In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of the padding (and of the first two bytes) are inadequate. NOTE: this requires that a low public exponent (such as 3) is being used. The product, by default, does not generate RSA keys with such a low number.
CPE | Name | Operator | Version |
---|---|---|---|
relic | eq | relic-toolkit-0.5.0 | |
relic | eq | relic-toolkit-0.4.0 |