dc:b5:4a + 28:2a:1e:28:48:b7:78:ba:e0:67:70:0a:cd:64:2c:b0 + 8d:57:0d:bb:0f:89:56:df:23:a0:a3:c6:e5:df:ae:ef + 53:d8:bd:c1:64:f4:cb:e5:2e:47:aa:58:6e:ff:f3:b2 + 9f:0c:bd:42:39:4c:64:63:77:ef:3d:e2:f7:be:9b:62 + 99:37:45:12:68:b9:51:6a:32:f1:7b:d4:a4:ea:3b:a4 + 72:3d:2f:a1:a0:f2:34:42:0a:f9:50:40:d3:ce:0c:ed + 5f:60:db:0a:26:46:9f:07:17:9d:2b:c2:9f:62:3a:61 + 80:33:96:9f:f7:ac:6b:92:a4:94:c1:27:a6:13:79:b3 + 17:ab:b7:21:48:64:37:54:2d:c6:d0:5d:a7:14:b6:d0 + 59:ce:47:0c:b3:90:84:13:49:37:48:59:95:a1:e8:f3 + 34:9d:cf:ca:31:d6:18:a4:fc:a4:87:57:3c:9a:42:6a + 50:83:6f:95:59:ba:4d:b7:6a:68:60:95:b9:b8:64:de + d6:bd:ed:53:45:db:ec:38:40:db:ac:4b:0c:ba:cc:a0 + 14:c5:75:3c:28:05:85:f4:53:fd:52:0f:27:40:43:a0 + 51 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): TRUE + Path Length Constraint: 0 + Key Usage (not critical): + Certificate signing. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 3e:90:33:aa:13:63:8b:3d:6a:f1:d5:36:34:40:8a:c1 + 12:53:e4:ed:8a:49:0e:af:c9:0d:2c:cf:be:7b:d7:f4 + 44:46:35:1a:4b:b9:b9:b0:8c:62:6d:5b:0c:72:14:fc + 6d:e5:78:81:9a:db:a1:d0:bd:d9:bf:81:24:f3:db:22 + 60:1d:a6:0c:79:42:7f:56:86:1d:a5:5c:91:8f:18:3d + 6e:47:cf:fe:5c:91:08:15:da:84:54:28:0e:64:11:53 + 2a:3b:15:58:df:1c:52:9a:ae:26:af:29:10:8d:5d:6d + e7:1e:fa:22:a4:58:fb:3f:2f:88:39:10:8c:f8:49:64 + b7:0d:21:d0:df:5c:eb:51:b6:ec:bb:1f:a1:63:6d:2d + 6f:a2:78:ed:3d:64:6d:f0:93:de:b6:a1:e0:11:85:db + 45:28:ac:b3:e1:fa:44:4f:43:f1:15:01:c7:d6:e9:74 + c1:00:5f:81:45:91:9c:82:c2:a1:ee:cf:bd:f3:a2:30 + 12:74:b0:d3:44:43:18:60:b0:aa:e1:39:25:3c:fa:4c + d7:ee:9d:c5:24:9f:6f:a6:0c:01:83:f5:3a:21:d6:b7 + 51:3b:9e:0c:2e:b0:f5:c9:a6:00:08:e9:27:d4:c3:ab + 85:c7:4e:70:67:7a:95:12:6b:03:89:ca:33:9e:d7:99 +Other Information: + SHA1 fingerprint: + 89bbb66f8639663af859ff7a0c43a9f011655aba + SHA256 fingerprint: + ddc11a3f3660d30e15af5f44ed6f59e800257a44b0201e49b452790e09a5fac7 + Public Key ID: + 5ead859fb9320a7d4bf78e644bd15153c5b3a16b + Public key's random art: + +--[ RSA 2048]----+ + | o*| + | +o| + | o +| + | o o o | + | S o + o | + | o . + E | + | . o + X | + | . oo* = | + | ...o+.o | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIEAhgRRDANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNTAxMDEwMDAwMDFaFw0xNTAxMDEwMDAwMDFaMD0xGjAYBgNVBAMTEUhh +c2ggQ29sbGlzaW9uIENBMRIwEAYDVQQHEwlFaW5kaG92ZW4xCzAJBgNVBAYTAk5M +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynD6xEAG+7QajuQZWql3 +H3WRdFnSaLkwRgNbody1SigqHihIt3i64GdwCs1kLLCNVw27D4lW3yOgo8bl367v +U9i9wWT0y+UuR6pYbv/zsp8MvUI5TGRjd+894ve+m2KZN0USaLlRajLxe9Sk6juk +cj0voaDyNEIK+VBA084M7V9g2womRp8HF50rwp9iOmGAM5af96xrkqSUwSemE3mz +F6u3IUhkN1QtxtBdpxS20FnORwyzkIQTSTdIWZWh6PM0nc/KMdYYpPykh1c8mkJq +UINvlVm6TbdqaGCVubhk3ta97VNF2+w4QNusSwy6zKAUxXU8KAWF9FP9Ug8nQEOg +UQIDAQABoyAwHjAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwICBDANBgkqhkiG +9w0BAQQFAAOCAQEAPpAzqhNjiz1q8dU2NECKwRJT5O2KSQ6vyQ0sz7571/RERjUa +S7m5sIxibVsMchT8beV4gZrbodC92b+BJPPbImAdpgx5Qn9Whh2lXJGPGD1uR8/+ +XJEIFdqEVCgOZBFTKjsVWN8cUpquJq8pEI1dbece+iKkWPs/L4g5EIz4SWS3DSHQ +31zrUbbsux+hY20tb6J47T1kbfCT3rah4BGF20UorLPh+kRPQ/EVAcfW6XTBAF+B +RZGcgsKh7s+986IwEnSw00RDGGCwquE5JTz6TNfuncUkn2+mDAGD9Toh1rdRO54M +LrD1yaYACOkn1MOrhcdOcGd6lRJrA4nKM57XmQ== +-----END CERTIFICATE----- diff --git a/tests/rsa-md5-collision/rsa-md5-collision.sh b/tests/rsa-md5-collision/rsa-md5-collision.sh new file mode 100755 index 0000000..85f8e82 --- /dev/null +++ b/tests/rsa-md5-collision/rsa-md5-collision.sh @@ -0,0 +1,70 @@ +#!/bin/sh + +# Copyright (C) 2006, 2008, 2010, 2012 Free Software Foundation, Inc. +# Copyright (C) 2016, Red Hat, Inc. +# +# Author: Simon Josefsson, Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +: ${srcdir=.} +: ${CERTTOOL=../src/certtool${EXEEXT}} +TMPFILE1=rsa-md5.$$.tmp +TMPFILE2=rsa-md5-2.$$.tmp + +if ! test -x "${CERTTOOL}"; then + exit 77 +fi + +. ${srcdir}/scripts/common.sh +skip_if_no_datefudge + +# Disable leak detection +ASAN_OPTIONS="detect_leaks=0" +export ASAN_OPTIONS + +datefudge -s "2006-10-1" \ +"${CERTTOOL}" --verify-chain --outfile "$TMPFILE1" --infile "${srcdir}/rsa-md5-collision/colliding-chain-md5-1.pem" +if test $? = 0;then + echo "Verification on chain1 succeeded" + exit 1 +fi + +grep 'Not verified.' $TMPFILE1| grep 'insecure algorithm' +if test $? != 0;then + echo "Output on chain1 doesn't match the expected" + exit 1 +fi + + +datefudge -s "2006-10-1" \ +"${CERTTOOL}" --verify-chain --outfile "$TMPFILE2" --infile "${srcdir}/rsa-md5-collision/colliding-chain-md5-2.pem" +if test $? = 0;then + echo "Verification on chain2 succeeded" + exit 1 +fi + +grep 'Not verified.' $TMPFILE2| grep 'insecure algorithm' +if test $? != 0;then + echo "Output on chain2 doesn't match the expected" + exit 1 +fi + +rm -f $TMPFILE1 $TMPFILE2 + +# We're done. +exit 0 |