Skip to content

Commit

Permalink
move blinding to __init__ on both RSA public and private (#5506)
Browse files Browse the repository at this point in the history 
* move blinding to __init__ on both RSA public and private

* change signature to guarantee this test is testing what we think
  • Loading branch information
@reaperhulk
reaperhulk committed Oct 26, 2020
1 parent bf4b962 commit cf9bd6a
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 17 deletions.
2 changes: 0 additions & 2 deletions src/cryptography/hazmat/backends/openssl/backend.py
View file
Expand Up @@ -623,8 +623,6 @@ def load_rsa_private_numbers(self, numbers):
self.openssl_assert(res == 1)
res = self._lib.RSA_set0_crt_params(rsa_cdata, dmp1, dmq1, iqmp)
self.openssl_assert(res == 1)
res = self._lib.RSA_blinding_on(rsa_cdata, self._ffi.NULL)
self.openssl_assert(res == 1)
evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)

return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
Expand Down
12 changes: 10 additions & 2 deletions src/cryptography/hazmat/backends/openssl/rsa.py
View file
Expand Up @@ -319,6 +319,11 @@ def __init__(self, backend, rsa_cdata, evp_pkey):
errors = backend._consume_errors_with_text()
raise ValueError("Invalid private key", errors)

# Blinding is on by default in many versions of OpenSSL, but let's
# just be conservative here.
res = backend._lib.RSA_blinding_on(rsa_cdata, backend._ffi.NULL)
backend.openssl_assert(res == 1)

self._backend = backend
self._rsa_cdata = rsa_cdata
self._evp_pkey = evp_pkey
Expand Down Expand Up @@ -351,8 +356,6 @@ def public_key(self):
ctx = self._backend._lib.RSAPublicKey_dup(self._rsa_cdata)
self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
ctx = self._backend._ffi.gc(ctx, self._backend._lib.RSA_free)
res = self._backend._lib.RSA_blinding_on(ctx, self._backend._ffi.NULL)
self._backend.openssl_assert(res == 1)
evp_pkey = self._backend._rsa_cdata_to_evp_pkey(ctx)
return _RSAPublicKey(self._backend, ctx, evp_pkey)

Expand Down Expand Up @@ -411,6 +414,11 @@ def sign(self, data, padding, algorithm):
@utils.register_interface(RSAPublicKeyWithSerialization)
class _RSAPublicKey(object):
def __init__(self, backend, rsa_cdata, evp_pkey):
# Blinding is on by default in many versions of OpenSSL, but let's
# just be conservative here.
res = backend._lib.RSA_blinding_on(rsa_cdata, backend._ffi.NULL)
backend.openssl_assert(res == 1)

self._backend = backend
self._rsa_cdata = rsa_cdata
self._evp_pkey = evp_pkey
Expand Down
24 changes: 11 additions & 13 deletions tests/hazmat/primitives/test_rsa.py
View file
Expand Up @@ -946,21 +946,19 @@ def test_invalid_pss_signature_wrong_key(self, backend):
skip_message="Does not support PSS.",
)
def test_invalid_pss_signature_data_too_large_for_modulus(self, backend):
# 2048 bit PSS signature
signature = binascii.unhexlify(
b"cb43bde4f7ab89eb4a79c6e8dd67e0d1af60715da64429d90c716a490b799c29"
b"194cf8046509c6ed851052367a74e2e92d9b38947ed74332acb115a03fcc0222"
b"58750fc3d2f560d1f3e37c8e28bc8da6d3e93f5d58f8becd25b1c931eea30fea"
b"54cb17d44b90104a0aacb7fe9ffa2a59c5788435911d63de78178d21eb875ccd"
b"0b07121b641ed4fe6bcb1ca5060322765507b4f24bdba8a698a8e4e07e6bf2c4"
b"7a736abe5a912e85cd32f648f3e043b4385e8b612dcce342c5fddf18c524deb5"
b"6295b95f6dfa759b2896b793628a90f133e74c1ff7d3af43e3f7ee792df2e5b6"
b"a19e996ac3676884354899a437b3ae4e3ac91976c336c332a3b1db0d172b19cb"
b"40ad3d871296cfffb3c889ce74a179a3e290852c35d59525afe4b39dc907fad2"
b"ac462c50a488dca486031a3dc8c4cdbbc53e9f71d64732e1533a5d1249b833ce"
)
public_key = rsa.RSAPublicNumbers(
n=int(
b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68"
b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8"
b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303"
b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4"
b"030d3581e13522",
16,
),
e=65537,
).public_key(backend)
# 1024 bit key
public_key = RSA_KEY_1024.private_key(backend).public_key()
with pytest.raises(InvalidSignature):
public_key.verify(
signature,
Expand Down

0 comments on commit cf9bd6a

Please sign in to comment.