Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Negative RSA exponent for android_key_7_3_29 on Windows #21

Open
phausamann opened this issue Apr 10, 2018 · 3 comments
Open

Negative RSA exponent for android_key_7_3_29 on Windows #21

phausamann opened this issue Apr 10, 2018 · 3 comments

Comments

@phausamann
Copy link

For some reason, the android_key_7_3_29 global variable has a negative exponent on my Windows machine.

from gpsoauth import google, android_key_7_3_29
google.signature('test@gmail.com', 'asdf', android_key_7_3_29)

raises:

Traceback (most recent call last):  
  File "<input>", line 1, in <module>
  File "<PYTHONLIB>\site-packages\gpsoauth\google.py", line 50, in signature
    encrypted_login = cipher.encrypt((email + u'\x00' + password).encode('utf-8'))
  File "<PYTHONLIB>\site-packages\Cryptodome\Cipher\PKCS1_OAEP.py", line 138, in encrypt
    m_int = self._key._encrypt(em_int)
  File "<PYTHONLIB>\site-packages\Cryptodome\PublicKey\RSA.py", line 145, in _encrypt
    return int(pow(Integer(plaintext), self._e, self._n))
  File "<PYTHONLIB>\site-packages\Cryptodome\Math\_Numbers_gmp.py", line 404, in __pow__
    return result.inplace_pow(exponent, modulus)
  File "<PYTHONLIB>\site-packages\Cryptodome\Math\_Numbers_gmp.py", line 395, in inplace_pow
    raise ValueError("Exponent must not be negative")
ValueError: Exponent must not be negative

System info:

  • gpsoauth version 0.4.1
  • Python 3.6.5 [MSC v.1900 64 bit (AMD64)]
  • Windows-10-10.0.16299-SP0 x64
@simon-weber
Copy link
Owner

That's pretty odd. Can you try printing the value of the key, and if that's not helpful, then also the values in RSA.py:145? Then we can compare them against what we see on a linux machine.

@phausamann
Copy link
Author

On both Windows and BashOnUbuntuOnWindows (where I don't get the error) I get:

>>> android_key_7_3_29
RsaKey(n=141956196257934770187925561804359820971448272350983018436093173897855484510782207920697285059648243152878542520514658971720228524276304322321325896163977435852395272134149378260200371457183474602754725451457370420041505749329659663863538423736961928495802209949126722610439862310060378247113201580053877385209, e=65537)

The reason for the bug seems do be that in Cryptodome.Math._Numbers_gmp.Integer.inplace_pow, line 394, exponent.is_negative() returns True on Windows.

@simon-weber
Copy link
Owner

Hm. e is 2**16+1. Is it possible that something on windows is trying to put that value into a 16-bit int and overflowing?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@simon-weber @phausamann