...
 
Commits (2)
......@@ -55,7 +55,7 @@ copyright = u'2016, JWCrypto Contributors'
# The short X.Y version.
version = '0.3'
# The full version, including alpha/beta/rc tags.
release = '0.3.1'
release = '0.3.2'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
......
......@@ -187,6 +187,23 @@ class _Rsa15(_RSA):
def name(self):
return 'RSA1_5'
def unwrap(self, key, keylen, ek, headers):
self._check_key(key)
# Address MMA attack by implementing RFC 3218 - 2.3.2. Random Filling
# provides a random cek that will cause the decryption engine to
# run to the end, but will fail decryption later.
# always generate a random cek so we spend roughly the
# same time as in the exception side of the branch
cek = os.urandom(keylen)
try:
cek = super(_Rsa15, self).unwrap(key, keylen, ek, headers)
# always raise so we always run through the exception handling
# code in all cases
raise Exception('Dummy')
except Exception: # pylint: disable=broad-except
return cek
class _RsaOaep(_RSA):
def __init__(self):
......
......@@ -6,7 +6,7 @@ from setuptools import setup
setup(
name = 'jwcrypto',
version = '0.3.1',
version = '0.3.2',
license = 'LGPLv3+',
maintainer = 'JWCrypto Project Contributors',
maintainer_email = 'simo@redhat.com',
......