diff options
author | Sybren A. Stüvel <sybren@stuvel.eu> | 2016-01-22 13:54:52 +0100 |
---|---|---|
committer | Sybren A. Stüvel <sybren@stuvel.eu> | 2016-01-22 13:54:52 +0100 |
commit | 1681a0b2f84a4a252c71b87de870a2816de06fdf (patch) | |
tree | 7e8effcb9b2352182119029aa179e59f9dc1ea94 /doc | |
parent | 2310b34bdb530e0bad793d42f589c9f848ff181b (diff) | |
download | rsa-git-1681a0b2f84a4a252c71b87de870a2816de06fdf.tar.gz |
Fix #13: Deprecated the VARBLOCK format and rsa.bigfile module
This deprecation is due to security issues; see
https://github.com/sybrenstuvel/python-rsa/issues/13 for more information.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/reference.rst | 12 | ||||
-rw-r--r-- | doc/usage.rst | 18 |
2 files changed, 30 insertions, 0 deletions
diff --git a/doc/reference.rst b/doc/reference.rst index 53dee63..d80416a 100644 --- a/doc/reference.rst +++ b/doc/reference.rst @@ -44,6 +44,12 @@ Exceptions Module: rsa.bigfile -------------------------------------------------- +.. warning:: + + The :py:mod:`rsa.bigfile` module is NOT recommended for general use, has been + deprecated since Python-RSA 3.4, and will be removed in a future release. It's + vulnerable to a number of attacks. See :ref:`bigfiles` for more information. + The :py:mod:`rsa.bigfile` module contains functions for encrypting and decrypting files that are larger than the RSA key. See :ref:`bigfiles` for more information. @@ -57,6 +63,12 @@ decrypting files that are larger than the RSA key. See The VARBLOCK file format ++++++++++++++++++++++++++++++++++++++++++++++++++ +.. warning:: + + The VARBLOCK format is NOT recommended for general use, has been deprecated since + Python-RSA 3.4, and will be removed in a future release. It's vulnerable to a + number of attacks. See :ref:`bigfiles` for more information. + The VARBLOCK file format allows us to encrypt files that are larger than the RSA key. The format is as follows; || denotes byte string concatenation:: diff --git a/doc/usage.rst b/doc/usage.rst index 363788f..6e11a35 100644 --- a/doc/usage.rst +++ b/doc/usage.rst @@ -282,6 +282,24 @@ the encrypted key to the recipient. The complete flow is: Only using Python-RSA: the VARBLOCK format +++++++++++++++++++++++++++++++++++++++++++ +.. warning:: + + The VARBLOCK format is NOT recommended for general use, has been deprecated since + Python-RSA 3.4, and will be removed in a future release. It's vulnerable to a + number of attacks: + + 1. decrypt/encrypt_bigfile() does not implement `Authenticated encryption`_ nor + uses MACs to verify messages before decrypting public key encrypted messages. + + 2. decrypt/encrypt_bigfile() does not use hybrid encryption (it uses plain RSA) + and has no method for chaining, so block reordering is possible. + + See `issue #19 on Github`_ for more information. + +.. _Authenticated encryption: https://en.wikipedia.org/wiki/Authenticated_encryption +.. _issue #19 on Github: https://github.com/sybrenstuvel/python-rsa/issues/13 + + As far as we know, there is no pure-Python AES encryption. Previous versions of Python-RSA included functionality to encrypt large files with just RSA, and so does this version. The format has been improved, |