Migrated from: https://gitlab.com/m2crypto/m2crypto/-/issues/217
Created by: David Davis (@daviddavis)
Created at: 2018-05-24T12:00:05.095Z
This code fails unexpectedly when you reach the last line:
from M2Crypto import RSA, BIO
RSA_PUB = """
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbZu3/ml//XLdb+n8fMklr3Ckp
BYfIqYFGQzcfDyIBGJUrWZRQgwkQn2P9J8QgVyNSrByFN1DbEJvrY9Lo6kzqy8fl
h9Ws1GKMRfqJZk99/Zae/Wbn9dQqa9EYrMZR3pO5UMmpSRFzZNTWEvmP4WAP4fqu
e1VQJiUwXnMkTSO7cQIDAQAB
-----END PUBLIC KEY-----
"""
OTHER_KEY = """
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDcx31TTh+mcm7v3NtQrkfHL5KgRXv7uDCLI56vULYSp5HtC9F9
Jph2DT8l/XVXj0L5WMPP12VRZkmmgR9LDF5iHXnWE47Dy/6Midz4KIV1Vx7O/LdX
btzq0lYRcaEofZPSfapf7hpNMhl3G5ioUvXp6vbh9EbGLetdXeVeqii53QIDAQAB
AoGBAMiLBJIJIsLEq3SB/01YIacS1XNz6l0KQD4DCv9gpyJmyCy0UYQG7PI+sh/G
DTKN1V49fRBsLYI1Ea2HGG/JOmjhQOxjz/F1jAMbQfeTXhu/JVYlhDgOK3nC+DnF
jmJ2FfqUxr/eE87IzUF5Qm4TVffKwCSaxQ3u3xkbk9+oBkMBAkEA8OVxcTyKmgho
9hk0PHPuFIeWAgKf5015oLUZPPeYYeACiZGUnvP1BdiO9QpZyIPaEiySDb2jv0ZR
kJpHW7qpPQJBAOqfJ3Q+6v/u9pKmjcH8kEtIB8Mtnm5WIs4cLhlChI4xbm1Gawvp
Lly6GSNUvsFVxyaMrqaMQxtKdHg4MtZxHSECQBpVOn1iXNRRrweX4bnqAlCEMcWu
e8RRF8aVhVjAyAuK7TwUieaGTHaDIb1vkDj3ENODw8N0w32ZNjlUZBCG6xECQETP
ms2wKlIXrr+CE69iOJurq4Ml3QJ1Rs32W9rStHfTrZRlA75BjHRrrDW9hBjF5Ju8
xPhZyNC3PIOJz/cuw6ECQQCbfqV4YWiW0j2t/dotJjA0S/QdQYJcUbo/kNUar65v
ZdgAs+Krt4gDkn34BF5009pZf0IBANSPMeqvw4BWr3G4
-----END RSA PRIVATE KEY-----
"""
pub_key = RSA.load_pub_key_bio(BIO.MemoryBuffer(RSA_PUB))
priv_key = RSA.load_key_bio(BIO.MemoryBuffer(OTHER_KEY))
message = 'hello'
try:
pub_key.verify(message, priv_key.sign("message"))
except RSA.RSAError:
print("This is expected")
# this fails unexpectedly
bio = BIO.MemoryBuffer("")
I'm on Python 2.7.15 with m2crypto-0.28.2-2.fc27.x86_64:
$ python m2crypto_test.py
This is expected
Traceback (most recent call last):
File "m2crypto_test.py", line 40, in <module>
bio = BIO.MemoryBuffer("")
File "/usr/lib64/python2.7/site-packages/M2Crypto/BIO.py", line 191, in __init__
m2.bio_write(self.bio, data)
M2Crypto.BIO.BIOError: padding check failed
Note that if I call BIO.MemoryBuffer("")
before the key.verify()
, I don't get an error.
On 2018-05-28T05:13:42.311Z, Matěj Cepl wrote:
I wonder how much this bug is related to this comment and whole issue #204 :
I suspect the m2crypto code in this example does raw (aka textbook) RSA. We don’t support that at this time as it is extremely insecure.
(Last edited at 2018-05-28T05:13:54.733Z.)
On 2018-06-20T18:36:19.893Z, Daniel Alley wrote:
@mcepl Could you expand on that? I don't see the significance.
Why does
verify(message, priv_key.sign("message"))
cause side effects which causeMemoryBuffer("")
to fail? And if this is something that we should avoid doing, what would you recommend we do instead?
On 2018-06-20T20:29:34.978Z, Matěj Cepl wrote:
Why does
verify(message, priv_key.sign("message"))
cause side effects which causeMemoryBuffer("")
to fail? And if this is something that we should avoid doing, what would you recommend we do instead?Error handling in OpenSSL is done by setting the number of error (and the error message) to the global variable, which needs to be cleared explicitly. If we have done something wrong in
verify
, we can leave the goo in those variables, which show up later (for some unrelated error, not all errors set both variables).Unfortunately, I am fresh in new job and I have hard time to keep up with my new work, so I would a way prefer merge request to me diving into the code again. I am sorry about that.
On 2018-06-25T20:07:56.100Z, Daniel Alley wrote:
My C knowledge is not good, but fwiw I believe this is the same issue and it contains more detail about what is going on / how best to fix it.