Extend Bleichenbacher test script for CVE-2012-5081
tomato42 opened this issue · comments
Hubert Kario commented
New test script idea
What TLS message this idea relates to?
ClientKeyExchange
What TLS extension this idea relates to?
none
What is the behaviour the test script should test?
CVE-2012-5081 - Bleichenbacher oracle in Java
the test should send encrypted values with all possible lengths for a given key size, including 0-byte long, 1 byte long, 200 byte long encrypted value, etc.
Are there scripts that test related functionality?
test-bleichenbacher-workaround.py
Additional information
https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-meyer.pdf