Closed fastcat closed 1 year ago
Private key decryption has been broken since #21 (specifically ca2a0dd4074cbf8813ea8e09bea3d9c42eac3537) due to a bad copy-paste.
Specifically this code is copied from the symmetric key handling and forces the private key's ciphertext to only be 32 bytes, which is not correct for asymmetric keys: https://github.com/n0fate/chainbreaker/blob/master/chainbreaker/__init__.py#L377-L381
Restoring the original logic with this PR in a plausible private key for me -- OpenSSL can decode & summarize it, and the modulus matches the certificate I expect it to go with.
Private key decryption has been broken since #21 (specifically ca2a0dd4074cbf8813ea8e09bea3d9c42eac3537) due to a bad copy-paste.
Specifically this code is copied from the symmetric key handling and forces the private key's ciphertext to only be 32 bytes, which is not correct for asymmetric keys: https://github.com/n0fate/chainbreaker/blob/master/chainbreaker/__init__.py#L377-L381
Restoring the original logic with this PR in a plausible private key for me -- OpenSSL can decode & summarize it, and the modulus matches the certificate I expect it to go with.