0001-Fix-CVE-2020-13757.patch

@@ -0,0 +1,110 @@
+From 93af6f2f89a9bf28361e67716c4240e691520f30 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
+Date: Wed, 3 Jun 2020 14:39:23 +0200
+Subject: [PATCH] Fix CVE-2020-13757: detect cyphertext modifications by
+ prepending zero bytes
+
+Reject cyphertexts that have been modified by prepending zero bytes, by
+checking the cyphertext length against the expected size (given the
+decryption key). This resolves CVE-2020-13757.
+
+The same approach is used when verifying a signature.
+
+Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146
+---
+ rsa/pkcs1.py        |  9 +++++++++
+ tests/test_pkcs1.py | 44 ++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 53 insertions(+)
+
+diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py
+index 28f0dc5..cdf830b 100644
+--- a/rsa/pkcs1.py
++++ b/rsa/pkcs1.py
+@@ -232,6 +232,12 @@ def decrypt(crypto, priv_key):
+     decrypted = priv_key.blinded_decrypt(encrypted)
+     cleartext = transform.int2bytes(decrypted, blocksize)
+ 
++    # Detect leading zeroes in the crypto. These are not reflected in the
++    # encrypted value (as leading zeroes do not influence the value of an
++    # integer). This fixes CVE-2020-13757.
++    if len(crypto) > blocksize:
++        raise DecryptionError('Decryption failed')
++
+     # If we can't find the cleartext marker, decryption failed.
+     if cleartext[0:2] != b('\x00\x02'):
+         raise DecryptionError('Decryption failed')
+@@ -310,6 +316,9 @@ def verify(message, signature, pub_key):
+     cleartext = HASH_ASN1[method_name] + message_hash
+     expected = _pad_for_signing(cleartext, keylength)
+ 
++    if len(signature) != keylength:
++        raise VerificationError('Verification failed')
++
+     # Compare with the signed one
+     if expected != clearsig:
+         raise VerificationError('Verification failed')
+diff --git a/tests/test_pkcs1.py b/tests/test_pkcs1.py
+index 39555f6..5ee5bd7 100644
+--- a/tests/test_pkcs1.py
++++ b/tests/test_pkcs1.py
+@@ -65,6 +65,32 @@ class BinaryTest(unittest.TestCase):
+         self.assertNotEqual(encrypted1, encrypted2)
+ 
+ 
++class ExtraZeroesTest(unittest.TestCase):
++    def setUp(self):
++        # Key, cyphertext, and plaintext taken from https://github.com/sybrenstuvel/python-rsa/issues/146
++        self.private_key = rsa.PrivateKey.load_pkcs1(
++            "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAs1EKK81M5kTFtZSuUFnhKy8FS2WNXaWVmi/fGHG4CLw98+Yo\n0nkuUarVwSS0O9pFPcpc3kvPKOe9Tv+6DLS3Qru21aATy2PRqjqJ4CYn71OYtSwM\n/ZfSCKvrjXybzgu+sBmobdtYm+sppbdL+GEHXGd8gdQw8DDCZSR6+dPJFAzLZTCd\nB+Ctwe/RXPF+ewVdfaOGjkZIzDoYDw7n+OHnsYCYozkbTOcWHpjVevipR+IBpGPi\n1rvKgFnlcG6d/tj0hWRl/6cS7RqhjoiNEtxqoJzpXs/Kg8xbCxXbCchkf11STA8u\ndiCjQWuWI8rcDwl69XMmHJjIQAqhKvOOQ8rYTQIDAQABAoIBABpQLQ7qbHtp4h1Y\nORAfcFRW7Q74UvtH/iEHH1TF8zyM6wZsYtcn4y0mxYE3Mp+J0xlTJbeVJkwZXYVH\nL3UH29CWHSlR+TWiazTwrCTRVJDhEoqbcTiRW8fb+o/jljVxMcVDrpyYUHNo2c6w\njBxhmKPtp66hhaDpds1Cwi0A8APZ8Z2W6kya/L/hRBzMgCz7Bon1nYBMak5PQEwV\nF0dF7Wy4vIjvCzO6DSqA415DvJDzUAUucgFudbANNXo4HJwNRnBpymYIh8mHdmNJ\n/MQ0YLSqUWvOB57dh7oWQwe3UsJ37ZUorTugvxh3NJ7Tt5ZqbCQBEECb9ND63gxo\n/a3YR/0CgYEA7BJc834xCi/0YmO5suBinWOQAF7IiRPU+3G9TdhWEkSYquupg9e6\nK9lC5k0iP+t6I69NYF7+6mvXDTmv6