Guest

Preview Tool

Cisco Bug: CSCum25232 - ASR1K: ModExp failure with RSA key lengths that are not power of two

Last Modified

Apr 17, 2019

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

15.2(1)S2 15.3(1)S 15.3(3)S 15.4(1)S

Description (partial)

Symptom:
ASR1K will fail to verify a message that is signed using a non-standard RSA key length  (2024 for example). The failure is commonly seen during SCEP enrollment or when validating a peer certificate when RSA-SIG is used for phase 1 authentication.

Conditions:
The failure has been observed on ASRs using an integrated ESP
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.