Control: tags -1 confirmed Hi Daniel, On 09-06-2019 10:05, Daniel Stender wrote: > On 6/8/19 9:20 PM, Paul Gevers wrote >> If this version gets uploaded, be it by the maintainers of m2crpyto or >> by Sebastian, it will be acceptable from the Release Team point of view. > > I've uploaded the package including these patches. Thanks a lot. In my opinion, no need to re-upload, but the check for the OpenSSL version seems to be failing (see below). That test should have been skipped. I'll trigger a test with openssl 1.1.1c to verify, but the test passed in unstable already. If that passes, I'll unblock this. Paul In testing (with openssl/1.1.1b-2): =================================== FAILURES =================================== _______________________ RSATestCase.test_public_encrypt ________________________ self = <tests.test_rsa.RSATestCase testMethod=test_public_encrypt> @unittest.skipIf(m2.OPENSSL_VERSION_NUMBER < 0x1010103f, 'Relies on fix which happened only in OpenSSL 1.1.1c') def test_public_encrypt(self): priv = RSA.load_key(self.privkey) # pkcs1_padding, pkcs1_oaep_padding for padding in self.e_padding_ok: p = getattr(RSA, padding) ctxt = priv.public_encrypt(self.data, p) ptxt = priv.private_decrypt(ctxt, p) self.assertEqual(ptxt, self.data) # sslv23_padding ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding) > res = priv.private_decrypt(ctxt, RSA.sslv23_padding) tests/test_rsa.py:129: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <M2Crypto.RSA.RSA object at 0x7ffae6e26d50> data = '\x1c\x1a\xa2o>\xb7e\x0e\xeaX\x86\x0c\xda\x80y%t,\xccyN\xde\xed;P\xf8\xddL\x9de\x8e\x9b\\\xbbV\x16\x02\xb7\x11\x95\x02...xbb\\\xbe\x0b\x8b\xdb~\xb3HS\xdfIH\x7f\xec5L\xd1-FN\x882-I\xe3\x95\x11\xe0\xdeZ\xd8\xd2M\\\xc3\x93\xf2\xea\xa3\xcc\xa0' padding = 2 def private_decrypt(self, data, padding): # type: (bytes, int) -> bytes assert self.check_key(), 'key is not initialised' > return m2.rsa_private_decrypt(self.rsa, data, padding) E RSAError: sslv3 rollback attack
Attachment:
signature.asc
Description: OpenPGP digital signature