Z01o6oV50oXaHeAk74O3UqNCbLe9tybZ/+F\ndkYlwuGSNttMQBzjCiVy0+y0+Wm3rRnFIsAtd0RlZ24aN3bFTWJINIsCgYEAwnQq\nvNmJe9SwtnH5c/yCqPhKv1cF/4jdQZSGI6/p3KYNxlQzkHZ/6uvrU5V27ov6YbX8\nvKlKfO91oJFQxUD6lpTdgAStI3GMiJBJIZNpyZ9EWNSvwUj28H34cySpbZz3s4Xd\nhiJBShgy+fKURvBQwtWmQHZJ3EGrcOI7PcwiyYcCgYEAlql5jSUCY0ALtidzQogW\nJ+B87N+RGHsBuJ/0cxQYinwg+ySAAVbSyF1WZujfbO/5+YBN362A/1dn3lbswCnH\nK/bHF9+fZNqvwprPnceQj5oK1n4g6JSZNsy6GNAhosT+uwQ0misgR8SQE4W25dDG\nkdEYsz+BgCsyrCcu8J5C+tUCgYAFVPQbC4f2ikVyKzvgz0qx4WUDTBqRACq48p6e\n+eLatv7nskVbr7QgN+nS9+Uz80ihR0Ev1yCAvnwmM/XYAskcOea87OPmdeWZlQM8\nVXNwINrZ6LMNBLgorfuTBK1UoRo1pPUHCYdqxbEYI2unak18mikd2WB7Fp3h0YI4\nVpGZnwKBgBxkAYnZv+jGI4MyEKdsQgxvROXXYOJZkWzsKuKxVkVpYP2V4nR2YMOJ\nViJQ8FUEnPq35cMDlUk4SnoqrrHIJNOvcJSCqM+bWHAioAsfByLbUPM8sm3CDdIk\nXVJl32HuKYPJOMIWfc7hIfxLRHnCN+coz2M6tgqMDs0E/OfjuqVZ\n-----END RSA PRIVATE KEY-----",
++            format='PEM')
++        self.cyphertext = bytes.fromhex(
++            "4501b4d669e01b9ef2dc800aa1b06d49196f5a09fe8fbcd037323c60eaf027bfb98432be4e4a26c567ffec718bcbea977dd26812fa071c33808b4d5ebb742d9879806094b6fbeea63d25ea3141733b60e31c6912106e1b758a7fe0014f075193faa8b4622bfd5d3013f0a32190a95de61a3604711bc62945f95a6522bd4dfed0a994ef185b28c281f7b5e4c8ed41176d12d9fc1b837e6a0111d0132d08a6d6f0580de0c9eed8ed105531799482d1e466c68c23b0c222af7fc12ac279bc4ff57e7b4586d209371b38c4c1035edd418dc5f960441cb21ea2bedbfea86de0d7861e81021b650a1de51002c315f1e7c12debe4dcebf790caaa54a2f26b149cf9e77d"
++        )
++        self.plaintext = bytes.fromhex("54657374")
++
++    def test_unmodified(self):
++        message = rsa.decrypt(self.cyphertext, self.private_key)
++        self.assertEqual(message, self.plaintext)
++
++    def test_prepend_zeroes(self):
++        cyphertext = bytes.fromhex("0000") + self.cyphertext
++        with self.assertRaises(rsa.DecryptionError):
++            rsa.decrypt(cyphertext, self.private_key)
++
++    def test_append_zeroes(self):
++        cyphertext = self.cyphertext + bytes.fromhex("0000")
++        with self.assertRaises(rsa.DecryptionError):
++            rsa.decrypt(cyphertext, self.private_key)
++
++
+ class SignatureTest(unittest.TestCase):
+     def setUp(self):
+         (self.pub, self.priv) = rsa.newkeys(512)
+@@ -80,6 +106,24 @@ class SignatureTest(unittest.TestCase):
+ 
+         self.assertTrue(pkcs1.verify(message, signature, self.pub))
+ 
++    def test_prepend_zeroes(self):
++        """Prepending the signature with zeroes should be detected."""
++
++        message = b'je moeder'
++        signature = pkcs1.sign(message, self.priv, 'SHA-256')
++        signature = bytes.fromhex('0000') + signature
++        with self.assertRaises(rsa.VerificationError):
++            pkcs1.verify(message, signature, self.pub)
++
++    def test_apppend_zeroes(self):
++        """Apppending the signature with zeroes should be detected."""
++
++        message = b'je moeder'
++        signature = pkcs1.sign(message, self.priv, 'SHA-256')
++        signature = signature + bytes.fromhex('0000')
++        with self.assertRaises(rsa.VerificationError):
++            pkcs1.verify(message, signature, self.pub)
++
+     def test_alter_message(self):
+         """Altering the message should let the verification fail."""
+ 
+-- 
+1.8.3.1
+

python-rsa.spec

@@ -1,103 +1,88 @@
-%global _empty_manifest_terminate_build 0
 Name:           python-rsa
-Version:        4.8
-Release:        1
+Version:        3.4.2
+Release:        12
 Summary:        Pure-Python RSA implementation
-License:        Apache-2.0
-URL:            https://stuvel.eu/rsa
-Source0:        https://files.pythonhosted.org/packages/8c/ee/4022542e0fed77dd6ddade38e1e4dea3299f873b7fd4e6d78319953b0f83/rsa-4.8.tar.gz
+License:        ASL 2.0
+URL:            http://stuvel.eu/rsa
+Source0:        https://pypi.python.org/packages/source/r/rsa/rsa-%{version}.tar.gz
 BuildArch:      noarch
+
+Patch1: 0001-Fix-CVE-2020-13757.patch
+
 %description
 Python-RSA is a pure-Python RSA implementation. It supports
 encryption and decryption, signing and verifying signatures,
 and key generation according to PKCS#1 version 1.5.
 
-%package -n python3-rsa
+%package -n     python2-rsa
+%{?python_provide:%python_provide python2-rsa}
 Summary:        Pure-Python RSA implementation
-Provides:       python-rsa
-# Base build requires
-BuildRequires:  python3-devel
-BuildRequires:  python3-setuptools
-BuildRequires:  python3-pbr
-BuildRequires:  python3-pip
-BuildRequires:  python3-wheel
-# General requires
-BuildRequires:  python3-pyasn1
-# General requires
-Requires:       python3-pyasn1
+BuildRequires:  python2-devel, python2-setuptools, python2-pyasn1 >= 0.1.3
+Requires:       python2-pyasn1 >= 0.1.3, python2-setuptools
+
+%description -n python2-rsa
+Python-RSA is a pure-Python RSA implementation. It supports
+encryption and decryption, signing and verifying signatures,
+and key generation according to PKCS#1 version 1.5.
+
+%package -n     python3-rsa
+%{?python_provide:%python_provide python3-rsa}
+Summary:        Pure-Python RSA implementation
+BuildRequires:  python3-devel, python3-setuptools, python3-pyasn1 >= 0.1.3, python3-unittest2
+Requires:       python3-pyasn1 >= 0.1.3, python3-setuptools
+
 %description -n python3-rsa
 Python-RSA is a pure-Python RSA implementation. It supports
 encryption and decryption, signing and verifying signatures,
 and key generation according to PKCS#1 version 1.5.
 
-%package help
-Summary:        Pure-Python RSA implementation
-Provides:       python3-rsa-doc
-%description help
-Python-RSA is a pure-Python RSA implementation. It supports
-encryption and decryption, signing and verifying signatures,
-and key generation according to PKCS#1 version 1.5.
-
 %prep
-%autosetup -n rsa-%{version}
+%autosetup -n rsa-%{version} -p1
 
 %build
+%py2_build
 %py3_build
 
 %install
-%py3_install
+%py2_install
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile-2
+cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile-2
 
-install -d -m755 %{buildroot}/%{_pkgdocdir}
-if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
-if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
-if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
-if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
-pushd %{buildroot}
-if [ -d usr/lib ]; then
-    find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
-fi
-if [ -d usr/lib64 ]; then
-    find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
-fi
-if [ -d usr/bin ]; then
-    find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
-fi
-if [ -d usr/sbin ]; then
-    find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
-fi
-touch doclist.lst
-if [ -d usr/share/man ]; then
-    find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
-fi
-popd
-mv %{buildroot}/filelist.lst .
-mv %{buildroot}/doclist.lst .
+%py3_install
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile-3
+mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile-3
+
+%files -n python2-rsa
+%doc README.md
+%license LICENSE
+%{_bindir}/pyrsa-*-2
+%{python2_sitelib}/*
+
+%files -n python3-rsa
+%doc README.md
+%license LICENSE
+%{_bindir}/pyrsa-*-3
+%{python3_sitelib}/*
 
 %check
+%{__python2} setup.py test
 %{__python3} setup.py test
 
-%files -n python3-rsa -f filelist.lst
-%dir %{python3_sitelib}/*
-
-%files help -f doclist.lst
-%{_docdir}/*
-
 %changelog
-* Tue May 31 2022 OpenStack_SIG <openstack@openeuler.org> - 4.8-1
-- Upgrade package python3-rsa to version 4.8
-
-* Mon Aug 09 2021 OpenStack_SIG <openstack@openeuler.org> - 4.7.2-1
-- Package update to 4.7.2
-
-* Tue Dec 15 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-14
-- fix CVE-2020-25658
-
-* Fri Oct 30 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-13
-- remove python2 dependency
-
 * Tue Aug 4 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-12
 - fix CVE-2020-13757
 
 * Mon Feb 10 2020 Ruijun Ge <geruijun@huawei.com> - 3.4.2-11
 - package init
-

python-rsa.yaml

@@ -2,4 +2,3 @@ version_control: github
 src_repo: sybrenstuevl/python-rsa
 tag_prefix: version-
 seperator: .
-