Bug 1393431 (CVE-2016-9243)

Summary: CVE-2016-9243 python-cryptography: HKDF might return an empty byte-string
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: apevec, ayoung, cheimes, chrisw, cvsbot-xmlrpc, itamar, jschluet, kbasil, lhh, lpeer, markmc, nick, npmccallum, rbryant, rhos-maint, sclewis, tdecacqu, terrycwk1994
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: python-cryptography 1.5.3 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 03:01:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1393432    
Bug Blocks: 1393433    

Description Andrej Nemec 2016-11-09 14:36:53 UTC 
Cryptography 1.5.3 release fixed one security issue.

HKDF would return an empty byte-string if used with a length less than algorithm.digest_size.

References:

https://cryptography.io/en/latest/changelog/#id1

Upstream bug:

https://github.com/pyca/cryptography/issues/3211

Upstream patch:

https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874
Comment 1 Andrej Nemec 2016-11-09 14:37:29 UTC 
Created python-cryptography tracking bugs for this issue:

Affects: fedora-all [bug 1393432]
Comment 2 Huzaifa S. Sidhpurwala 2016-11-10 07:57:20 UTC 
Data returned by the HKDF() are deemed to be cryptographically strong keys, which can be used by other cryptrographical primitives like ciphers to encrypt secret data. When HKDF() returns empty strings, then depending on the primitive used, it could mean weak encryption or perhaps no encryption at all.