| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
equals to the modulus
modified: Added test cases in tests/test_integers.py
|
|
|
|
| |
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
|
| |
|
| |
|
|
|
|
|
| |
There were very few functions in there, and none of them were actually used
by the RSA library (just by the test code).
|
|
|
|
| |
No functional changes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As captured in https://github.com/python/typeshed/pull/1663, the types for
SHA-1 and SHA-2 family of functions are callables that return a Hash instance,
whilst the SHA-3 family of functions are Hash `type`s (at least in Python 3.6).
Mixing the two kinds of functions together in a dictionary confuses mypy's type
inference as noted in #153, so we instead add an annotation as a hint.
Also, update test_my.py to match the python version set by tox.ini in CI
instead of always targeting Python 3.7 (as configured in setup.cfg) to
validate the types in all supported Python 3.x versions.
This fix also avoids the issue with the older mypy releases for
Python 3.6 / Python 3.7 found in distro repos...
... for Ubuntu:
```
docker run \
-v $(pwd):/tmp/rsa \
-w /tmp/rsa ubuntu:18.04 \
/bin/bash -c 'apt-get update -qqy \
&& apt-get install -qqy python3-pyasn1 python3-setuptools python3-mypy \
&& python3 setup.py test'
```
... and for Fedora:
```
docker run \
-v $(pwd):/tmp/rsa \
-w /tmp/rsa docker.io/fedora \
/bin/bash -c 'dnf -y install wget python3-devel python3-pyasn1 python3-setuptools python3-mypy \
&& python3 setup.py test'
```
Fixes #153
|
|
|
|
|
|
|
|
| |
While pytest is the preferred test runner via tox, it looks like some folks are
still running tests via `python3 setup.py test` which uses unittest and does
not have good support for capturing stdout. To make using unittest slightly
more friendly, we further swallow stdout / stderr for cli tests, and ensure
print statements start on a newline.
|
|
|
|
|
| |
When a `PrivateKey` or `PublicKey` is unpickled `AbstractKey.__init__()`
should be called so `self.mutex` and `self.blindfac` are created.
|
|
|
|
|
|
|
|
|
| |
Computing the blinding factor and its inverse was done in a thread-unsafe
manner. Locking the computation & update of the blinding factors, and
passing these around in frame- and stack-bound data, solves this.
This fixes part of the issues reported in sybrenstuvel/python-rsa#173,
but there is more going on in that particular report.
|
|
|
|
|
|
|
|
|
| |
Store blinding factor + its inverse, so that they can be reused & updated
on every blinding operation. This avoids expensive computations.
The reuse of the previous blinding factor is done via squaring (mod n), as
per section 9 of 'A Timing Attack against RSA with the Chinese Remainder
Theorem' by Werner Schindler, https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf
|
|
|
|
|
| |
According to PKCS#1 v1.5, the padding should be at least 8 bytes long.
See https://tools.ietf.org/html/rfc8017#section-7.2.2 step 3 for more info.
|
|
|
|
|
|
|
| |
The third-party library that adds support for this to Python 3.5 is a
binary package, and thus breaks the pure-Python nature of Python-RSA.
This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147).
|
|
|
|
| |
The newer versions always have a message, even on success.
|
|
|
|
|
|
|
|
|
|
| |
Reject cyphertexts that have been modified by prepending zero bytes, by
checking the cyphertext length against the expected size (given the
decryption key). This resolves CVE-2020-13757.
The same approach is used when verifying a signature.
Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is based on https://github.com/sybrenstuvel/python-rsa/pull/96, with
a few improvements:
- The minimum of one use of SHA3 in a unit test, to at least touch it at
some point.
- Documented the support of SHA3.
- Only install the third-party library required by Python 3.5 when we're
running on Python 3.5. Newer Python versions support SHA3 natively.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shouldn't try to coerce bytes to a string. Instead, print the repr
value (e.g. b'mybytestring').
When running tests with the Python `-b` option, fixes warnings of the
form:
.../python-rsa/tests/test_strings.py:34: BytesWarning: str() on a bytes instance
print("\tMessage: %s" % message)
.../python-rsa/tests/test_strings.py:37: BytesWarning: str() on a bytes instance
print("\tEncrypted: %s" % encrypted)
.../python-rsa/tests/test_strings.py:40: BytesWarning: str() on a bytes instance
print("\tDecrypted: %s" % decrypted)
|
| |
|
|
|
|
| |
Implementation of the Mask Generation Function `MGF1` used in the OAEP encoding step.
For more information, the MGF1 specification is at https://tools.ietf.org/html/rfc2437#section-10.2.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Split the hashing out of the sign method
This code change adds support to split the hashing of a message
and the actual signing of the message.
* Updating unit test and documentation
This commit updates the unit test and usage docs. In addition,
This change removes a redundant error check inside rsa.sign().
* Refactore unit tests and code comments
Removed the print statements from the unit test and refactored a
few code comments to improve readability.
* Rename hash function
The new hash function had the same name as a function in the
standard library. This commit changes the name to avoid conflicts.
* Rename hash function to compute_hash()
This commit renames the hash function to compute_hash().
|
|
|
|
|
|
| |
I've not used the name "find_method_hash" suggested in #78, as it's a bit
vague. It's ok-ish for a private function `_find_method_hash`, but I
thought `find_signature_hash` would be more descriptive.
|
| |
|
| |
|
|
|
| |
It's about time to get this merged, thanks again!
|
|
|
| |
Thanks for the improvements!
|
| |
|
| |
|
| |
|
|
|
| |
Nice catch :)
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Overriding __eq__ blocks inheritance of __hash__ in Python 3.
Fixes issue #55
|
|
|
|
|
| |
Now that we no longer support Python 2.6, we can use int.bit_length()
instead. Co-authored by @adamantike.
|
|
|
|
| |
This reduces noise in the code coverage measurements.
|
|
|
|
|
| |
This unittest tests both execution branches of the function (keys
relatively prime or not), reducing randomness of code coverage.
|
|
|
|
|
| |
This unittest tests both execution branches of the function, reducing
randomness of code coverage.
|
|
|
|
| |
This was required for Python 2.6, which we no longer support.
|
| |
|
|
|
|
|
| |
Ensuring that bytes are written correctly on all supported Python
versions, including when writing to stdout.
|
| |
|
|
|
|
|
| |
This may break some applications. However, it does make the RSA library
easier to use on different Python versions.
|
|
|
|
|
|
|
|
|
|
|
| |
The following modules have been removed:
- rsa._version133
- rsa._version200
- rsa.bigfile
- rsa.varblock
The encrypt/decrypt-bigfile CLI commands have also been removed.
|
| |
|
| |
|
| |
|
| |
|