Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dealing with RUSTSEC-2023-0071 #257

Open
link2xt opened this issue Nov 28, 2023 · 0 comments
Open

Dealing with RUSTSEC-2023-0071 #257

link2xt opened this issue Nov 28, 2023 · 0 comments

Comments

@link2xt
Copy link
Contributor

link2xt commented Nov 28, 2023

This decrypt public API is a straight call into rsa crate with PKCS1v15 padding:

rpgp/src/crypto/rsa.rs

Lines 25 to 33 in 63f55a7

pub fn decrypt(priv_key: &RsaPrivateKey, mpis: &[Mpi], _fingerprint: &[u8]) -> Result<Vec<u8>> {
// rsa consist of exactly one mpi
ensure_eq!(mpis.len(), 1, "invalid input");
let mpi = &mpis[0];
let m = priv_key.decrypt(Pkcs1v15Encrypt, mpi.as_bytes())?;
Ok(m)
}

This is claimed to be vulnerable to timing attack at RustCrypto/RSA#19
There is a security advisory at https://rustsec.org/advisories/RUSTSEC-2023-0071 without a fix currently.

rPGP should update to fixed rsa dependency or work around this somehow, but as far as I see there is no workaround and we need an rsa crate fix.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@link2xt