File CVE-2020-25657-Bleichenbacher-attack.patch of Package python-M2Crypto.25024

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2020-25657-Bleichenbacher-attack.patch of Package python-M2Crypto.25024

---
 M2Crypto/Err.py       |    6 +++---
 SWIG/_m2crypto_wrap.c |   10 ++++++----
 SWIG/_rsa.i           |   10 ++++++----
 tests/test_rsa.py     |   12 ++++++------
 4 files changed, 21 insertions(+), 17 deletions(-)

--- a/M2Crypto/Err.py
+++ b/M2Crypto/Err.py
@@ -39,9 +39,9 @@ def get_error_func(err):
 
 
 def get_error_reason(err):
-    # type: (int) -> str
-    return util.py3str(m2.err_reason_error_string(err))
-
+    # type: (Optional[int]) -> str
+    err_str = m2.err_reason_error_string(err)
+    return util.py3str(err_str) if err_str else ''
 
 def get_error_message():
     # type: () -> str
--- a/SWIG/_m2crypto_wrap.c
+++ b/SWIG/_m2crypto_wrap.c
@@ -6877,9 +6877,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, P
     tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf,
         (unsigned char *)tbuf, rsa, padding);
     if (tlen == -1) {
-        m2_PyErr_Msg(_rsa_err);
+        ERR_clear_error();
+        PyErr_Clear();
         PyMem_Free(tbuf);
-        return NULL;
+        Py_RETURN_NONE;
     }
 
     ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
@@ -6931,9 +6932,10 @@ PyObject *rsa_private_decrypt(RSA *rsa,
     tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf,
         (unsigned char *)tbuf, rsa, padding);
     if (tlen == -1) {
-        m2_PyErr_Msg(_rsa_err);
+        ERR_clear_error();
+        PyErr_Clear();
         PyMem_Free(tbuf);
-        return NULL;
+        Py_RETURN_NONE;
     }
     ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
 
--- a/SWIG/_rsa.i
+++ b/SWIG/_rsa.i
@@ -267,9 +267,10 @@ PyObject *rsa_public_decrypt(RSA *rsa, P
     tlen = RSA_public_decrypt(flen, (unsigned char *)fbuf,
         (unsigned char *)tbuf, rsa, padding);
     if (tlen == -1) {
-        m2_PyErr_Msg(_rsa_err);
+        ERR_clear_error();
+        PyErr_Clear();
         PyMem_Free(tbuf);
-        return NULL;
+        Py_RETURN_NONE;
     }
 
     ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
@@ -321,9 +322,10 @@ PyObject *rsa_private_decrypt(RSA *rsa,
     tlen = RSA_private_decrypt(flen, (unsigned char *)fbuf,
         (unsigned char *)tbuf, rsa, padding);
     if (tlen == -1) {
-        m2_PyErr_Msg(_rsa_err);
+        ERR_clear_error();
+        PyErr_Clear();
         PyMem_Free(tbuf);
-        return NULL;
+        Py_RETURN_NONE;
     }
     ret = PyBytes_FromStringAndSize((const char *)tbuf, tlen);
 
--- a/tests/test_rsa.py
+++ b/tests/test_rsa.py
@@ -128,10 +128,12 @@ class RSATestCase(unittest.TestCase):
 
         # sslv23_padding
         ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
-        with self.assertRaises(RSA.RSAError):
-            priv.private_decrypt(ctxt, RSA.sslv23_padding)
-        with self.assertRaises(RSA.RSAError):
-            priv.private_decrypt(ctxt, RSA.sslv23_padding)
+        # Raising exception has been switched off as a mitigation against
+        # CVE-2020-25657 the Bleichenbacher timing attack
+        # with self.assertRaises(RSA.RSAError):
+        priv.private_decrypt(ctxt, RSA.sslv23_padding)
+        # with self.assertRaises(RSA.RSAError):
+        priv.private_decrypt(ctxt, RSA.sslv23_padding)
 
         # no_padding
         with self.assertRaises(RSA.RSAError):
@@ -154,8 +156,6 @@ class RSATestCase(unittest.TestCase):
         with self.assertRaises(RSA.RSAError):
             setattr(rsa, 'e', '\000\000\000\003\001\000\001')
         with self.assertRaises(RSA.RSAError):
-            rsa.private_encrypt(1)
-        with self.assertRaises(RSA.RSAError):
             rsa.private_decrypt(1)
         assert rsa.check_key()

Places

File CVE-2020-25657-Bleichenbacher-attack.patch of Package python-M2Crypto.25024

Places