[gnutls-devel] Problem with proxied connections on 3.5.3
Andreas Metzler
ametzler at bebt.de
Sat Sep 17 12:48:40 CEST 2016
On 2016-09-17 Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote:
[...]
> Thank you. Could I have a capture of the session? My speculation is
> that the user is under man-in-the-middle attack and the presented RSA
> public key in the certificate is rejected by rsa_public_key_prepare().
> If that is run with nettle 3.2, then only check is whether the N is <
> 96 bits which is way too small even for an attacker. Later versions (in
> git) have an additional check for N being even. A capture and the
> nettle version used will shed some light on the issue.
Could you perhaps provide Marcelo with step-by-step instructions on how
to generate the session capture?
Nettle version is 3.2.
thanks, cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel
mailing list