mcepl/python-M2Crypto
SHA256
1
0
Fork 0
forked from pool/python-M2Crypto
Code Pull Requests Activity
python-M2Crypto/CVE-2020-25657-Bleichenbacher-attack.patch
Matej Cepl ce064aef99 - Add CVE-2020-25657-Bleichenbacher-attack.patch (CVE-2020-25657, 
bsc#1178829), which mitigates the Bleichenbacher timing attacks
  in the RSA decryption API.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-M2Crypto?expand=0&rev=108
2022-07-12 21:24:39 +00:00

74 lines
2.4 KiB
Diff
Raw Blame History

---
src/SWIG/_m2crypto_wrap.c | 10 ++++++----
src/SWIG/_rsa.i | 10 ++++++----
tests/test_rsa.py | 2 --
3 files changed, 12 insertions(+), 10 deletions(-)
--- a/src/SWIG/_m2crypto_wrap.c
+++ b/src/SWIG/_m2crypto_wrap.c
@@ -7159,9 +7159,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, P
tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf,
(unsigned char *)tbuf, rsa, padding);
if (tlen == -1) {
- m2_PyErr_Msg(_rsa_err);
+ ERR_clear_error();
+ PyErr_Clear();
PyMem_Free(tbuf);
- return NULL;
+ Py_RETURN_NONE;
}
ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
@@ -7213,9 +7214,10 @@ PyObject *rsa_private_decrypt(RSA *rsa,
tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf,
(unsigned char *)tbuf, rsa, padding);
if (tlen == -1) {
- m2_PyErr_Msg(_rsa_err);
+ ERR_clear_error();
+ PyErr_Clear();
PyMem_Free(tbuf);
- return NULL;
+ Py_RETURN_NONE;
}
ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
--- a/src/SWIG/_rsa.i
+++ b/src/SWIG/_rsa.i
@@ -269,9 +269,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, P
tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf,
(unsigned char *)tbuf, rsa, padding);
if (tlen == -1) {
- m2_PyErr_Msg(_rsa_err);
+ ERR_clear_error();
+ PyErr_Clear();
PyMem_Free(tbuf);
- return NULL;
+ Py_RETURN_NONE;
}
ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
@@ -323,9 +324,10 @@ PyObject *rsa_private_decrypt(RSA *rsa,
tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf,
(unsigned char *)tbuf, rsa, padding);
if (tlen == -1) {
- m2_PyErr_Msg(_rsa_err);
+ ERR_clear_error();
+ PyErr_Clear();
PyMem_Free(tbuf);
- return NULL;
+ Py_RETURN_NONE;
}
ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
--- a/tests/test_rsa.py
+++ b/tests/test_rsa.py
@@ -147,8 +147,6 @@ class RSATestCase(unittest.TestCase):
with self.assertRaises(RSA.RSAError):
setattr(rsa, 'e', '\000\000\000\003\001\000\001')
with self.assertRaises(RSA.RSAError):
- rsa.private_encrypt(1)
- with self.assertRaises(RSA.RSAError):
rsa.private_decrypt(1)
assert rsa.check_key()
View Git Blame Copy Permalink