You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When openssl spkac is used to create a challenge request it uses MD5 hash for the signature.
At the same time, if the input SPKAC is signed with SHA256, it will verify as valid.
… option was processed
Better fixing:
Fixing #15683
Fixing #15686
Replacing rather than fixing:
Fixing #15414
Since that claims to fix another:
Fixing #15372
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #16022)
When
openssl spkac
is used to create a challenge request it uses MD5 hash for the signature.At the same time, if the input SPKAC is signed with SHA256, it will verify as valid.
Reproducer:
Output will be
Signature Algorithm: md5WithRSAEncryption
The text was updated successfully, but these errors were encountered: