funsec mailing list archives
Re: Fake CA MD5 questions
From: "Jason Ross" <algorythm () gmail com>
Date: Tue, 30 Dec 2008 21:28:39 -0500
On Tue, Dec 30, 2008 at 19:29, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rMslade () shaw ca> wrote:
Date sent: Tue, 30 Dec 2008 12:09:36 +0100 From: Jacob Appelbaum <jacob () appelbaum net>http://events.ccc.de/2008/12/30/the-cat-is-out-of-the-bag/ MD5 considered harmful today: Creating a rogue CA certificateFirst, you need 5 CAs that use MD5 hashes. How many do that? How many CAs use *only* MD5s?
To partially answer the first question anyway, a very quick and likely imprecise check of my Debian default installation of openssl contains the following 24 CA certs as using "md5WithRSAEncryption" for the Signature Algorithm: /usr/lib/ssl/certs/spi-ca-2003.pem /usr/lib/ssl/certs/GTE_CyberTrust_Root_CA.pem /usr/lib/ssl/certs/root.pem /usr/lib/ssl/certs/Thawte_Personal_Freemail_CA.pem /usr/lib/ssl/certs/TC_TrustCenter__Germany__Class_2_CA.pem /usr/lib/ssl/certs/Entrust.net_Global_Secure_Personal_CA.pem /usr/lib/ssl/certs/StartCom_Ltd..pem /usr/lib/ssl/certs/TC_TrustCenter__Germany__Class_3_CA.pem /usr/lib/ssl/certs/class3.pem /usr/lib/ssl/certs/NetLock_Notary_=Class_A=_Root.pem /usr/lib/ssl/certs/Thawte_Personal_Basic_CA.pem /usr/lib/ssl/certs/Thawte_Premium_Server_CA.pem /usr/lib/ssl/certs/IPS_Servidores_root.pem /usr/lib/ssl/certs/Entrust.net_Global_Secure_Server_CA.pem /usr/lib/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem /usr/lib/ssl/certs/NetLock_Express_=Class_C=_Root.pem /usr/lib/ssl/certs/Thawte_Server_CA.pem /usr/lib/ssl/certs/Equifax_Secure_eBusiness_CA_1.pem /usr/lib/ssl/certs/GTE_CyberTrust_Global_Root.pem /usr/lib/ssl/certs/Entrust.net_Secure_Personal_CA.pem /usr/lib/ssl/certs/NetLock_Business_=Class_B=_Root.pem /usr/lib/ssl/certs/Thawte_Time_Stamping_CA.pem /usr/lib/ssl/certs/GlobalSign_Root_CA.pem /usr/lib/ssl/certs/Thawte_Personal_Premium_CA.pem (the "root.pem" and "class3.pem" both belong to cacert.org) For the curious, and for transparency, I used the following (admittedly quick and very dirty) method to obtain this list: $ cat md5ca.sh #!/bin/bash CERTDIR=`openssl version -d |awk -F: '{print $2}' |sed 's/\s*"//g'` for cert in \ `find -L $CERTDIR -name "*.pem" -or -name "*.cert" -or -name "*.crt" -type f` ; do openssl x509 -noout -text -in $cert | \ grep "Signature Algorithm" | \ grep md5 >/dev/null 2>&1 [ $? == 0 ] && echo $cert done 2> /dev/null -- Jason _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- reliable IOS exploitation Gadi Evron (Dec 29)
- Re: reliable IOS exploitation Charles Miller (Dec 29)
- Re: reliable IOS exploitation Gadi Evron (Dec 29)
- 25c3 (was: Re: reliable IOS exploitation) Jacob Appelbaum (Dec 30)
- Re: 25c3 (was: Re: reliable IOS exploitation) Colin K Rognlie (Dec 30)
- Fake CA MD5 questions Rob, grandpa of Ryan, Trevor, Devon & Hannah (Dec 30)
- Re: Fake CA MD5 questions Valdis . Kletnieks (Dec 30)
- Re: Fake CA MD5 questions Valdis . Kletnieks (Dec 30)
- Re: Fake CA MD5 questions Jason Ross (Dec 30)
- Re: Fake CA MD5 questions Florian Weimer (Dec 31)
- Re: reliable IOS exploitation Charles Miller (Dec 29)