Debian weak keys, DER-encoded in the following formats:
- PKCS#1 RSAPrivateKey, with public exponent 65537.
- SEC1 ECPrivateKey.
These private keys were generated using the tools in the key_generator repository. Using these private keys, CAs can implement their own Debian weak key checks without having to be tied to the RSA-only blocklist format made available by Debian when the CVE-2008-0166 vulnerability was first disclosed.
NOTE: When designing Debian weak key checks, it is important for CAs to be aware that all RSA public exponents are equally vulnerable when used with an RSA modulus generated by a vulnerable Debian system.
CAs could consider using the pregenerated blocklists in the dwk_blocklists repository, which list the SHA-256 hashes of the RSA moduli and EC X-coordinates of the private keys in this repository.