Mark use of PKCS1v15
for encryption and decryption a vulnerability
#1071
Labels
enhancement
New feature or request
Is your feature request related to a problem? Please describe.
While
pyca/cryptography
is generally a high quality wrapper around OpenSSL, because of peculiarities of Python it is impossible to handle PKCS#1 v1.5 decryption failures in side channel free manner. As such, all usages of it will leak information useful in mounting the Bleichenbacher/Marvin attack: pyca/cryptography#9785Describe the solution you'd like
Any use of the
cryptography.hazmat.primitives.asymmetric.padding.PKCS1v15
for decryption (or encryption) should be marked as vulnerabilities.Describe alternatives you've considered
it's impossible to handle exceptions in Python in side-channel free manner
the PKCS#1 v1.5 is known to be insecure for over 25 years at this point, it's high time to stop use of it
the alternative is to use RSA-OAEP encryption
Additional context
https://people.redhat.com/~hkario/marvin/
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.
The text was updated successfully, but these errors were encountered: