Debian weak keys, DER-encoded in the following formats:

• PKCS#1 RSAPrivateKey, with public exponent 65537.
• SEC1 ECPrivateKey.

These private keys were generated using the tools in the key_generator repository. Using these private keys, CAs can implement their own Debian weak key checks without having to be tied to the RSA-only blocklist format made available by Debian when the CVE-2008-0166 vulnerability was first disclosed.

NOTE: When designing Debian weak key checks, it is important for CAs to be aware that all RSA public exponents are equally vulnerable when used with an RSA modulus generated by a vulnerable Debian system.

CAs could consider using the pregenerated blocklists in the dwk_blocklists repository, which list the SHA-256 hashes of the RSA moduli and EC X-coordinates of the private keys in this repository.