The Bleichenbacher test script should also check numbers bigger than modulus #713

tomato42 · 2020-10-18T21:22:52Z

New test script idea

What TLS message this idea relates to?

ClientKeyExchange

What is the behaviour the test script should test?

The script should send values of RSA ciphertext that represent numbers bigger than n. Such ciphertexts should be rejected with an alert (as they are publicly invalid).

Are there scripts that test related functionality?

test-bleichenbacher-workaround.py
test-bleichenbacher-timing.py

Additional information

The text was updated successfully, but these errors were encountered:

tomato42 added enhancement new feature to be implemented help wanted new test script will require creation of a new connection script labels Oct 18, 2020

tomato42 added this to To do in Vulnerability testers via automation Oct 18, 2020

tomato42 changed the title ~~The bleichenbacher test script should also check numbers bigger than modulus~~ The Bleichenbacher test script should also check numbers bigger than modulus Jan 4, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

The Bleichenbacher test script should also check numbers bigger than modulus #713

The Bleichenbacher test script should also check numbers bigger than modulus #713

tomato42 commented Oct 18, 2020

The Bleichenbacher test script should also check numbers bigger than modulus #713

The Bleichenbacher test script should also check numbers bigger than modulus #713

Comments

tomato42 commented Oct 18, 2020

New test script idea

What TLS message this idea relates to?

What is the behaviour the test script should test?

Are there scripts that test related functionality?

Additional information