| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Modify tests to detect empty crypto.Errors from load_privatekey
This reproduces #119 and #456.
* Prevent _PassphraseHelper.raise_if_problem() from eating exceptions.
This resolves #119, resolves #456.
`_PassphraseHelper.raise_if_problem()` always flushes the OpenSSL
exception queue, but does not always raise an exception. In some cases,
other code attempts to raise an error from OpenSSL after
`raise_if_problem()` has flushed the queue, thus causing an empty
exception to be raised (i.e. `raise Error([])`).
This commit modifies `_PassphraseHelper.raise_if_problem` to flush the
OpenSSL error queue only if it has en exception to raise. Subsequent
code that detects an error should now be able to raise an non-empty
exception.
* Add CHANGELOG entry for #581.
|
| | |
|
| |
|
|
|
|
|
|
| |
* Rewrite test_tsafe to be pytest-style
* Rewrite TestRevoked to be pytest-style
* Convert TestConnection to be pytest-style
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* fix two tests for OpenSSL 1.1.0's new defaults
* flake8
|
| |
|
|
|
|
|
|
| |
* Remove some pointless branches
* this nonsense too
* this is unused
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* convert pkey to cryptography keys and vice versa
* pep8 and such
* Add documentation and changelog
* add a type check and verify that it rejects ECDSA keys from cryptography
|
| |
|
|
|
|
| |
* Write a few more tests
* pytestify this whole jam
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Replace several untested paths with _openssl_assert
* fix, these require a bool
* oop, fixed
* finish porting crypto.py
* typo
* yessssssss
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Enable use of CRL (and more) in verify context.
* flake8 fixes.
* Comments from Hynek & Paul.
* More updates from Paul & Hynek.
* Fix closing backtick.
* Remove commented out constants.
* More doc updates. Changelog update.
* Getting closer?
* Sphinx fix.
* Indent docstring.
* More Sphinx updates.
* Type updates for docstrings.
* Remove Enum subclassing.
* Docstring update.
* Docstrings updates.
* Round and round it goes. Where it ends, nobody knows.
* Remove TODO comment. Need @sholsapp to follow up.
* Time for lots of alcohol.
|
| | |
|
| |
|
|
|
|
|
|
| |
* fix a small bug with load_publickey
* update docstring, rename test method
* make hynek happy
|
| | |
|
| | |
|
| |
|
|
|
| |
so we'll use the second revoked because to cover this branch we need to
see a NID that's not NID_crl_reason
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using the pyOpenSSL crypto module to sign data using a large key,
e.g. 8192 bit, a memory allocation error occurs. A test case to show
this, which comes from OpenStack Glance, is:
```
$ openssl genrsa -out server.key 8192
$ ...
$ cat test.py
from OpenSSL import crypto
import uuid
key_file = 'server.key'
with open(key_file, 'r') as keyfile:
key_str = keyfile.read()
key = crypto.load_privatekey(crypto.FILETYPE_PEM, key_str)
data = str(uuid.uuid4())
digest = 'sha256'
crypto.sign(key, data, digest)
$ python test.py
*** Error in `python': free(): invalid next size (normal): 0x0000000002879050 ***
Aborted
```
Other errors that may appear to the user are:
```
Segmentation Fault
```
```
*** Error in `python': double free or corruption (!prev): 0x0000000001245300 ***
Aborted
```
```
*** Error in `python': munmap_chunk(): invalid pointer: 0x0000000001fde540 ***
Aborted
```
The reason this happens is that the sign function of the crypto module
hard-codes the size of the signature buffer to 512 bytes (4096 bits).
An RSA key generates a signature that can be up to the size of the
private key modulus, so for an 8192 bit key, a buffer for a 4096 bit
signature is too short and causes a memory allocation error.
Technically the maximum size key this code should be able to handle is
4096 bits, but due to memory allocation alignment the problem only
becomes apparent for keys of at least 4161 bits.
This patch does two things. First, it determines the correct size of
the signature buffer, in bytes, based on the real size of the private
key, and passes that the buffer allocation instead of the static number
512. Second, it no longer passes in a signature length. This is because
the OpenSSL EVP_SignFinal function uses this argument as an output and
completely ignores it as an input[1], so there is no need for us to set
it.
This is only a problem for RSA keys, and this patch only affects RSA
keys. For DSA keys, the key size is restricted to 1024 bits (128
bytes), and the signature a DSA key will generate will be about 46
bytes, so this buffer will still be big enough for DSA signatures.
[1] https://github.com/openssl/openssl/blob/349807608f31b20af01a342d0072bb92e0b036e2/crypto/evp/p_sign.c#L74
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|
|
Prevents accidental imports when running tests.
|
