The Rambus SafeZone Basic Crypto Module prior to 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices prior to 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
Project Paranoid
Overview
Paranoid project checks for well known weaknesses on cryptographic artifacts
such as public keys, digital signatures and general pseudorandom numbers
This library contains implementations and optimizations of existing work found
in the literature The existing work showed that the generation of these
artifacts was flawed in some cases The following