| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As captured in https://github.com/python/typeshed/pull/1663, the types for
SHA-1 and SHA-2 family of functions are callables that return a Hash instance,
whilst the SHA-3 family of functions are Hash `type`s (at least in Python 3.6).
Mixing the two kinds of functions together in a dictionary confuses mypy's type
inference as noted in #153, so we instead add an annotation as a hint.
Also, update test_my.py to match the python version set by tox.ini in CI
instead of always targeting Python 3.7 (as configured in setup.cfg) to
validate the types in all supported Python 3.x versions.
This fix also avoids the issue with the older mypy releases for
Python 3.6 / Python 3.7 found in distro repos...
... for Ubuntu:
```
docker run \
-v $(pwd):/tmp/rsa \
-w /tmp/rsa ubuntu:18.04 \
/bin/bash -c 'apt-get update -qqy \
&& apt-get install -qqy python3-pyasn1 python3-setuptools python3-mypy \
&& python3 setup.py test'
```
... and for Fedora:
```
docker run \
-v $(pwd):/tmp/rsa \
-w /tmp/rsa docker.io/fedora \
/bin/bash -c 'dnf -y install wget python3-devel python3-pyasn1 python3-setuptools python3-mypy \
&& python3 setup.py test'
```
Fixes #153
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
While pytest is the preferred test runner via tox, it looks like some folks are
still running tests via `python3 setup.py test` which uses unittest and does
not have good support for capturing stdout. To make using unittest slightly
more friendly, we further swallow stdout / stderr for cli tests, and ensure
print statements start on a newline.
|
| |
|
| |
|
|
|
|
| |
Ref: 1a5b2d166fc95e5f3f07fdfec075acdf4d0eda921
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mistake is this: In some parts of the code, an exception is being
caught and replaced with a more user-friendly error. In these cases the
syntax `raise new_error from old_error` needs to be used.
Python's exception chaining means it shows not only the traceback of the
current exception, but that of the original exception (and possibly
more.) This is regardless of `raise from`. The usage of `raise from`
tells Python to put a more accurate message between the tracebacks.
Instead of this:
During handling of the above exception, another exception occurred:
You'll get this:
The above exception was the direct cause of the following exception:
The first is inaccurate, because it signifies a bug in the
exception-handling code itself, which is a separate situation than
wrapping an exception.
|
| |
|
|
|
|
|
| |
Document how to use Poetry for setting up a dev environment and for
building & publishing a new release.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Poetry is nicer to work with than Pipenv + setup.py.
This drops Python 3.5 support; that's ok, since that version is EOL.
|
| |
|
|
|
|
|
| |
Change header style from RestructuredText style (dashes under header) to
MarkDown style (pound signs in front of header).
|
|
|
|
| |
The CHANGELOG.md can still be used to find what happened in which release.
|
| |
|
| |
|
|
|
|
|
| |
When a `PrivateKey` or `PublicKey` is unpickled `AbstractKey.__init__()`
should be called so `self.mutex` and `self.blindfac` are created.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Computing the blinding factor and its inverse was done in a thread-unsafe
manner. Locking the computation & update of the blinding factors, and
passing these around in frame- and stack-bound data, solves this.
This fixes part of the issues reported in sybrenstuvel/python-rsa#173,
but there is more going on in that particular report.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Strings need to be encoded into bytes before the RSA module can operate
on them.
|
| |
|
|
|
|
|
|
|
|
|
| |
Store blinding factor + its inverse, so that they can be reused & updated
on every blinding operation. This avoids expensive computations.
The reuse of the previous blinding factor is done via squaring (mod n), as
per section 9 of 'A Timing Attack against RSA with the Chinese Remainder
Theorem' by Werner Schindler, https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf
|
|
|
|
|
| |
Crypto length and blocksize are public info, so don't need side-channel
free comparison.
|
|
|
|
|
| |
Use `bytes.find()` instead of `bytes.index()`, as the former doesn't raise
an exception when the to-be-found byte doesn't exist.
|
| |
|
|
|
|
|
| |
According to PKCS#1 v1.5, the padding should be at least 8 bytes long.
See https://tools.ietf.org/html/rfc8017#section-7.2.2 step 3 for more info.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use as many constant-time comparisons as practical in the
`rsa.pkcs1.decrypt` function.
`cleartext.index(b'\x00', 2)` will still be non-constant-time. The
alternative would be to iterate over all the data byte by byte in
Python, which is several orders of magnitude slower. Given that a
perfect constant-time implementation is very hard or even impossible to
do in Python [1], I chose the more performant option here.
[1]: https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
See commit d15a7f3 for the reason why.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Note that version 4.3 will not appear on the master branch, but is
available in the version-4.3-py27compatible branch only.
|
| |
|
|
|
|
|
|
|
| |
The third-party library that adds support for this to Python 3.5 is a
binary package, and thus breaks the pure-Python nature of Python-RSA.
This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147).
|