Skip to content

Chain of fools/CurveBall attack

Description

If the clinet/server does not check the certificate parameters with some fixed ones (e.g. secp521p), the certificate can be spoofed.

Task

Given arbitary certificate, forge a new pair of private and public keys, create a new CA using new keys, sign a new certificate for TLS.

Solution

See ./poc/gen.sh