diff options
author | Matěj Cepl <mcepl@cepl.eu> | 2022-06-28 21:17:01 +0200 |
---|---|---|
committer | Matěj Cepl <mcepl@cepl.eu> | 2022-06-28 22:47:24 +0200 |
commit | 84c53958def0f510e92119fca14d74f94215827a (patch) | |
tree | 21f8255076d40eba3baf7f7e297654d16de56b4d /src | |
parent | 1a746c6d01eff4863c116e279756a1035fd5feb0 (diff) | |
download | m2crypto-84c53958def0f510e92119fca14d74f94215827a.tar.gz |
Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657)
Fixes #282
Diffstat (limited to 'src')
-rw-r--r-- | src/SWIG/_m2crypto_wrap.c | 20 | ||||
-rw-r--r-- | src/SWIG/_rsa.i | 20 |
2 files changed, 24 insertions, 16 deletions
diff --git a/src/SWIG/_m2crypto_wrap.c b/src/SWIG/_m2crypto_wrap.c index aba9eb6..a9f30da 100644 --- a/src/SWIG/_m2crypto_wrap.c +++ b/src/SWIG/_m2crypto_wrap.c @@ -7040,9 +7040,10 @@ PyObject *rsa_private_encrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_private_encrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -7070,9 +7071,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -7097,9 +7099,10 @@ PyObject *rsa_public_encrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_public_encrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -7124,9 +7127,10 @@ PyObject *rsa_private_decrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); diff --git a/src/SWIG/_rsa.i b/src/SWIG/_rsa.i index bc714e0..1377b8b 100644 --- a/src/SWIG/_rsa.i +++ b/src/SWIG/_rsa.i @@ -239,9 +239,10 @@ PyObject *rsa_private_encrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_private_encrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -269,9 +270,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -296,9 +298,10 @@ PyObject *rsa_public_encrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_public_encrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); @@ -323,9 +326,10 @@ PyObject *rsa_private_decrypt(RSA *rsa, PyObject *from, int padding) { tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf, (unsigned char *)tbuf, rsa, padding); if (tlen == -1) { - m2_PyErr_Msg(_rsa_err); + ERR_clear_error(); + PyErr_Clear(); PyMem_Free(tbuf); - return NULL; + Py_RETURN_NONE; } ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen); |