#19995 – pkcs11-tool generates RSA keys with publicExponent 1 instead of 65537

Bug 19995 - pkcs11-tool generates RSA keys with publicExponent 1 instead of 65537

Summary: pkcs11-tool generates RSA keys with publicExponent 1 instead of 65537

Status:	CLOSED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	opensc (show other bugs)
Version:	unstable
Hardware:	all Linux

Importance:	P3 blocker
Assignee:	Andrey Cherepanov
QA Contact:	qa-sisyphus

URL:	http://www.opensc-project.org/piperma...
Keywords:	security

Depends on:
Blocks:

Reported:	2009-05-10 08:55 MSD by Vladimir Lettiev
Modified:	2009-05-19 13:16 MSD (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladimir Lettiev 2009-05-10 08:55:55 MSD

Вследствии ошибки в коде могут создаваться слабые RSA ключи, что теоретически позволяет получить злоумышленнику закрытый ключ.
Выпущено исправление в версии 0.11.8

Comment 1 Andriy Stepanov (stanv) 2009-05-18 17:12:11 MSD

В Sisyphus ушло.
Нужно ли новый пакет бекпортить в 4.x 5.0 ?

Comment 2 Sergey V Turchin 2009-05-18 17:37:20 MSD

Раз security, то желательно

Comment 3 Andriy Stepanov (stanv) 2009-05-19 09:51:57 MSD

OpenSC Security Advisory [07-May-2009]
======================================

pkcs11-tool generates RSA keys with publicExponent 1 instead of 65537

......

This bug only affects users of OpenSC SVN trunk or OpenSC release
0.11.7. Older releases do not contain this problem, and the new
OpenSC release 0.11.8 fixes this problem. 

В 4.x версия 0.11.6 с ней все впорядке.

Comment 4 Vladimir Lettiev 2009-05-19 10:08:25 MSD

ок, закрывайте.