Open martindorey opened 2 years ago
I was hoping to probe a vulnerable system with a command like this:
$ < /dev/null openssl s_client -cert cert.der.old -certform DER -key ec.key -keyform PEM error setting private key 140222542737472:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:../crypto/x509/x509_cmp.c:297: $
... but the error message there made me try this (h/t https://security.stackexchange.com/a/73131/276099):
$ openssl pkey -in ec.key -pubout > key.pub $ openssl x509 -in cert.der.old -inform DER -pubkey -noout > cert.der.old.pub $ diff *.pub 7,8c7,8 < //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAA+/L/l5HQLeGeajfxw/bAjdo < GFf9xBgV3j34fVhn2EFD --- > //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAAjfHIC2Zuu/BE0zc8q9Cw6Ny > 0rUxh6Ka+ViN7zpL7/89 $
Did something go wrong when @catbro666 uploaded the original files in 345bf80?
Oops, It seems like I made a mistake. Maybe the key file was overwritten by accident.
I was hoping to probe a vulnerable system with a command like this:
... but the error message there made me try this (h/t https://security.stackexchange.com/a/73131/276099):
Did something go wrong when @catbro666 uploaded the original files in https://github.com/drago-96/CVE-2022-0778/commit/345bf80ce65f4b1097b7fef18957f601c44f0138?