Provided by: openssl-blacklist_0.5-3_all bug

NAME
       openssl-vulnkey — check blacklist of compromised certificates, requests and keys


SYNOPSIS
       openssl-vulnkey [-q] file ...
       openssl-vulnkey [-q] -b BITS -m MODULUS


DESCRIPTION
       openssl-vulnkey checks a certificate, request or key against a blacklist of compromised moduli.

       A  substantial  number of certificates, requests and keys are known to have been generated using a broken
       version of OpenSSL distributed by Debian which failed to seed  its  random  number  generator  correctly.
       x509  certificates,  certificate  requests  and RSA keys generated using these OpenSSL versions should be
       assumed to be compromised.  This tool may be useful in  checking  for  such  OpenSSL  x509  certificates,
       certificate requests and RSA keys.

       Certificates,  requests  and keys that are compromised cannot be repaired; replacements must be generated
       using openssl(8).

       If “-” is given as an argument, openssl-vulnkey will read from standard  input.   This  can  be  used  to
       process certificate output from s_client(1ssl), for example:

             $ echo | openssl s_client -connect remote.example.org:https | openssl-vulnkey -

       will test the certificate used by remote.example.org for HTTPS.

       The options are as follows:

       -q      Quiet  mode.   Normally,  openssl-vulnkey  outputs  the  fingerprint of each file scanned, with a
               description of its status.  This option suppresses that output.

       -b      Number of bits for the modulus specified.  Requires -m.

       -m      Check modulus.  Requires -b.


BLACKLIST SHA1SUM FORMAT
       The blacklist file may start with comments, on lines starting with “#”.  After these initial comments, it
       must follow a strict format:

                Each line must consist of the lower-case hexadecimal SHA1 fingerprint  of  the  certificate  or
                 key's modulus, and with the first 20 characters removed (that is, the least significant 80 bits
                 of the fingerprint).

       The fingerprint of the modulus may be generated using

             $ openssl x509 -noout -modulus -in file | sha1sum | cut -d ' ' -f 1
             $ openssl rsa -noout -modulus -in file | sha1sum | cut -d ' ' -f 1
             $ openssl req -noout -modulus -in file | sha1sum | cut -d ' ' -f 1

       This strict format is necessary to allow the blacklist file to be checked quickly.


SEE ALSO
       openssl(1)


AUTHORS
       Jamie Strandboge <jamie@ubuntu.com>

       Much of this manpage is based on Colin Watson's ssh-vulnkey(1)

Debian                                            May 12, 2008                                OPENSSL-VULNKEY(1)